示例#1
0
def create_or_login(response):
    '''
    This is the hook for OpenID.try_login and is being called after a response
    has been received.
    '''

    session['user'] = {}
    session['openid'] = response.identity_url

    user = g.user or User.query.filter_by(openid=response.identity_url).first()

    if user is None:
        name = response.fullname or response.nickname
        session['user']['email'] = response.email
        params = dict(next=oid.get_next_url(), name = name)
        return redirect(url_for('.first_login', **params))

    g.user = user
    identity = Identity(user.id)

    # Notify Principal of the identity change
    identity_changed.send(
        current_app._get_current_object(),
        identity = identity
    )

    if user.openid != response.identity_url:
        user.openid = response.identity_url
        db_session.commit()
        flash(u'OpenID identity changed')
    else:
        flash(u'Successfully signed in', 'hurray')

    return redirect(oid.get_next_url())
示例#2
0
文件: account.py 项目: whypro/vieboo
def login():
    # 已登录用户则返回首页
    if g.user.is_authenticated:
        return redirect(url_for('frontend.index'))

    login_form = LoginForm()
    if login_form.validate_on_submit():
        people = People.query.authenticate(
            login_form.login.data,
            login_form.password.data,
        )

        if people:
            login_user(people, remember=login_form.remember.data)
            # Flask-Principal 发送信号
            identity_changed.send(current_app._get_current_object(), identity=Identity(people.id))
            print 'sent by login'
            ip = get_client_ip()
            login_log = LoginLog(people.id, ip)
            db.session.add(login_log)
            db.session.commit()

            flash('登录成功', 'success')
            return redirect(url_for('frontend.index'))
        else:
            flash('登录失败', 'warning')

    return render_template('login.html', form=login_form)
示例#3
0
def signup():

    form = SignupForm(next=request.args.get('next',None))

    if form.validate_on_submit():

        code = UserCode.query.filter_by(code=form.code.data).first()

        if code:
            user = User(role=code.role)
            form.populate_obj(user)

            db.session.add(user)
            db.session.delete(code)
            db.session.commit()

            identity_changed.send(current_app._get_current_object(),
                                  identity=Identity(user.id))

            flash(_("Welcome, %(name)s", name=user.nickname), "success")

            next_url = form.next.data

            if not next_url or next_url == request.path:
                next_url = url_for('frontend.blog', username=user.username)

            return redirect(next_url)
        else:
            form.code.errors.append(_("Code is not allowed"))

    return render_template("account/signup.html", form=form)
示例#4
0
def login_user(user, remember=None):
    """Performs the login and sends the appropriate signal."""

    if remember is None:
        remember = config_value('DEFAULT_REMEMBER_ME')

    if not _login_user(user, remember):
        return False

    if _security.trackable:
        old_current_login, new_current_login = user.current_login_at, datetime.utcnow()
        remote_addr = request.remote_addr or 'untrackable'
        old_current_ip, new_current_ip = user.current_login_ip, remote_addr

        user.last_login_at = old_current_login or new_current_login
        user.current_login_at = new_current_login
        user.last_login_ip = old_current_ip or new_current_ip
        user.current_login_ip = new_current_ip
        user.login_count = user.login_count + 1 if user.login_count else 1

        _datastore.put(user)

    identity_changed.send(current_app._get_current_object(),
                          identity=Identity(user.id))
    return True
示例#5
0
def login():

    form = LoginForm(login=request.args.get('login',None),
                     next=request.args.get('next',None))

    if form.validate_on_submit():

        user, authenticated = User.query.authenticate(form.login.data,
                                                      form.password.data)

        if user and authenticated:
            session.permanent = form.remember.data

            identity_changed.send(current_app._get_current_object(),
                                  identity=Identity(user.id))

            flash(_("Welcome back, %(name)s", name=user.username), "success")

            next_url = form.next.data

            if not next_url or next_url == request.path:
                next_url = url_for('frontend.blog', username=user.username)

            return redirect(next_url)

