示例#1
0
 def get(self):
     
     username = request.args.get('username', None)
     password = request.args.get('password', None)
     token = request.args.get('token', None)
     app_key = request.args.get('app_key', None)
     if not (username and (password or token) and app_key):
         return {'message' : 'Missing username, password, token, and/or app_key.'}, 400
     if app_key != current_app.config['JIRA_APP_KEY']:
         return {'message' : 'Incorrect app_key.'}, 400
     user = None
     if token:
         user = get_user_from_token(token, username)
         if user and user.token.active:
             return {'token' : token}
         elif not password:
             return {'message' : 'Invalid token.'}, 400
     if password:
         user = PocketChangeUser(None, username, password)
         if user.is_authenticated():
             User = sqlalchemy_db.models['User']
             try:
                 db_user = (sqlalchemy_db.session.query(User)
                            .filter(User.name==user.name).one())
             except:
                 db_user = User(name=user.name)
                 sqlalchemy_db.session.add(db_user)
                 sqlalchemy_db.session.commit()
                 user.token = db_user.get_new_token(current_app.secret_key[:16],
                                                    expires=timedelta(hours=6),
                                                    max_uses=1)
         sqlalchemy_db.session.commit()
         return {'token' : user.token.value}
     else:
         return {'message' : 'Bad username and/or password.'}, 400
示例#2
0
 def get(self):
     
     app_key = request.args.get('app_key', None)
     username = request.args.get('username', None)
     password = request.args.get('password', None)
     token = request.args.get('token', None)
     user = None
     if app_key and app_key == current_app.config['JIRA_APP_KEY']:
         if username:
             if token:
                 print token, username
                 user = get_user_from_token(token, username)
                 used = False
                 if user:
                     used = user.token.use()
                     if used:
                         sqlalchemy_db.session.merge(user.token)
                         sqlalchemy_db.session.commit()
                 elif not password and not used:
                     print 'inv'
                     return {'message' : 'Invalid token.'}, 400
             if password:
                 user = PocketChangeUser(None, username, password)
                 if user.is_authenticated():
                     User = sqlalchemy_db.models['User']
                     try:
                         db_user = (sqlalchemy_db.session.query(User)
                                    .filter(User.name==user.name).one())
                     except:
                         db_user = User(name=user.name, password=password)
                         sqlalchemy_db.session.add(db_user)
                         sqlalchemy_db.session.commit()
                     user.token = db_user.get_new_token(current_app.secret_key[:16],
                                                        expires=timedelta(hours=6),
                                                        max_uses=1)
                     user.token.use()
                     sqlalchemy_db.session.commit()
                 else:
                     return {'message' : 'Invalid username/password.'}, 400
             if not user:
                 return {'message' : 'Must provide password or token.'}, 400
         else:
             return {'message' : 'Must provide username.'}, 400
     else:
         return {'message' : 'app_key missing or invalid.'}, 400
     with open(current_app.config['JIRA_RSA_KEY_FILE'], 'r') as rsa_file:
         rsa_data = rsa_file.read()
     if hasattr(user.user, 'jira') and user.user.jira and user.user.jira.active:
         return {'rsa_key' : rsa_data,
                 'oauth_secret' : user.user.jira.oauth_secret,
                 'oauth_token' : user.user.jira.oauth_token}
     else:
         return {'message' : "User's token is expired or revoked."}, 400
示例#3
0
def login():
    
    if request.method == 'POST':
        username = request.form.get('username', '')
        password = request.form.get('password', '')
        user = PocketChangeUser(None, username, password)
        User = sqlalchemy_db.models['User']
        try:
            db_user = (sqlalchemy_db.session.query(User)
                       .filter(User.name==user.name).one())
        except:
            db_user = None
            user = PocketChangeUser(None, username, password)
        else:
            user = PocketChangeUser(db_user, password=password)
        if user.is_authenticated():
            User = sqlalchemy_db.models['User']
            if db_user:
                user.populate_name_from_database()
            else:
                db_user = User(name=user.name)
                db_user.password = password
                sqlalchemy_db.session.add(db_user)
                sqlalchemy_db.session.commit()
            user.token = db_user.get_new_token(current_app.secret_key[:16],
                                               expires=datetime.now() + login_lifetime)
            sqlalchemy_db.session.commit()
            session['username'] = user.name
            login_user(user)
            return 'logged in'
        else:
            return 'login failed'
    else:
        return render_template('login.html')