Move anonymous_user_required to decorators

This commit is contained in:
Matt Wright
2012-09-16 16:05:24 -04:00
parent 8bdd464239
commit 96f2be056d
3 changed files with 19 additions and 5 deletions
+16 -2
View File
@@ -52,11 +52,16 @@ def _check_token():
try:
data = serializer.loads(token)
user = _security.datastore.find_user(id=data[0])
return utils.md5(user.password) == data[1]
except:
return False
user = _security.datastore.find_user(id=data[0])
if utils.md5(user.password) == data[1]:
app = current_app._get_current_object()
identity_changed.send(app, identity=Identity(user.id))
return True
def _check_http_auth():
auth = request.authorization or dict(username=None, password=None)
@@ -156,3 +161,12 @@ def roles_accepted(*roles):
return _get_unauthorized_view()
return decorated_view
return wrapper
def anonymous_user_required(f):
@wraps(f)
def wrapper(*args, **kwargs):
if current_user.is_authenticated():
return redirect(utils.get_url(_security.post_login_view))
return f(*args, **kwargs)
return wrapper
+1
View File
@@ -89,6 +89,7 @@ def get_hmac(password):
h = hmac.new(_security.password_salt, password, hashlib.sha512)
return base64.b64encode(h.digest())
def verify_password(password, password_hash):
return _pwd_context.verify(get_hmac(password), password_hash)
+2 -3
View File
@@ -16,7 +16,7 @@ from werkzeug.local import LocalProxy
from .confirmable import send_confirmation_instructions, \
confirm_user, confirm_email_token_status
from .decorators import login_required
from .decorators import login_required, anonymous_user_required
from .forms import LoginForm, ConfirmRegisterForm, RegisterForm, \
ForgotPasswordForm, ResetPasswordForm, SendConfirmationForm, \
PasswordlessLoginForm
@@ -26,8 +26,7 @@ from .recoverable import reset_password_token_status, \
send_reset_password_instructions, update_password
from .registerable import register_user
from .utils import get_url, get_post_login_redirect, do_flash, \
get_message, login_user, logout_user, anonymous_user_required, \
url_for_security as url_for
get_message, login_user, logout_user, url_for_security as url_for
# Convenient references