        else:

            flash(_("Sorry, invalid login"), "error")

    return render_template("account/login.html", form=form)
示例#6
0
def login():
	data = request.values
	if hasattr(request, "json") and request.json:
		data = request.json

	if octoprint.server.userManager.enabled and "user" in data and "pass" in data:
		username = data["user"]
		password = data["pass"]

		if "remember" in data and data["remember"] in valid_boolean_trues:
			remember = True
		else:
			remember = False

		if "usersession.id" in session:
			_logout(current_user)

		user = octoprint.server.userManager.findUser(username)
		if user is not None:
			if octoprint.server.userManager.checkPassword(username, password):
				if not user.is_active():
					return make_response(("Your account is deactivated", 403, []))

				if octoprint.server.userManager.enabled:
					user = octoprint.server.userManager.login_user(user)
					session["usersession.id"] = user.session
					g.user = user
				login_user(user, remember=remember)
				identity_changed.send(current_app._get_current_object(), identity=Identity(user.get_id()))
				return jsonify(user.asDict())
		return make_response(("User unknown or password incorrect", 401, []))

	elif "passive" in data:
		return passive_login()
	return NO_CONTENT
示例#7
0
def change_password():

    user = None

    if g.user:
        user = g.user

    elif 'activation_key' in request.values:
        user = User.query.filter_by(
            activation_key=request.values['activation_key']).first()

    if user is None:
        abort(403)

    form = ChangePasswordForm(activation_key=user.activation_key)

    if form.validate_on_submit():

        user.password = form.password.data
        user.activation_key = None

        db.session.commit()

        flash(_("Your password has been changed, "
                "please log in again"), "success")
        # 修改成功后,强制用户退出
        identity_changed.send(current_app._get_current_object(),
                              identity=AnonymousIdentity())

        return redirect(url_for("account.login"))

    return render_template("change_password.html", form=form)
def facebook_authorized(response):
    if response is None:
        # In a real case, this should return error message/description
        return redirect(url_for('index'))

    next = request.args.get('next')
    token = response['access_token']

    me = GraphAPI.me(token).json()

    user = User.get_or_create(me['id'], me['name'], me['email'])

    if not user.is_active():
        return 'Your account has been deactivated. Contact the admin for it \
                to be reinstated.'

    login_user(user, remember=True)

    identity_changed.send(current_app._get_current_object(),
                          identity=Identity(user.id))

    if next:
        return redirect(next)

    return redirect(url_for('index'))
示例#9
0
def signup():

    form = SignupForm(next=request.args.get("next"))

    if form.validate_on_submit():

        user = User()
        form.populate_obj(user)

        db.session.add(user)
        db.session.commit()

        identity_changed.send(current_app._get_current_object(),
                              identity=Identity(user.id))

        flash(_("Welcome, %(name)s", name=user.username), "success")

        next_url = form.next.data

        if not next_url or next_url == request.path:
            next_url = url_for('user.posts', username=user.username)

        return redirect(next_url)

    return render_template("signup.html", form=form)
示例#10
0
文件: api.py 项目: rudimk/flamingo
    def delete(self, id):
        for key in ("identity.name", "identity.auth_type"):
            session.pop(key, None)

        identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
        logout_user()
        return jsonify_status_code(self._get_response(), http.NO_CONTENT)
示例#11
0
def logout():
    logout_user()

    # notify the change of role
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())
    return redirect("/")
示例#12
0
def login():
    """Handle login; show form or process results."""

