def test_load_permissions_on_identity_loaded(app): """Check that the needs are loaded properly in the user Identity.""" InvenioAccess(app) with app.test_request_context(): identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) assert g.identity.provides == {any_user} with app.test_request_context(): user = testutils.create_test_user('*****@*****.**') login_user(user) assert g.identity.provides == { any_user, authenticated_user, UserNeed(user.id) } logout_user() # FIXME: The user is still authenticatd when the identity loader # is called during logout. We could filter on AnonymousIdentity, but # This would be inconsistent as the UserNeed(user.id) is still there. # This will pass even if it is unexpected: # assert g.identity.provides == { # any_user, authenticated_user, UserNeed(user.id) # } # Forcing the identity to reload again cleans the mess. In practice # this won't be needed as the identity is reloaded between requests. identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) assert g.identity.provides == {any_user}
def logoutsponsor(): """User log-out logic.""" logout_user() # tell flask principal the user is annonymous identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) # print annonymousidentity to console identity_object = AnonymousIdentity() # printing identity_object to console for verification print('Sent: ', identity_object, ' ...to current_app', file=sys.stderr) return redirect(url_for('auth_bp.login'))
def stop_frontdesk(): Work = work.query.filter(work.employeeID == current_user.employeeID, work.endTimeAuto == None, work.endTimeManual == None).first() if Work == None: flash("No work have been started, please start a new session", "danger") return redirect(url_for('startstop_frontdesk')) code = work.query.filter(work.employeeID == current_user.employeeID, work.endTimeAuto == None, work.endTimeManual == None).first() if code: limit = timedelta(days=1, hours=0, minutes=0, seconds=0) if ((datetime.now() - code.startTimeAuto) > limit) or ( (datetime.now() - code.startTimeManual) > limit): code.endTimeAuto = datetime(9999, 1, 1, 1, 1, 1) code.endTimeManual = datetime(9999, 1, 1, 1, 1, 1) db.session.commit() flash( "Start time exceeds 24 hours, please contact Ken/Brandon to adjust previous work", "danger") return render_template('startstop_frontdesk.html') Work.endTimeManual = datetime.now() Work.endTimeAuto = datetime.now() db.session.commit() logout_user() identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash("successfully stopped this shift!", "success") return redirect(url_for('home'))
def get(self): """ Log user out by revoking his auth tokens. --- description: Once logged out, current user cannot access the API anymore. tags: - Authentification responses: 200: description: Logout successful 500: description: Access token not found """ try: logout() identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) except KeyError: return {"Access token not found."}, 500 logout_data = {"logout": True} if is_from_browser(request.user_agent): response = jsonify(logout_data) unset_jwt_cookies(response) return response else: return logout_data
def logout(): """Log out the current user""" logout_user() identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) return redirect(url_for('auth.login'))
def logout_user(): """Logs out the current user. This will also clean up the remember me cookie if it exists. This sends an ``identity_changed`` signal to note that the current identity is now the `AnonymousIdentity` """ for key in ("identity.name", "identity.auth_type", "fs_paa", "fs_gexp"): session.pop(key, None) # Clear csrf token between sessions. # Ideally this would be handled by Flask-WTF but... # We don't clear entire session since Flask-Login seems to like having it. csrf_field_name = find_csrf_field_name() if csrf_field_name: session.pop(csrf_field_name, None) # Flask-WTF 'caches' csrf_token - and only set the session if not already # in 'g'. Be sure to clear both. This affects at least /confirm g.pop(csrf_field_name, None) session["fs_cc"] = "clear" identity_changed.send( current_app._get_current_object(), identity=AnonymousIdentity() ) _logout_user()
def logout(): logout_user() # notify the change of role identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) return redirect("/")
