示例#1
0
def redirect_to_bloomberg_sso():
    sso_settings = current_app.config.get('BSSO_SETTINGS')
    auth = OneLogin_Saml2_Auth(prepare_onelogin_request(), sso_settings)
    next_url = (is_own_url_or_else(request.args.get('next'),
                                   url_for('home.home'))
                or url_for('home.home'))
    return redirect(auth.login(return_to=next_url))
示例#2
0
def _sign_in_user(user, next_url=None):
    brand = current_app.config['BRAND']
    if not user:
        flash(
            gettext('There was a problem signing you in. '
                    'Please contact your {} administrator.'.format(brand)),
            'error')
        return redirect(url_for('home.home'))
    if not user.enabled:
        flash(
            gettext('Your account is disabled. '
                    'Please contact your {} administrator.'.format(brand)),
            'error')
        return redirect(url_for('home.home'))
    login_user(user, remember=False)
    user.last_login = model.make_timestamp()
    user_repo.update(user)
    next_url = (next_url or is_own_url_or_else(request.args.get('next'),
                                               url_for('home.home'))
                or url_for('home.home'))
    if (current_app.config.get('MAILCHIMP_API_KEY')
            and newsletter.ask_user_to_subscribe(user)):
        return redirect_content_type(
            url_for('account.newsletter_subscribe', next=next_url))
    return redirect_content_type(next_url)
示例#3
0
def _sign_in_user(user):
    login_user(user, remember=False)
    user.last_login = model.make_timestamp()
    user_repo.update(user)
    next_url = (is_own_url_or_else(request.args.get('next'),
                                   url_for('home.home'))
                or url_for('home.home'))
    if (current_app.config.get('MAILCHIMP_API_KEY')
            and newsletter.ask_user_to_subscribe(user)):
        return redirect_content_type(
            url_for('account.newsletter_subscribe', next=next_url))
    return redirect_content_type(next_url)
示例#4
0
def signin():
    """
    Signin method for PYBOSSA users.

    Returns a Jinja2 template with the result of signing process.

    """
    form = LoginForm(request.body)
    isLdap = current_app.config.get('LDAP_HOST', False)
    if (request.method == 'POST' and form.validate() and isLdap is False):
        password = form.password.data
        email_addr = form.email.data.lower()
        user = user_repo.search_by_email(email_addr=email_addr)
        if user and not user.enabled:
            brand = current_app.config['BRAND']
            flash(
                gettext('Your account is disabled. '
                        'Please contact your {} administrator.'.format(brand)),
                'error')
            return redirect(url_for('home.home'))
        if user and user.check_password(password):
            if not current_app.config.get('ENABLE_TWO_FACTOR_AUTH'):
                msg_1 = gettext('Welcome back') + ' ' + user.fullname
                flash(msg_1, 'success')
                return _sign_in_user(user)
            else:
                _email_two_factor_auth(user)
                url_token = otp.generate_url_token(user.email_addr)
                next_url = is_own_url_or_else(request.args.get('next'),
                                              url_for('home.home'))
                return redirect_content_type(
                    url_for('account.otpvalidation',
                            token=url_token,
                            next=next_url))
        elif user:
            msg, method = get_user_signup_method(user)
            if method == 'local':
                msg = gettext('Ooops, Incorrect email/password')
                flash(msg, 'error')
            else:
                flash(msg, 'info')
        else:
            msg = gettext("Ooops, we didn't find you in the system, \
                          did you sign up?")
            flash(msg, 'info')

    if (request.method == 'POST' and form.validate() and isLdap):
        password = form.password.data
        cn = form.email.data
        ldap_user = None
        if ldap.bind_user(cn, password):
            ldap_user = ldap.get_object_details(cn)
            key = current_app.config.get('LDAP_USER_FILTER_FIELD')
            value = ldap_user[key][0]
            user_db = user_repo.get_by(ldap=value)
            if (user_db is None):
                keyfields = current_app.config.get('LDAP_PYBOSSA_FIELDS')
                user_data = dict(
                    fullname=ldap_user[keyfields['fullname']][0],
                    name=ldap_user[keyfields['name']][0],
                    email_addr=ldap_user[keyfields['email_addr']][0],
                    valid_email=True,
                    ldap=value,
                    consent=True)
                create_account(user_data, ldap_disabled=False)
            else:
                login_user(user_db, remember=True)
        else:
            msg = gettext("User LDAP credentials are wrong.")
            flash(msg, 'info')

    if request.method == 'POST' and not form.validate():
        flash(gettext('Please correct the errors'), 'error')
    auth = {'twitter': False, 'facebook': False, 'google': False}
    if current_user.is_anonymous():
        # If Twitter is enabled in config, show the Twitter Sign in button
        if (isLdap is False):
            if ('twitter' in current_app.blueprints):  # pragma: no cover
                auth['twitter'] = True
            if ('facebook' in current_app.blueprints):  # pragma: no cover
                auth['facebook'] = True
            if ('google' in current_app.blueprints):  # pragma: no cover
                auth['google'] = True
        next_url = is_own_url_or_else(request.args.get('next'),
                                      url_for('home.home'))
        response = dict(template='account/signin.html',
                        title="Sign in",
                        form=form,
                        auth=auth,
                        next=next_url)
        return handle_content_type(response)
    else:
        # User already signed in, so redirect to home page
        return redirect_content_type(url_for("home.home"))