From 6322b4cbe1e1872f554ca1117abffbba6af49bcd Mon Sep 17 00:00:00 2001 From: Matt Wright Date: Thu, 23 Aug 2012 20:37:27 -0400 Subject: [PATCH] Clean up --- flask_security/core.py | 81 ++++++++++++------------------------ flask_security/decorators.py | 8 ---- flask_security/utils.py | 3 -- flask_security/views.py | 36 ++++++++-------- 4 files changed, 45 insertions(+), 83 deletions(-) diff --git a/flask_security/core.py b/flask_security/core.py index cfa9d0b..7fffed3 100644 --- a/flask_security/core.py +++ b/flask_security/core.py @@ -142,25 +142,34 @@ def _get_pwd_context(app): return CryptContext(schemes=[pw_hash], default=pw_hash) -def _get_serializer(app, salt): - secret_key = app.config.get('SECRET_KEY', 'secret-key') +def _get_serializer(app, name): + secret_key = app.config.get('SECRET_KEY') + salt = app.config.get('SECURITY_%s_SALT' % name.upper()) return URLSafeTimedSerializer(secret_key=secret_key, salt=salt) -def _get_remember_token_serializer(app): - return _get_serializer(app, app.config['SECURITY_REMEMBER_SALT']) +def _get_state(app, datastore, **kwargs): + for key, value in get_config(app).items(): + kwargs[key.lower()] = value + + kwargs.update(dict( + app=app, + datastore=datastore, + login_manager=_get_login_manager(app), + principal=_get_principal(app), + pwd_context=_get_pwd_context(app), + context_processors={}, + remember_token_serializer=_get_serializer(app, 'remember'), + login_serializer=_get_serializer(app, 'login'), + reset_serializer=_get_serializer(app, 'reset'), + confirm_serializer=_get_serializer(app, 'confirm') + )) + + return _SecurityState(**kwargs) -def _get_reset_serializer(app): - return _get_serializer(app, app.config['SECURITY_RESET_SALT']) - - -def _get_confirm_serializer(app): - return _get_serializer(app, app.config['SECURITY_CONFIRM_SALT']) - - -def _get_login_serializer(app): - return _get_serializer(app, app.config['SECURITY_LOGIN_SALT']) +def _context_processor(): + return dict(url_for_security=url_for_security, security=_security) class RoleMixin(object): @@ -272,7 +281,7 @@ class Security(object): if app is not None and datastore is not None: self._state = self.init_app(app, datastore, **kwargs) - def init_app(self, app, datastore=None, register_blueprint=True, **kwargs): + def init_app(self, app, datastore=None): """Initializes the Flask-Security extension for the specified application and datastore implentation. @@ -289,48 +298,12 @@ class Security(object): identity_loaded.connect_via(app)(_on_identity_loaded) - if register_blueprint: - name = cv('BLUEPRINT_NAME', app=app) - url_prefix = cv('URL_PREFIX', app=app) - bp = create_blueprint(app, name, __name__, - url_prefix=url_prefix, - template_folder='templates') - app.register_blueprint(bp) - - state = self._get_state(app, datastore, **kwargs) - + state = _get_state(app, datastore) + app.register_blueprint(create_blueprint(state, __name__)) + app.context_processor(_context_processor) app.extensions['security'] = state - app.context_processor(lambda: dict(url_for_security=url_for_security, - security=state)) - return state - def _get_state(self, app, datastore, **kwargs): - assert app is not None - assert datastore is not None - - for key, value in get_config(app).items(): - kwargs[key.lower()] = value - - for key, value in [ - ('app', app), - ('datastore', datastore), - ('login_manager', _get_login_manager(app)), - ('principal', _get_principal(app)), - ('pwd_context', _get_pwd_context(app)), - ('remember_token_serializer', _get_remember_token_serializer(app)), - ('context_processors', {})]: - kwargs[key] = value - - kwargs['login_serializer'] = ( - _get_login_serializer(app) if kwargs['passwordless'] else None) - kwargs['reset_serializer'] = ( - _get_reset_serializer(app) if kwargs['recoverable'] else