import logging import os import base64 from flask import request, abort, session, make_response from flask.ext.login import login_user, UserMixin from flask.ext.principal import identity_changed from data import model from app import app, login_manager from auth.permissions import QuayDeferredPermissionUser logger = logging.getLogger(__name__) def truthy_param(param): return param not in {False, 'false', 'False', '0', 'FALSE', '', 'null'} @login_manager.user_loader def load_user(username): logger.debug('Loading user: %s' % username) return _LoginWrappedDBUser(username) class _LoginWrappedDBUser(UserMixin): def __init__(self, db_username, db_user=None): self._db_username = db_username self._db_user = db_user def db_user(self): if not self._db_user: self._db_user = model.get_user(self._db_username) return self._db_user def is_authenticated(self): return self.db_user() is not None def is_active(self): return self.db_user().verified def get_id(self): return unicode(self._db_username) def common_login(db_user): if login_user(_LoginWrappedDBUser(db_user.username, db_user)): logger.debug('Successfully signed in as: %s' % db_user.username) new_identity = QuayDeferredPermissionUser(db_user.username, 'username') identity_changed.send(app, identity=new_identity) return True else: logger.debug('User could not be logged in, inactive?.') return False @app.errorhandler(model.DataModelException) def handle_dme(ex): logger.exception(ex) return make_response('Internal Server Error', 500) @app.errorhandler(KeyError) def handle_dme_key_error(ex): logger.exception(ex) return make_response('Internal Server Error', 500) def generate_csrf_token(): if '_csrf_token' not in session: session['_csrf_token'] = base64.b64encode(os.urandom(48)) return session['_csrf_token'] app.jinja_env.globals['csrf_token'] = generate_csrf_token