1 import base64
2 import datetime
3 import functools
4
5 import flask
6
7 from flask.ext.openid import OpenID
8
9 from coprs import app
10 from coprs import config
11 from coprs import db
12 from coprs import helpers
13 from coprs import models
14 from coprs import oid
21
22 @app.errorhandler(404)
23 -def page_not_found(message):
24 return flask.render_template('404.html', message=message), 404
25
26
27 misc = flask.Blueprint('misc', __name__)
28
29
30 @misc.route('/login/', methods=['GET', 'POST'])
31 @oid.loginhandler
32 -def login():
33 if flask.g.user is not None:
34 return flask.redirect(oid.get_next_url())
35 if flask.request.method == 'POST':
36 fasusername = flask.request.form.get('fasuname')
37 if fasusername and ((app.config['USE_ALLOWED_USERS'] \
38 and fasusername in app.config['ALLOWED_USERS']) \
39 or not app.config['USE_ALLOWED_USERS']):
40 ask_for = []
41 if not models.User.query.filter(models.User.openid_name==models.User.openidize_name(fasusername)).first():
42 ask_for.append('email')
43 return oid.try_login('http://{0}.id.fedoraproject.org/'.format(fasusername), ask_for=ask_for)
44 else:
45 return flask.render_template('login.html',
46 error='User "{0}" is not allowed'.format(
47 fasusername))
48 return flask.render_template('login.html',
49 next=oid.get_next_url(),
50 error=oid.fetch_error())
51
74
75
76 @misc.route('/logout/')
77 -def logout():
78 flask.session.pop('openid', None)
79 flask.flash(u'You were signed out')
80 return flask.redirect(oid.get_next_url())
81
83 @functools.wraps(f)
84 def decorated_function(*args, **kwargs):
85 token = None
86 username = None
87 if 'Authorization' in flask.request.headers:
88 base64string = flask.request.headers['Authorization']
89 base64string = base64string.split()[1].strip()
90 userstring = base64.b64decode(base64string)
91 (username, token) = userstring.split(':')
92 token_auth = False
93 if token and username:
94 user = models.User.query.filter(
95 models.User.api_login == username).first()
96 if user \
97 and user.api_token == token \
98 and user.api_token_expiration >= datetime.date.today():
99 token_auth = True
100 flask.g.user = user
101 if not token_auth:
102 output = {'output': 'notok', 'error': 'Login invalid/expired'}
103 jsonout = flask.jsonify(output)
104 jsonout.status_code = 500
105 return jsonout
106 return f(*args, **kwargs)
107 return decorated_function
108
111 def view_wrapper(f):
112 @functools.wraps(f)
113 def decorated_function(*args, **kwargs):
114 if flask.g.user is None:
115 return flask.redirect(flask.url_for('misc.login',
116 next = flask.request.url))
117 if role == helpers.RoleEnum('admin') and not flask.g.user.admin:
118 flask.flash('You are not allowed to access admin section.')
119 return flask.redirect(flask.url_for('coprs_ns.coprs_show'))
120 return f(*args, **kwargs)
121 return decorated_function
122
123
124
125
126
127 if callable(role):
128 return view_wrapper(role)
129 else:
130 return view_wrapper
131
134 @functools.wraps(f)
135 def decorated_function(*args, **kwargs):
136 auth = flask.request.authorization
137 if not auth or auth.password != app.config['BACKEND_PASSWORD']:
138 return 'You have to provide the correct password', 401
139 return f(*args, **kwargs)
140 return decorated_function
141