Package coprs :: Package views :: Module misc
[hide private]
[frames] | no frames]

Source Code for Module coprs.views.misc

  1  import base64 
  2  import datetime 
  3  import functools 
  4   
  5  import flask 
  6   
  7  from flask.ext.openid import OpenID 
  8   
  9  from coprs import app 
 10  from coprs import config 
 11  from coprs import db 
 12  from coprs import helpers 
 13  from coprs import models 
 14  from coprs import oid 
15 16 @app.before_request 17 -def lookup_current_user():
18 flask.g.user = None 19 if 'openid' in flask.session: 20 flask.g.user = models.User.query.filter(models.User.openid_name==flask.session['openid']).first()
21
22 @app.errorhandler(404) 23 -def page_not_found(message):
24 return flask.render_template('404.html', message=message), 404
25 26 27 misc = flask.Blueprint('misc', __name__)
28 29 30 @misc.route('/login/', methods=['GET', 'POST']) 31 @oid.loginhandler 32 -def login():
33 if flask.g.user is not None: 34 return flask.redirect(oid.get_next_url()) 35 if flask.request.method == 'POST': 36 fasusername = flask.request.form.get('fasuname') 37 if fasusername and ((app.config['USE_ALLOWED_USERS'] \ 38 and fasusername in app.config['ALLOWED_USERS']) \ 39 or not app.config['USE_ALLOWED_USERS']): 40 ask_for = [] 41 if not models.User.query.filter(models.User.openid_name==models.User.openidize_name(fasusername)).first(): 42 ask_for.append('email') 43 return oid.try_login('http://{0}.id.fedoraproject.org/'.format(fasusername), ask_for=ask_for) 44 else: 45 return flask.render_template('login.html', 46 error='User "{0}" is not allowed'.format( 47 fasusername)) 48 return flask.render_template('login.html', 49 next=oid.get_next_url(), 50 error=oid.fetch_error())
51
52 @oid.after_login 53 -def create_or_login(resp):
54 flask.session['openid'] = resp.identity_url 55 user = models.User.query.filter( 56 models.User.openid_name == resp.identity_url).first() 57 if not user: # create if not created already 58 expiration_date_token = datetime.date.today() \ 59 + datetime.timedelta(days=flask.current_app.config['API_TOKEN_EXPIRATION']) 60 copr64 = base64.b64encode('copr') + '##' 61 user = models.User(openid_name = resp.identity_url, mail = resp.email, 62 api_login = copr64 + helpers.generate_api_token( 63 app.config['API_TOKEN_LENGTH'] - len(copr64)), 64 api_token = helpers.generate_api_token(app.config['API_TOKEN_LENGTH']), 65 api_token_expiration = expiration_date_token) 66 db.session.add(user) 67 db.session.commit() 68 flask.flash(u'Welcome, {0}'.format(user.name)) 69 flask.g.user = user 70 redirect_to = oid.get_next_url() 71 if flask.request.url_root == oid.get_next_url(): 72 return flask.redirect(flask.url_for('coprs_ns.coprs_by_owner', username=user.name)) 73 return flask.redirect(oid.get_next_url())
74
75 76 @misc.route('/logout/') 77 -def logout():
78 flask.session.pop('openid', None) 79 flask.flash(u'You were signed out') 80 return flask.redirect(oid.get_next_url())
81
82 83 -def api_login_required(f):
84 @functools.wraps(f) 85 def decorated_function(*args, **kwargs): 86 token = None 87 username = None 88 if 'Authorization' in flask.request.headers: 89 base64string = flask.request.headers['Authorization'] 90 base64string = base64string.split()[1].strip() 91 userstring = base64.b64decode(base64string) 92 (username, token) = userstring.split(':') 93 token_auth = False 94 if token and username: 95 user = models.User.query.filter( 96 models.User.api_login == username).first() 97 if user \ 98 and user.api_token == token \ 99 and user.api_token_expiration >= datetime.date.today(): 100 token_auth = True 101 flask.g.user = user 102 if not token_auth: 103 output = {'output': 'notok', 'error': 'Login invalid/expired'} 104 jsonout = flask.jsonify(output) 105 jsonout.status_code = 500 106 return jsonout 107 return f(*args, **kwargs)
108 return decorated_function 109
110 111 -def login_required(role=helpers.RoleEnum('user')):
112 def view_wrapper(f): 113 @functools.wraps(f) 114 def decorated_function(*args, **kwargs): 115 if flask.g.user is None: 116 return flask.redirect(flask.url_for('misc.login', 117 next = flask.request.url)) 118 if role == helpers.RoleEnum('admin') and not flask.g.user.admin: 119 flask.flash('You are not allowed to access admin section.') 120 return flask.redirect(flask.url_for('coprs_ns.coprs_show')) 121 return f(*args, **kwargs)
122 return decorated_function 123 # hack: if login_required is used without params, the "role" parameter 124 # is in fact the decorated function, so we need to return 125 # the wrapped function, not the wrapper 126 # proper solution would be to use login_required() with parentheses 127 # everywhere, even if they're empty - TODO 128 if callable(role): 129 return view_wrapper(role) 130 else: 131 return view_wrapper 132
133 134 # backend authentication 135 -def backend_authenticated(f):
136 @functools.wraps(f) 137 def decorated_function(*args, **kwargs): 138 auth = flask.request.authorization 139 if not auth or auth.password != app.config['BACKEND_PASSWORD']: 140 return 'You have to provide the correct password', 401 141 return f(*args, **kwargs)
142 return decorated_function 143