def update_user(user=None): """ Install the user as current user of the app. Setup the g.current_user variable. Add the user to the session. Update Flask-Principal. If no user, install AnonymousIdentity """ if user: db.session.add(user) db.session.commit() g.current_user = user # Tell Flask-Principal the identity changed identity = Identity(user.id) identity.user = user # By default we can self need identity.provides.add(UserNeed(user.id)) # Add roles for role in user.roles: identity.provides.add(RoleNeed(role.name)) identity_changed.send(current_app._get_current_object(), identity=identity) else: # Tell Flask-Principal the user is anonymous identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity())
def logout(): """ log the user out """ # persist the user's logout time before loging them out hist = ( AuthHistory.query.filter_by(user_id=current_user.id) .order_by(AuthHistory.login.desc()) .first() ) if hist is not None: hist.logout = datetime.now() db.session.add(hist) db.session.commit() # handy-dandy convenience function from Flask-Login to log the user out and invalidate # their session logout_user() # remove session keys set by Flask-Principal for key in ("identity.id", "identity.auth_type"): session.pop(key, None) # tell flask-principal the user is anonymous identity_changed.send( current_app._get_current_object(), identity=AnonymousIdentity() ) return redirect(url_for("auth.login"))
def logout(): next_url = request.args.get('next') logout_user() identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash(u"注销成功!", category="success") return redirect(next_url or url_for('blog.index'))
def add_permissions(self, item, **kwargs): """Add permissions to record. :param item: Dict representing the record. :returns: Modified dict. """ service = sonar.service('projects') identity = g.get('identity', AnonymousIdentity()) item['metadata']['permissions'] = { 'read': service.permission_policy('read', **{ 'record': item }).allows(identity), 'update': service.permission_policy('update', **{ 'record': item }).allows(identity), 'delete': service.permission_policy('delete', **{ 'record': item }).allows(identity) } return item
def __call__(self, ids): """Return the mapping when evaluated.""" identity = AnonymousIdentity() if not self.cache: vocabs = current_service.read_many(identity, type=self.vocabulary, ids=ids, fields=self.fields) else: vocabs = current_service.read_all(identity, type=self.vocabulary, fields=self.fields) labels = {} vocab_list = list(vocabs.hits) # the service returns a generator ids = set(ids) seen = set() for vocab in vocab_list: # cannot loop over ids because vocab id is inside each item if len(ids) == len(seen): break id_ = vocab["id"] if id_ in ids: labels[id_] = lazy_get_label(vocab["title"]) seen.add(id_) return labels
def set_identity(): if current_user and not current_user.is_anonymous: if not hasattr(g, 'identity'): g.identity = Identity(current_user.id) else: if not hasattr(g, 'identity'): g.identity = AnonymousIdentity()
def logout(): """Remove the user and data from the session""" logout_user() identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash("You have been logged out.", category="success") return redirect(url_for('.login'))
def logout(): session.pop('name') # Using the Flask-Login to processing and check the logout status for user. logout_user() identity_changed.send(app._get_current_object(), identity=AnonymousIdentity()) return redirect(url_for('home.login'))
def logout(): logout_user() for key in ('identity.name', 'identity.auth_type'): session.pop(key, None) identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) return redirect(url_for('frame.index1'))
def get(self): logout_user() for key in ('identity.id', 'identity.auth_type'): session.pop(key, None) identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) return redirect(request.args.get('next') or '/')
def logout(): logout_user() # Tell Flask-Principal the user is anonymous identity_changed.send(auth, dentity=AnonymousIdentity()) return redirect(url_for('auth.login'))
def logout(): logout_user() #注销后身份变成匿名 identity_changed.send( current_app._get_current_object(), identity=AnonymousIdentity()) return redirect(url_for('auth.login'))
def user_passwd_edit(post_id): error = None # if not writer_permission.can(): # error = u'你没有验证账户,不能修改密码,请尽快验证账户.' # return jsonify(judge=False, error=error) form = EditPasswdForm() action = EditManager(post_id, form) if form.validate_on_submit() and request.method == "POST": user = User.query.filter_by(id=post_id).first() if check_password_hash(user.password, form.passwd.data): action.edit_user_passwd() flash('密码修改成功,请重新登陆') logout_user() for key in ('identity.id', 'identity.auth_type'): session.pop(key, None) identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) error = "密码修改" return jsonify(judge=True, error=error) else: error = u'密码错误,请重新输入' return jsonify(judge=False, error=error) else: if form.errors: return return_errors(form) else: pass return redirect(url_for('index.index'))