    form = LoginForm()
    openid_form = OpenIDForm()

    if openid_form.validate_on_submit():
        return oid.try_login(
            openid_form.openid.data,
            ask_for=['nickname', 'email'],
            ask_for_optional=['fullname'],
        )

    if form.validate_on_submit():
        user = User.query.filter_by(username=form.username.data).one()
        login_user(user, remember=form.remember.data)
        identity_changed.send(current_app._get_current_object(), identity=Identity(user.id))
        flash("You have been logged in.", category="success")
        return redirect(url_for('blog.home'))

    openid_errors = oid.fetch_error()
    if openid_errors:
        flash(openid_errors, category='danger')

    return render_template('login.html', form=form, openid_form=openid_form)
示例#13
0
文件: forms.py 项目: Bytesu/WanMuJia
 def login(self):
     distributor = Distributor.query.filter_by(username=self.username.data).limit(1).first()
     if distributor and distributor.verify_password(self.password.data):
         login_user(distributor)
         identity_changed.send(current_app._get_current_object(), identity=Identity(distributor.get_id()))
         return True
     return False
示例#14
0
def login():
    acl_back = current_app.config.get('MTJ_ACL')
    if not acl_back:
        raise SiteAclMissingError

    if request.method == 'GET':
        result = render_template('login.jinja', next=request.args.get('n'))
        return result

    error = None
    login = request.form.get('login')
    password = request.form.get('password')
    access_token = acl_back.authenticate(login, password)

    if access_token:
        flash('Welcome %s' % access_token['login'])
        identity_changed.send(current_app._get_current_object(),
            identity=AclIdentity(access_token))
        script_root = getattr(request, 'script_root', '')
        return redirect(script_root + request.form.get('next', ''))
    else:
        error = 'Invalid credentials'

    result = render_template('login.jinja', error_msg=error,
        next=request.form.get('next'))
    return result
示例#15
0
    def decorated_function(*args, **kwargs):
        if not request.headers.get('Authorization'):
            response = jsonify(message='Missing authorization header')
            response.status_code = 401
            return response

        try:
            token = request.headers.get('Authorization').split()[1]
        except Exception as e:
            return dict(message='Token is invalid'), 403

        try:
            payload = jwt.decode(token, current_app.config['LEMUR_TOKEN_SECRET'])
        except jwt.DecodeError:
            return dict(message='Token is invalid'), 403
        except jwt.ExpiredSignatureError:
            return dict(message='Token has expired'), 403
        except jwt.InvalidTokenError:
            return dict(message='Token is invalid'), 403

        g.current_user = user_service.get(payload['sub'])

        if not g.current_user:
            return dict(message='You are not logged in'), 403

        # Tell Flask-Principal the identity changed
        identity_changed.send(current_app._get_current_object(), identity=Identity(g.current_user.id))

        return f(*args, **kwargs)
def oauthorized(resp):
    if resp is None:
        flash('You denied the request to sign in.')
    else:
        session['twitter_oauth'] = resp
        identity_changed.send(current_app._get_current_object(), identity=Identity(current_user()))
    return redirect(url_for('welcome_view'))
示例#17
0
def logout():
    """Handle logout."""

    logout_user()
    identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
    flash("You have been logged out.", category="success")
    return redirect(url_for('blog.home'))
示例#18
0
def login():
		form = loginform()

		if request.method == 'GET':
			return render_template('home/pages/login.html',form=form)

		username = form.username.data
		password = form.password.data
	
		user_accessed = user.query.filter_by(username=username).first()
	
		if user_accessed is None:
			flash(u'Username is incorrect')  # to log incorrect username
			return redirect(url_for('login'))
	
		if not user_accessed.verify_password(password):
			flash(u'Password is incorrect')  # to log incorrect password
			return redirect(url_for('login'))
		
		if not user_accessed.active:
			flash(u'Your account is inactive')  # to log inactive user
			return redirect(url_for('login'))
	
		login_user(user_accessed)

		identity_changed.send(app, identity=Identity(user_accessed.username))

		return dashboard()
示例#19
0
	def decorated_view(*args, **kwargs):
		# if OctoPrint hasn't been set up yet, abort
		if settings().getBoolean(["server", "firstRun"]) and (octoprint.server.userManager is None or not octoprint.server.userManager.hasBeenCustomized()):
			return make_response("OctoPrint isn't setup yet", 403)

