wdfGdZddlZddlmZmZddlmZmZmZmZm Z m Z m Z m Z ddl mZddlmZmZmZmZmZmZmZmZmZmZmZmZddlmZdd lmZm Z m!Z!m"Z"m#Z#m$Z$m%Z%dd l&m'Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.Gd d e/Z0dS) zY flask_login.login_manager ------------------------- The LoginManager class. N)datetime timedelta)_request_ctx_stackabort current_appflashredirecthas_app_contextrequestsession) text_type) COOKIE_NAMECOOKIE_DURATION COOKIE_SECURECOOKIE_HTTPONLY LOGIN_MESSAGELOGIN_MESSAGE_CATEGORYREFRESH_MESSAGEREFRESH_MESSAGE_CATEGORY ID_ATTRIBUTEAUTH_HEADER_NAME SESSION_KEYSUSE_SESSION_FOR_NEXT)AnonymousUserMixin)user_loaded_from_cookieuser_loaded_from_headeruser_loaded_from_requestuser_unauthorizeduser_needs_refresh user_accessedsession_protected) login_url_create_identifier_user_context_processor encode_cookie decode_cookiemake_next_paramexpand_login_viewceZdZdZddZddZddZdZdZd Z d Z d Z d Z d Z ddZdZdZdZdZdZdZdZdZedZejdZdS) LoginManagerzThis object is used to hold the settings used for logging in. Instances of :class:`LoginManager` are *not* bound to specific apps, so you can create one in the main body of your code and then bind it to your app in a factory function. NTcnt|_d|_i|_t|_t |_d|_t|_ t|_ d|_ d|_d|_d|_t"|_d|_d|_d|_t,|_||||dSdS)Nbasic)ranonymous_user login_viewblueprint_login_viewsr login_messagerlogin_message_category refresh_viewrneeds_refresh_messagerneeds_refresh_message_categorysession_protectionlocalize_callbackunauthorized_callbackneeds_refresh_callbackr id_attribute_user_callback_header_callback_request_callbackr$_session_identifier_generatorinit_appselfappadd_context_processors ^/var/www/book.euthymeo.com/html/venv/lib/python3.11/site-packages/flask_login/login_manager.py__init__zLoginManager.__init__#s1  &("+'=#!&5"/G+ #*"&%)"&*#(" $!%-?* ? MM#4 5 5 5 5 5 ?cftjdt|||dS)zl This method has been deprecated. Please use :meth:`LoginManager.init_app` instead. z5Warning setup_app is deprecated. Please use init_app.N)warningswarnDeprecationWarningr?r@s rD setup_appzLoginManager.setup_app_s9  M( * * * c011111rFc||_||j|r|tdSdS)a Configures an application. This registers an `after_request` call, and attaches this `LoginManager` to it as `app.login_manager`. :param app: The :class:`flask.Flask` object to configure. :type app: :class:`flask.Flask` :param add_context_processor: Whether to add a context processor to the app that adds a `current_user` variable to the template. Defaults to ``True``. :type add_context_processor: bool N) login_manager after_request_update_remember_cookiecontext_processorr%r@s rDr?zLoginManager.init_apphsP! $6777  ;  ! !"9 : : : : : ; ;rFctjtj|jr|St j|jvr|jt j}n|j}|std|j rQ|j /t| |j |j nt|j |j tj}|dt r]t#|}|t&d<t)|t jt&d<t-|}nt-|t j}t/|S)a This is called when the user is required to log in. If you register a callback with :meth:`LoginManager.unauthorized_handler`, then it will be called. Otherwise, it will take the following actions: - Flash :attr:`LoginManager.login_message` to the user. - If the app is using blueprints find the login view for the current blueprint using `blueprint_login_views`. If the app is not using blueprints or the login view for the current blueprint is not specified use the value of `login_view`. - Redirect the user to the login view. (The page they were attempting to access will be passed in the ``next`` query string variable, so you can redirect there if present instead of the homepage. Alternatively, it will be added to the session as ``next`` if USE_SESSION_FOR_NEXT is set.) If :attr:`LoginManager.login_view` is not defined, then it will simply raise a HTTP 401 (Unauthorized) error instead. This should be returned from a view or before/after_request function, otherwise the redirect will have no effect. Ncategoryr_idnextnext_url)rsendr_get_current_objectr8r blueprintr0r/rr1r7rr2configgetrr)r>r r(urlmake_login_urlr )rAr/r\r# redirect_urls rD unauthorizedzLoginManager.unauthorizedzsf2 {>@@AAA  % 0--// /   : : :3G4EFJJJ  #JJJ   P%1d,,T-?