def first_login():
with open(os.path.join(app.config['BASEDIR'], "allowed_openids")) as f:
allowed_openids = [x.strip() for x in f.readlines()]
with open(os.path.join(app.config['BASEDIR'], "allowed_emails")) as f:
allowed_emails = [x.strip() for x in f.readlines()]
if g.user is not None or 'openid' not in session:
return redirect(url_for('.login'))
if request.method == 'POST':
if 'cancel' in request.form:
del session['openid']
flash(u'Login was aborted')
return redirect(url_for('general.login'))
if (session['openid'] not in allowed_openids) and (request.form["email"] not in allowed_emails):
flash(u"Unauthorized user.")
del session['openid']
return redirect(url_for('general.logout'))
db_session.add(User(request.form['name'], session['openid'], request.form["email"]))
db_session.commit()
flash(u'Successfully created profile and logged in!')
return redirect(oid.get_next_url())
return render_template('general/first_login.html',
next=oid.get_next_url(),
openid=session['openid'])
def storeAssociation(self, server_url, association):
assoc = OpenIDAssociation(
server_url=server_url,
handle=association.handle,
secret=association.secret.encode('base64'),
issued=association.issued,
lifetime=association.lifetime,
assoc_type=association.assoc_type
)
db_session.add(assoc)
db_session.commit()
def useNonce(self, server_url, timestamp, salt):
if abs(timestamp - time()) > nonce.SKEW:
return False
rv = OpenIDUserNonce.query.filter(
(OpenIDUserNonce.server_url == server_url) &
(OpenIDUserNonce.timestamp == timestamp) &
(OpenIDUserNonce.salt == salt)
).first()
if rv is not None:
return False
rv = OpenIDUserNonce(server_url=server_url, timestamp=timestamp,
salt=salt)
db_session.add(rv)
db_session.commit()
return True