		# if API is globally enabled, enabled for this request and an api key is provided that is not the current UI API key, try to use that
		apikey = getApiKey(request)
		if settings().get(["api", "enabled"]) and apiEnabled and apikey is not None and apikey != octoprint.server.UI_API_KEY:
			if apikey == settings().get(["api", "key"]):
				# master key was used
				user = ApiUser()
			else:
				# user key might have been used
				user = octoprint.server.userManager.findUser(apikey=apikey)

			if user is None:
				return make_response("Invalid API key", 401)
			if login_user(user, remember=False):
				identity_changed.send(current_app._get_current_object(), identity=Identity(user.get_id()))
				return func(*args, **kwargs)

		# call regular login_required decorator
		#TODO: remove this temporary disablement of login requirement
		#return login_required(func)(*args, **kwargs)
		return func(*args, **kwargs)
示例#20
0
def login():
	if octoprint.server.userManager is not None and "user" in request.values.keys() and "pass" in request.values.keys():
		username = request.values["user"]
		password = request.values["pass"]

		if "remember" in request.values.keys() and request.values["remember"] == "true":
			remember = True
		else:
			remember = False

		if "usersession.id" in session:
			_logout(current_user)

		user = octoprint.server.userManager.findUser(username)
		if user is not None:
			if octoprint.server.userManager.checkPassword(username, password):
				if octoprint.server.userManager is not None:
					user = octoprint.server.userManager.login_user(user)
					session["usersession.id"] = user.get_session()
					g.user = user
				login_user(user, remember=remember)
				identity_changed.send(current_app._get_current_object(), identity=Identity(user.get_id()))
				return jsonify(user.asDict())
		return make_response(("User unknown or password incorrect", 401, []))

	elif "passive" in request.values:
		return passive_login()
	return NO_CONTENT
示例#21
0
def login():
    form = LoginForm()
    if request.method == "GET":
        if current_user.is_anonymous():
            return render_template("user/login.html", form=form,
                                   error=request.args.get('error'),
                                   next_url=request.args.get('next'))
        return redirect("/")
    else:
        if form.validate_on_submit():
            username = form.username.data
            password = form.password.data
            try:
                user = apis.user.authenticate(username, password)
            except AuthenticateFailure:
                return render_template("user/login.html",
                                       error=_("invalid username or password"),
                                       form=form), 403
            if not login_user(user):
                return render_template("user/login.html",
                                       error=_("failed to login")), 403

            identity_changed.send(current_app._get_current_object(),
                                  identity=Identity(user.id))
            return redirect(request.args.get('next') or "/")
        return render_template("user/login.html",
                               error=_("please input username or password"),
                               form=form), 403
示例#22
0
文件: account.py 项目: luviiv/Smaug
def logout():

    flash(_("You are now logged out"), "success")
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())

    return redirect(url_for('account.login'))
示例#23
0
文件: run.py 项目: aahriman/cloud-asr
def login_google(token, userinfo, **params):
    login_user(users_model.upsert_user(userinfo))

    identity = Identity(userinfo['id'])
    identity_changed.send(app, identity = identity)

    return redirect(url_for('index'))
示例#24
0
def signup():

    if 'openid' not in session:
        abort(403)

    form = OpenIdSignupForm(next=request.args.get("next"),
                            username=request.args.get("name"),
                            email=request.args.get("email"))

    if form.validate_on_submit():

        user = User(openid=session.pop('openid'))
        form.populate_obj(user)

        db.session.add(user)
        db.session.commit()

        session.permanent = True

        identity_changed.send(current_app._get_current_object(),
                              identity=Identity(user.id))

        flash(_("Welcome, %%s") % user.username, "success")

        next_url = form.next.data or \
            url_for("user.posts", username=user.username)

        return redirect(next_url)

    return render_template("openid_signup.html", form=form)
示例#25
0
def login_user(user, remember=None):
    """Performs the login routine.