@@#:<<<<<d(43NOOOO# ::,.B C C L)*55I!??AAGEN-iEEGFO)*55LL)*w{KKKL %%%rFc||_|S)aB This sets the callback for reloading a user from the session. The function you set should take a user ID (a ``unicode``) and return a user object, or ``None`` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable )r;rAcallbacks rD user_loaderzLoginManager.user_loaders'rFc2td||_|S)a This function has been deprecated. Please use :meth:`LoginManager.request_loader` instead. This sets the callback for loading a user from a header value. The function you set should take an authentication token and return a user object, or `None` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable zRLoginManager.header_loader is deprecated. Use LoginManager.request_loader instead.)printr<rcs rD header_loaderzLoginManager.header_loaders( 5 6 6 6 (rFc||_|S)a= This sets the callback for loading a user from a Flask request. The function you set should take Flask request object and return a user object, or `None` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable )r=rcs rDrequest_loaderzLoginManager.request_loaders"*rFc||_|S)ab This will set the callback for the `unauthorized` method, which among other things is used by `login_required`. It takes no arguments, and should return a response to be sent to the user instead of their normal view. :param callback: The callback for unauthorized users. :type callback: callable )r8rcs rDunauthorized_handlerz!LoginManager.unauthorized_handlers&."rFc||_|S)ai This will set the callback for the `needs_refresh` method, which among other things is used by `fresh_login_required`. It takes no arguments, and should return a response to be sent to the user instead of their normal view. :param callback: The callback for unauthorized users. :type callback: callable )r9rcs rDneeds_refresh_handlerz"LoginManager.needs_refresh_handlers'/#rFctjtj|jr|S|jst d|j/t||j |j nt|j |j tj }| dtrgt|j}|t d<t#|t$jt d<t)|j}n"|j}t)|t$j}t+|S)a This is called when the user is logged in, but they need to be reauthenticated because their session is stale. If you register a callback with `needs_refresh_handler`, then it will be called. Otherwise, it will take the following actions: - Flash :attr:`LoginManager.needs_refresh_message` to the user. - Redirect the user to :attr:`LoginManager.refresh_view`. (The page they were attempting to access will be passed in the ``next`` query string variable, so you can redirect there if present instead of the homepage.) If :attr:`LoginManager.refresh_view` is not defined, then it will simply raise a HTTP 401 (Unauthorized) error instead. This should be returned from a view or before/after_request function, otherwise the redirect will have no effect. rRNrSrrUrVrW)r rYrrZr9r3rr7rr4r5r\r]rr)r>r r(r r^r_r )rAr\r#r`s rD needs_refreshzLoginManager.needs_refreshsU(  ? A ABBB  & 1..00 0   #JJJ  ! - $(()CDD> @ @ @ @ @ $,> @ @ @ @# ::,.B C C K)$*;<|j|jtdtjt j|r|Sd}tj d}||j||}|t j }| dt}| dt}|tjvotj ddk}|r(tj|}||}nW|jr|t}n5|tjvr'tj|}||}||S)z;Loads user from session or remember_me cookie as applicableNznMissing user_loader or request_loader. Refer to http://flask-login.readthedocs.io/#how-it-works for more info._user_idREMEMBER_COOKIE_NAMEr _rememberclear)r;r= Exceptionr!rYrrZ_session_protection_failedrur r]r\rrr cookies_load_user_from_remember_cookie_load_user_from_requestheaders_load_user_from_header) rArsuser_idr\ cookie_name header_name has_cookiecookieheaders rD _load_userzLoginManager._load_user*s   &4+A+I!"" " ;:<<===  * * , , <99;; ;+j))  4#6#B&&w//D < 'F **%;[IIK **%79IJJK%8>!+k22g=  ; 5;;FCC' ;33G<<// 5226::55d;;;rFctj}|}tj}|jd|j}|r|dvrdS|r||ddkri|dks|jrd|d<tj |dS|dkr;tD]}| |dd|d <tj |d SdS) NSESSION_PROTECTION)r-strongFrUr-_freshrrzryT) r rZr>rr\r]r6 permanentr"rYrpop)rAsessidentrBmodeks rDr|z'LoginManager._session_protection_failedRs*,,2244-//z~~2D4KLL t#6665  ETXXeT2222w$.!&X!&s+++u!!%&&AHHQ%%%%$+[!!&s+++turFct|}|_|td<dtd<d}|jr||}|+tj}t j|||SdS)NrwFrrs)r'r r;rrZrrY)rArrrsrBs rDr~z,LoginManager._load_user_from_remember_cookiems''  ")GJ  %GH D" 4**733!577',St<<<< trFc|jrB||}|+tj}tj|||SdSNr)r<rrZrrY)rArrsrBs rDrz#LoginManager._load_user_from_header{sT   ((00D!577',St<<<< trFc|jrB||}|+tj}tj|||SdSr)r=rrZrrY)rAr rsrBs rDrz$LoginManager._load_user_from_requestsT  ! ))'22D!577(-c==== trFc&dtvr)tjdr dtd<dtvrUtjdd}|dkrdtvr||n|dkr|||S)Nry$REMEMBER_COOKIE_REFRESH_EACH_REQUESTsetrwrz)r rr\r]r _set_cookie _clear_cookie)rAresponse operations rDrOz$LoginManager._update_remember_cookies g % %"&&'MNN &#(GK ' ! ! K66IE!!jG&;&;  ****g%%""8,,,rFc tj}|dt}|d}|dd}|dt}|dt }dt vrtt d}n|d t}ttt d } t|trt|} tj|z} n3#t$r&t!d d |zwxYw||| | |||| dS)NrxREMEMBER_COOKIE_DOMAINREMEMBER_COOKIE_PATH/REMEMBER_COOKIE_SECUREREMEMBER_COOKIE_HTTPONLY_remember_seconds)secondsREMEMBER_COOKIE_DURATIONrwz#REMEMBER_COOKIE_DURATION must be a z$datetime.timedelta, instead got: {0})valueexpiresdomainpathsecurehttponly)rr\r]rrrr rrr&r isinstanceintrutcnow TypeErrorr{format set_cookie) rArr\rrrrrdurationdatars rDrzLoginManager._set_cookies#jj!7EE 455zz0#664mDD::8/JJ ' ) ) 1D)EFFFHHzz"rsj((((((((66666666666666666666KKKKKKKKKKKKKKKKKKKKKKKKKKKK'&&&&&LLLLLLLLLLLLLLLLLL888888888888888888 v8v8v8v8v86v8v8v8v8v8rF