Почетна Преглед Помоћ
Регистрација Пријавите се
dayuan
/
manyi
6
0
Креирај огранак 0
Датотеке Дискусије 0 Захтеви за спајање 0 Вики
Дрво: 34216f9fac
Гране Ознаке
manyi
/
venv
/
Lib
/
site-packages
/
flower
/
views
/
auth.py

auth.py 2.4 KB
Историја Датотека

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970 
  1. from __future__ import absolute_import
    2. 

  2. 

  3. try:
    4. 

  4.     from urllib.parse import urlparse, parse_qsl, urlencode
    5. 

  5. except ImportError:
    6. 

  6.     from urlparse import urlparse, parse_qsl
    7. 

  7.     from urllib import urlencode
    8. 

  8. 

  9. import re
    10. 

  10. import tornado.web
    11. 

  11. import tornado.auth
    12. 

  12. from tornado import httpclient
    13. 

  13. import json
    14. 

  14. 

  15. from .. import settings
    16. 

  16. from ..views import BaseHandler
    17. 

  17. 

  18. 

  19. class LoginHandler(BaseHandler, tornado.auth.GoogleOAuth2Mixin):
    20. 

  20.     @tornado.web.asynchronous
    21. 

  21.     def get(self):
    22. 

  22.         callback_uri = None
    23. 

  23.         if settings.URL_PREFIX:
    24. 

  24.             qs = dict(parse_qsl(urlparse(self.request.uri).query))
    25. 

  25.             next = qs.get('next', '/')
    26. 

  26.             callback_uri = self.absolute_url('/login')
    27. 

  27.             callback_uri += '?' + urlencode(dict(next=next))
    28. 

  28. 

  29.         if self.get_argument('code', False):
    30. 

  30.             self.get_authenticated_user(
    31. 

  31.                 redirect_uri=self.settings[self._OAUTH_SETTINGS_KEY]['redirect_uri'],
    32. 

  32.                 code=self.get_argument('code'),
    33. 

  33.                 callback=self._on_auth,
    34. 

  34.             )
    35. 

  35.         else:
    36. 

  36.             self.authorize_redirect(
    37. 

  37.                 redirect_uri=self.settings[self._OAUTH_SETTINGS_KEY]['redirect_uri'],
    38. 

  38.                 client_id=self.settings[self._OAUTH_SETTINGS_KEY]['key'],
    39. 

  39.                 scope=['profile', 'email'],
    40. 

  40.                 response_type='code',
    41. 

  41.                 extra_params={'approval_prompt': 'auto'}
    42. 

  42.             )
    43. 

  43. 

  44. 

  45.     def _on_auth(self, user):
    46. 

  46.         if not user:
    47. 

  47.             raise tornado.web.HTTPError(500, 'Google auth failed')
    48. 

  48.         access_token = user['access_token']
    49. 

  49.         response = httpclient.HTTPClient().fetch('https://www.googleapis.com/plus/v1/people/me', headers={'Authorization': 'Bearer %s' % access_token})
    50. 

  50.         email = json.loads(response.body.decode('utf-8'))['emails'][0]['value']
    51. 

  51.         if not re.match(self.application.auth, email):
    52. 

  52.             raise tornado.web.HTTPError(
    53. 

  53.                 404,
    54. 

  54.                 "Access denied to '{email}'. "
    55. 

  55.                 "Please use another account or ask your admin to "
    56. 

  56.                 "add your email to flower --auth".format(**user))
    57. 

  57. 

  58.         self.set_secure_cookie("user", str(email))
    59. 

  59. 

  60.         next = self.get_argument('next', '/')
    61. 

  61.         if settings.URL_PREFIX:
    62. 

  62.             next = self.absolute_url(next)
    63. 

  63. 

  64.         self.redirect(next)
    65. 

  65. 

  66. 

  67. class LogoutHandler(BaseHandler):
    68. 

  68.     def get(self):
    69. 

  69.         self.clear_cookie('user')
    70. 

  70.         self.render('404.html', message='Successfully logged out!')
    71.