    :param user: The user to login
    :param remember: Flag specifying if the remember cookie should be set. Defaults to ``False``
    """

    if remember is None:
        remember = config_value('DEFAULT_REMEMBER_ME')

    if not _login_user(user, remember):  # pragma: no cover
        return False

    if _security.trackable:
        if 'X-Forwarded-For' not in request.headers:
            remote_addr = request.remote_addr or 'untrackable'
        else:
            remote_addr = request.headers.getlist("X-Forwarded-For")[0]

        old_current_login, new_current_login = user.current_login_at, datetime.utcnow()
        old_current_ip, new_current_ip = user.current_login_ip, remote_addr

        user.last_login_at = old_current_login or new_current_login
        user.current_login_at = new_current_login
        user.last_login_ip = old_current_ip or new_current_ip
        user.current_login_ip = new_current_ip
        user.login_count = user.login_count + 1 if user.login_count else 1

        _datastore.put(user)

    identity_changed.send(current_app._get_current_object(),
                          identity=Identity(user.id))
    return True
示例#26
0
 def login(username, blogger):
     this_user = TestUser(username)
     login_user(this_user)
     if blogger:
         identity_changed.send(current_app._get_current_object(),
                               identity=Identity(username))
     return redirect("/")
示例#27
0
def logout():
    """
    When the user accesses this route they are logged out.
    """

    cas_username_session_key = current_app.config['CAS_USERNAME_SESSION_KEY']
    cas_attributes_session_key = current_app.config['CAS_ATTRIBUTES_SESSION_KEY']

    if cas_username_session_key in flask.session:
        del flask.session[cas_username_session_key]

    if cas_attributes_session_key in flask.session:
        del flask.session[cas_attributes_session_key]

    if(current_app.config['CAS_AFTER_LOGOUT'] != None):
        redirect_url = create_cas_logout_url(
            current_app.config['CAS_SERVER'],
            current_app.config['CAS_LOGOUT_ROUTE'],
            current_app.config['CAS_AFTER_LOGOUT'])
    else:
        redirect_url = create_cas_logout_url(
            current_app.config['CAS_SERVER'],
            current_app.config['CAS_LOGOUT_ROUTE'])

    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())

    current_app.logger.debug('Redirecting to: {0}'.format(redirect_url))
    return flask.redirect(redirect_url)
示例#28
0
def login():
    if request.method == "GET":
        if current_user.is_anonymous():
            return render_template("auth/login.html", titlename=u'登录')
        return redirect("/")
    else:
        class LoginForm(Form):
            username = TextField()
            password = PasswordField()
            next_url = HiddenField()

        form = LoginForm(request.form)
        if form.validate():
            username = form.username.data
            password = form.password.data
            try:
                import lite_mms.apis as apis

                user = apis.auth.authenticate(username, password)
            except AuthenticateFailure:
                return render_template("auth/login.html", error=_(u"用户名或者密码错误"), titlename=u"请登录"), 403
            if not user.enabled:
                return render_template("auth/login.html", error=_(u"该账户已禁用, 请使用其它账户"), titlename=u"请登录"), 403
            if not login_user(user):
                return render_template("auth/login.html", error=_(u"登陆失败"), titlename=u"请登录"), 403

            identity_changed.send(current_app._get_current_object(), identity=Identity(user.id))
            return redirect(form.next_url.data or "/")
        else:
            return render_template("auth/login.html", error=_(u"请输入用户名及密码"), titlename=u"请登录"), 403
示例#29
0
def login():
    user = User("testuser")
    login_user(user)

    # notify the change of role
    identity_changed.send(current_app._get_current_object(), identity=Identity("testuser"))
    return redirect("/blog")
示例#30
0
    def n():
        i = mkadmin()
        identity_changed.send(app, identity=i)
        with admin_denied.required():
            pass

        return Response("OK")
示例#31
0
def login():
    if request.method == 'POST':
        username = request.form.get('username')
        identity_changed.send(app, identity=Identity(username))
        flash(u'login success')
        return redirect(url_for('login'))
    else:
        return render_template('form.html')
示例#32
0
    def delete(self, id):
        for key in ('identity.name', 'identity.auth_type'):
            session.pop(key, None)