None) - kwargs['confirm_serializer'] = ( - _get_confirm_serializer(app) if kwargs['confirmable'] else None) - - return _SecurityState(**kwargs) - def __getattr__(self, name): return getattr(self._state, name, None) diff --git a/flask_security/decorators.py b/flask_security/decorators.py index e61b41c..57095cb 100644 --- a/flask_security/decorators.py +++ b/flask_security/decorators.py @@ -22,8 +22,6 @@ from . import utils # Convenient references _security = LocalProxy(lambda: current_app.extensions['security']) -_logger = LocalProxy(lambda: current_app.logger) - _default_unauthorized_html = """

Unauthorized

@@ -129,8 +127,6 @@ def roles_required(*roles): perms = [Permission(RoleNeed(role)) for role in roles] for perm in perms: if not perm.can(): - _logger.debug('Identity does not provide the ' - 'roles: %s' % [r for r in roles]) return _get_unauthorized_view() return fn(*args, **kwargs) return decorated_view @@ -157,10 +153,6 @@ def roles_accepted(*roles): perm = Permission(*[RoleNeed(role) for role in roles]) if perm.can(): return fn(*args, **kwargs) - r1 = [r for r in roles] - r2 = [r.name for r in current_user.roles] - _logger.debug('Current user does not provide a required role. ' - 'Accepted: %s Provided: %s' % (r1, r2)) return _get_unauthorized_view() return decorated_view return wrapper diff --git a/flask_security/utils.py b/flask_security/utils.py index 428c53a..fc67e1d 100644 --- a/flask_security/utils.py +++ b/flask_security/utils.py @@ -37,9 +37,6 @@ _datastore = LocalProxy(lambda: _security.datastore) _pwd_context = LocalProxy(lambda: _security.pwd_context) -_logger = LocalProxy(lambda: current_app.logger) - - def anonymous_user_required(f): @wraps(f) def wrapper(*args, **kwargs): diff --git a/flask_security/views.py b/flask_security/views.py index e03898c..7d94735 100644 --- a/flask_security/views.py +++ b/flask_security/views.py @@ -243,45 +243,45 @@ def reset_password(token): **_ctx('reset_password')) -def create_blueprint(app, name, import_name, **kwargs): +def create_blueprint(state, import_name): """Creates the security extension blueprint""" - bp = Blueprint(name, import_name, **kwargs) + bp = Blueprint(state.blueprint_name, import_name, + url_prefix=state.url_prefix, + template_folder='templates') - if config_value('PASSWORDLESS', app=app): - bp.route(config_value('LOGIN_URL', app=app), + bp.route(state.logout_url, endpoint='logout')(logout) + + if state.passwordless: + bp.route(state.login_url, methods=['GET', 'POST'], endpoint='login')(send_login) - - bp.route(config_value('LOGIN_URL', app=app) + '/', + bp.route(state.login_url + '/', methods=['GET'], endpoint='token_login')(token_login) else: - bp.route(config_value('LOGIN_URL', app=app), + bp.route(state.login_url, methods=['GET', 'POST'], endpoint='login')(login) - bp.route(config_value('LOGOUT_URL', app=app), - endpoint='logout')(logout) - - if config_value('REGISTERABLE', app=app): - bp.route(config_value('REGISTER_URL', app=app), + if state.registerable: + bp.route(state.register_url, methods=['GET', 'POST'], endpoint='register')(register) - if config_value('RECOVERABLE', app=app): - bp.route(config_value('RESET_URL', app=app), + if state.recoverable: + bp.route(state.reset_url, methods=['GET', 'POST'], endpoint='forgot_password')(forgot_password) - bp.route(config_value('RESET_URL', app=app) + '/', + bp.route(state.reset_url + '/', methods=['GET', 'POST'], endpoint='reset_password')(reset_password) - if config_value('CONFIRMABLE', app=app): - bp.route(config_value('CONFIRM_URL', app=app), + if state.confirmable: + bp.route(state.confirm_url, methods=['GET', 'POST'], endpoint='send_confirmation')(send_confirmation) - bp.route(config_value('CONFIRM_URL', app=app) + '/', + bp.route(state.confirm_url + '/', methods=['GET', 'POST'], endpoint='confirm_email')(confirm_email)