def logout(): for key in ['identity.id', 'identity.auth_type']: session.pop(key, None) logout_user() identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) return jsonify({"message": "User Logged Out."}), 200
def load_identity(): if request.path.startswith("/static/"): return AnonymousIdentity() reconfig = session.get('reload_roles', False) if reconfig: session.pop('reload_roles') username = session.get('user') if not username or reconfig: app.logger.debug("New user loaded") if app.config['DEBUG']: username = load_user_debug(app.config['ADMIN_USER']) else: username = load_user_header('REMOTE_USER') session['user'] = username roles = session.get('roles') if not roles or reconfig: user = User.query.filter_by(name=username).first() if not user: g.user = '******' return AnonymousIdentity() roles = [role.name for role in user.roles] if user.active else [] app.logger.debug("New roles loaded: %s", roles) session['roles'] = roles session['active'] = user.active user_groups = [x.group_name for x in user.groups] app.logger.debug("New group ACL loaded: %s->%s", username, user_groups) session['groups'] = user_groups identity = Identity(username) if session.get('active'): for role in roles: identity.provides.add(RoleNeed(role)) # Do we really want a Need() per group? Better to do it ourselves # for group in session.get('groups', []): # identity.provides.add(RoleNeed(group)) # Utilities stored in request context (g) g.user = username g.roles = roles g.can_change = lambda x: can_change_group(x.full_name) return identity
def setting(): '''用户设置''' error = None form = SettingForm() passwd_form = NewPasswdForm() mode = request.args.get('mode') if mode == 'setting': if form.validate_on_submit() and request.method == "POST": introduce = form.introduce.data school = form.school.data word = form.word.data current_user.infor.introduce = introduce current_user.infor.school = school current_user.infor.word = word db.session.commit() flash('资料更新成功') return jsonify(judge=True, error=error) else: if form.errors: return return_errors(form) else: pass return redirect(url_for('user.setting')) elif mode == 'password': if passwd_form.validate_on_submit() and request.method == "POST": user = User.query.filter_by(name=current_user.name).first() passwd = passwd_form.passwd.data rpasswd = passwd_form.rpasswd.data if not User.check_password(user.passwd, passwd): error = u'密码错误' return jsonify(judge=False, error=error) else: user.passwd = generate_password_hash(rpasswd) db.session.commit() logout_user() session.clear() for key in ('identity.id', 'identity.auth_type'): session.pop(key, None) identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash('密码修改成功,请重新登陆') return jsonify(judge=True, error=error) else: if passwd_form.passwd.errors: error = passwd_form.passwd.errors return jsonify(judge=False, error=error) elif passwd_form.npasswd.errors: error = passwd_form.npasswd.errors return jsonify(judge=False, error=error) else: return redirect(url_for('user.setting')) else: form.school.data = current_user.infor.school form.word.data = current_user.infor.word form.introduce.data = current_user.infor.introduce return render_template('user/user_settings.html', category=category, passwd_form=passwd_form, form=form)
def logout(): logout_user() identity_changed.send( current_app._get_current_object(), identity=AnonymousIdentity() ) flash("你已注销!", category="success") return redirect(url_for('blog.home'))
def logout(): logout_user() identity_changed.send( current_app._get_current_object(), identity=AnonymousIdentity() ) flash('注销成功', category='success') return redirect(url_for('bp_seq.index'))
def logout(): logout_user() # Notify flask principal that the user has logged out identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) return redirect(url_for('index.render_feed'))
def logout(): logout_user() for key in ('indentity_name', 'identity.auth_type'): session.pop(key, None) identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) next_url = request.args.get('next', '/') return redirect(next_url)
def logout(): logout_user() identity_changed.send(current_app._get_current_object(), identity=AnonymousIdentity()) flash('退出账户!', category='success') return redirect(url_for('.home'))
def logout(): logout_user() identity_changed.send( current_app._get_current_object(), identity=AnonymousIdentity() ) flash(u"成功退出", category='success') return redirect(url_for('basic.login'))
def logout(): logout_user() for key in ('identity.name', 'identity.auth_type'): session.pop(key, None) identity_changed.send(app, identity=AnonymousIdentity()) return redirect(url_for('login'))