        identity_changed.send(current_app._get_current_object(),
                              identity=AnonymousIdentity())
        logout_user()
        return jsonify_status_code(self._get_response(), http.NO_CONTENT)
示例#33
0
def logout():
    logout_user()

    for key in ['identity.name', 'identity.auth_type']:
        session.pop(key, None)
    identity_changed.send(app, identity=AnonymousIdentity())

    return redirect(url_for('index'))
示例#34
0
def logout():
    logout_user()
    for key in ('identity.name', 'identity.auth_type'):
        session.pop(key, None)
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())
    flash(u'您已经登出')
    return redirect(url_for('main.index'))
示例#35
0
文件: api.py 项目: Dr-Bean/spkrepo
 def wrapper(*args, **kwargs):
     if request.authorization and request.authorization.type == 'basic':
         user = user_datastore.find_user(api_key=request.authorization.username)
         if user and user.has_role('developer'):
             _request_ctx_stack.top.user = user
             identity_changed.send(current_app._get_current_object(), identity=Identity(user.id))
             return f(*args, **kwargs)
     abort(401)
示例#36
0
def logout_user():
    """Logs out the current. This will also clean up the remember me cookie if it exists."""

    for key in ('identity.name', 'identity.auth_type'):
        session.pop(key, None)
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())
    _logout_user()
示例#37
0
def login():
    user = User("testuser")
    login_user(user)

    # notify the change of role
    identity_changed.send(current_app._get_current_object(),
                          identity=Identity("testuser"))
    return redirect("/blog")
示例#38
0
def logout():
    flash(u"You are logout", "success")
    # Remove session keys set by Flask-Principal
    for key in ('identity.id', 'identity.auth_type'):
        session.pop(key, None)
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())
    return redirect(url_for('account.login'))
示例#39
0
文件: web.py 项目: yix/MateDealer
def logout():
    #g.lock.unlock()
    logout_user()
    for key in ('identity.name', 'identity.auth_type'):
        session.pop(key, None)
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())
    return redirect(url_for('index'))
示例#40
0
def logout():
    logout_user()
    identity_changed.send(
        current_app._get_current_object(),
        identity=AnonymousIdentity()
    )

    return redirect(url_for('.home'))
示例#41
0
    def signin(self, email, password):
        from octoprint.server import userManager
        from astroprint.network.manager import networkManager

        user = None
        userLoggedIn = False

        online = networkManager().isOnline()

        if online:
            private_key = self.get_private_key(email, password)

            if private_key:
                public_key = self.get_public_key(email, private_key)

                if public_key:
                    #Let's protect the box now:
                    user = userManager.findUser(email)

                    if user:
                        userManager.changeUserPassword(email, password)
                        userManager.changeCloudAccessKeys(
                            email, public_key, private_key)
                    else:
                        user = userManager.addUser(email, password, public_key,
                                                   private_key, True)

                    userLoggedIn = True

        else:
            user = userManager.findUser(email)
            userLoggedIn = user and user.check_password(
                userManager.createPasswordHash(password))

        if userLoggedIn:
            login_user(user, remember=True)
            userId = user.get_id()

            self.settings.set(["cloudSlicer", "loggedUser"], userId)
            self.settings.save()

            boxrouterManager().boxrouter_connect()

            identity_changed.send(current_app._get_current_object(),
                                  identity=Identity(userId))

