def decorated_function(env, csrf_clerk):
get_vars = util.retrieve_get_vars(env)
post_vars = util.retrieve_post_vars(env)
session = turbo_session.get_session(env)
account = turbo_session.retrieve_oauth_account(session)
# Start OAuth
cookie_set = int(get_vars.get('cookie_set', [0])[0])
# Failed to set cookie, tell user to enable cookies
if(account is None and min_access_level >= ACL.turbo and
cookie_set == 1):
return error_view('Login Error',
'Failed to create session. Try to enable '
' cookies for this site.')
elif(account is None and min_access_level >= ACL.turbo):
# Show Auth Error in headless mode
if(headless):
return error_view('Auth Error', 'You are not logged in.',
nav, headless=True)
redirect_uri = turbo_views['oauth-callback'].uri
oauth = turbo_session.OAuth2Session(
config.mastodon.client_id,
redirect_uri=redirect_uri,
scope=config.mastodon.scope)
authorization_url, state = oauth.authorization_url(
config.mastodon.authorize_url,
turbo_session.generate_state(env, csrf_clerk)
)
status = '307 Temporary Redirect'
response_body = ''
response_headers = [('Location', str(authorization_url))]
# Redirect to url without cookie_set parameter
elif(cookie_set == 1):
status = '307 Temporary Redirect'
response_body = ''
response_headers = [
('Location', util.build_url(env['PATH_INFO']))
]
# Display View
else:
user = User.create(account)
access_level = User.get_access_level(user)
if access_level < min_access_level:
return error_view('Missing Privileges',
'You do not have the required '
'permissions to access this.',
access_level=access_level)
response_body, response_headers, status = func(
env, get_vars, post_vars, csrf_clerk, session, user
)
return response_body, response_headers, status
def decorated_function(env, csrf_clerk):
post_vars = util.retrieve_post_vars(env)
session = turbo_session.get_session(env)
account = turbo_session.retrieve_oauth_account(session)
status = '200 OK'
if account is None:
return {'error': 'Couldn\'t authenticate user.'}, status
csrf_token = post_vars.get('csrf_token', [''])[0]
if csrf_check and not csrf_clerk.validate(session, csrf_token):
return {'error': 'CSRF token verification failed.'}, status
user = User.create(account)
access_level = User.get_access_level(user)
if access_level < min_access_level:
return {'error': 'You do not have the required permissions.'}
response = func(post_vars, user)
if csrf_check:
# create new csrf token for next api call
response['csrf_token'] = csrf_clerk.register(session)
return response, status
def main_view(env, csrf_clerk):
page_data = basic_page_data('main')
response_body = 'Template Render Error.'
response_headers = util.basic_response_header(response_body)
status = '200 OK'
session = turbo_session.get_session(env)
account = turbo_session.retrieve_oauth_account(session)
# Couldn't auth based on session. Start fresh OAuth 2.0 handshake
if(account is None):
if(session is not None):
redirect_uri = turbo_views['oauth-callback'].uri
oauth = turbo_session.OAuth2Session(
config.mastodon.client_id,
redirect_uri=redirect_uri,
scope=config.mastodon.scope
)
authorization_url, state = oauth.authorization_url(
config.mastodon.authorize_url,
turbo_session.generate_state(env, csrf_clerk)
)
status = '307 Temporary Redirect'
response_body = ''
response_headers = [('Location', str(authorization_url))]
# Not yet authenticated and no old session
else:
page_data['nav'] = turbo_nav.generate_html('main')
page_data['login_uri'] = turbo_views['login'].path
response_body = templates.render('main', page_data)
response_headers = util.basic_response_header(response_body)
# Display Account Information
else:
status = '307 Temporary Redirect'
response_body = ''
response_headers = [
('Location', turbo_views['account'].uri)
]
return response_body, response_headers, status
def authenticate(self, env):
session = turbo_session.get_session(env)
account = turbo_session.retrieve_oauth_account(session)
if account:
return User.create(account)
return None