            #let the singleton be recreated again, so new credentials are taken into use
            global _instance
            _instance = None

            eventManager().fire(Events.LOCK_STATUS_CHANGED, userId)

            return True

        elif not online:
            raise AstroPrintCloudNoConnectionException()

        return False
示例#42
0
def logout():
    if 'user' in session:
        identity_changed.send(current_app._get_current_object(),
                              identity=AnonymousIdentity())
        for key in ('user', 'openid', 'identity.name', 'identity.auth_type'):
            session.pop(key, None)
        flash(u'Logged out')

    return redirect(url_for('home.index'))
示例#43
0
 def _post_logout(self):
     try:
         logout_user()
         identity_changed.send(current_app._get_current_object(),
                               identity=AnonymousIdentity())
         return Response.success()
     except Exception as ex:
         logger.error(ex)
         abort(500)
示例#44
0
def logout():
	# Remove session keys set by Flask-Principal
	for key in ('identity.id', 'identity.auth_type'):
		del session[key]
	identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())

	logout_user()

	return NO_CONTENT
示例#45
0
文件: forms.py 项目: xeonpc/WanMuJia
 def login(self):
     distributor = Distributor.query.filter_by(
         username=self.username.data).limit(1).first()
     if distributor and distributor.verify_password(self.password.data):
         login_user(distributor)
         identity_changed.send(current_app._get_current_object(),
                               identity=Identity(distributor.get_id()))
         return True
     return False
示例#46
0
    def post(self):
        if "onelogin" not in current_app.config.get("ACTIVE_PROVIDERS"):
            return "Onelogin is not enabled in the config.  See the ACTIVE_PROVIDERS section.", 404
        auth = OneLogin_Saml2_Auth(self.req,
                                   current_app.config.get("ONELOGIN_SETTINGS"))

        self.reqparse.add_argument('return_to',
                                   required=False,
                                   default=current_app.config.get('WEB_PATH'))
        self.reqparse.add_argument('acs', required=False)
        self.reqparse.add_argument('sls', required=False)

        args = self.reqparse.parse_args()

        return_to = args['return_to']

        if args['acs'] != None:
            # valids the SAML response and checks if successfully authenticated
            if self._consumer(auth):
                email = auth.get_attribute(
                    current_app.config.get("ONELOGIN_EMAIL_FIELD"))[0]
                user = User.query.filter(User.email == email).first()

                # if we get an sso user create them an account
                if not user:
                    user = User(
                        email=email,
                        active=True,
                        role=current_app.config.get('ONELOGIN_DEFAULT_ROLE')
                        # profile_picture=profile.get('thumbnailPhotoUrl')
                    )
                    db.session.add(user)
                    db.session.commit()
                    db.session.refresh(user)

                # Tell Flask-Principal the identity changed
                identity_changed.send(current_app._get_current_object(),
                                      identity=Identity(user.id))
                login_user(user)
                db.session.commit()
                db.session.refresh(user)

                self_url = OneLogin_Saml2_Utils.get_self_url(self.req)
                if 'RelayState' in request.form and self_url != request.form[
                        'RelayState']:
                    return redirect(auth.redirect_to(
                        request.form['RelayState']),
                                    code=302)
                else:
                    return redirect(current_app.config.get('BASE_URL'),
                                    code=302)
            else:
                return dict(message='OneLogin authentication failed.'), 403
        elif args['sls'] != None:
            return dict(message='OneLogin SLS not implemented yet.'), 405
        else:
            return redirect(auth.login(return_to=return_to))
示例#47
0
文件: forms.py 项目: xeonpc/WanMuJia
 def login(self):
     privilege = Privilege.query.filter_by(username=self.username.data).limit(1).first() or \
         Privilege.query.filter_by(email=self.username.data).limit(1).first()
     if privilege and privilege.verify_password(self.password.data):
         login_user(privilege)
         identity_changed.send(current_app._get_current_object(),
                               identity=Identity(privilege.get_id()))
         return True
     return False
示例#48
0
def logout():
    # Remove the user information from the session
    logout_user()
    # Remove session keys set by Flask-Principal
    for key in ('identity.name', 'identity.auth_type', 'hippo_user', 'crumbs'):
        session.pop(key, None)
    # Tell Flask-Principal the user is anonymous
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())
    return redirect(request.args.get('next') or '/')
示例#49
0
文件: account.py 项目: kdyq007/qblog
def logout():
    anon = AnonymousIdentity()
    identity_changed.send(current_app._get_current_object(), identity=anon)
    g.user = None
    # next_url = request.referrer
    # next_url = "%s?next=%s" % (url_for("account.login"), next_url)
    # current_app.logger.info(next_url)
    # if next_url:
    #     return redirect(next_url)
    return redirect(url_for('account.login'))
示例#50
0
def logout():
    """View function for logout."""

    logout_user()
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())

    flash("You have been logged out.", category="success")
    #return redirect(url_for('blog.home'))
    return redirect(url_for('main.login'))
示例#51
0
	def signout(self):
		from flask import session

		logout_user()

		for key in ('identity.name', 'identity.auth_type'):
			session.pop(key, None)

		identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
		self.remove_logged_user()
示例#52
0
文件: views.py 项目: sanheart/SMS
def logout():
    logout_user()
    # Remove session keys set by Flask-Principal
    for key in ('identity.name', 'identity.auth_type'):
        session.pop(key, None)

    # Tell Flask-Principal the user is anonymous
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())
    return redirect(url_for('index'))
示例#53
0
def login():
    user = controller.login_user(request.form['email'], request.form['pass'])
    if user is not None:
        login_user(DbUser(user))
        identity_changed.send(current_app._get_current_object(),
                              identity=Identity(user.id))
    else:
        #TODO: Error page
        pass
    return redirect(url_for('book_mgr'))
示例#54
0
def admin_login():
    login_form = LoginForm(csrf_enabled=current_app.config['CSRF_ENABLED'])
    if login_form.validate_on_submit():
        administration = Privilege.query.filter_by(username=login_form.username.data).first()
        if administration and administration.verify_password(login_form.password.data):
            login_user(administration)
            identity_changed.send(current_app._get_current_object(), identity=Identity(administration.get_id()))
            return redirect('/admin')
        flash('wrong username or password')
    return render_template('admin/login.html', login_form=login_form)
示例#55
0
文件: user.py 项目: linkexf/story
def login():
    form = LoginForm(request.form)
    if request.method == "POST" and form.validate():
        user, authenticated = User.query.authenticate(form.name.data,
                                                      form.password.data)
        if user and authenticated:
            identity_changed.send(current_app._get_current_object(),
                                  identity=Identity(user.pk))
            return redirect('/user')
    return render_template('login.html', form=form)
def logout():
    logout_user()

    identity_changed.send(
        current_app._get_current_object(),
        identity=AnonymousIdentity()
    )

    flash("You have been logged out.", category="success")
    return redirect(url_for('.login'))
示例#57
0
        def logout():
            for value in ('identity.name', 'identity.auth_type'):
                session.pop(value, None)

            identity_changed.send(app, identity=AnonymousIdentity())
            logout_user()

            redirect_url = find_redirect(POST_LOGOUT_KEY)
            logger.debug(DEBUG_LOGOUT % redirect_url)
            return redirect(redirect_url)
示例#58
0
文件: forms.py 项目: xeonpc/WanMuJia
 def register(self):
     user = User(
         password=self.password.data,
         mobile=self.mobile.data,
         email='',
     )
     db.session.add(user)
     db.session.commit()
     login_user(user)
     identity_changed.send(current_app._get_current_object(), identity=Identity(user.get_id()))
     return user
示例#59
0
def login(model, form):
    if model == User or model == Distributor:
        instance = _get_login_instance(model, form.username.data, 'username')
    else:
        instance = _get_login_instance(model, form.username.data)
    if instance and instance.verify_password(form.password.data):
        login_user(instance)
        identity_changed.send(current_app._get_current_object(),
                              Identity(instance.get_id()))
        return instance
    return False
示例#60
0
def logout():
    # Remove the user information from the session
    logout_user()
    # Remove session keys set by Flask-Principal
    for key in ('identity.name', 'identity.auth_type'):
        session.pop(key, None)
           
    identity_changed.send(current_app._get_current_object(),
                          identity=AnonymousIdentity())
    flash(u"你已登出。", "successfully")
    return redirect(request.args.get('next') or url_for('home.index'))