o gP@sddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlmZdd lm Z dd lm Z d d l m Z d d l m Z d dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dlmZd dlmZd dlmZd dlmZd dlmZd dlm Z d dlm!Z!d d l"m#Z#d d!l"m$Z$d d"l"m%Z%d d#l"m&Z&d d$l"m'Z'd d%l"m(Z)d d&l"m*Z*Gd'd(d(Z+d)S)*)datetime) timedelta)abort) current_app)flash)g)has_app_context)redirect)request)session)AUTH_HEADER_NAME)COOKIE_DURATION)COOKIE_HTTPONLY) COOKIE_NAME)COOKIE_SAMESITE) COOKIE_SECURE) ID_ATTRIBUTE) LOGIN_MESSAGE)LOGIN_MESSAGE_CATEGORY)REFRESH_MESSAGE)REFRESH_MESSAGE_CATEGORY) SESSION_KEYS)USE_SESSION_FOR_NEXT)AnonymousUserMixin)session_protected) user_accessed)user_loaded_from_cookie)user_loaded_from_request)user_needs_refresh)user_unauthorized)_create_identifier)_user_context_processor) decode_cookie) encode_cookie)expand_login_view) login_url)make_next_paramc@seZdZdZd1ddZd2ddZd2dd Zd d Zd d Ze ddZ ddZ e ddZ ddZ ddZddZddZd3ddZddZd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+Zd,d-Ze d.d/Zejd0d/ZdS)4 LoginManagerzThis object is used to hold the settings used for logging in. Instances of :class:`LoginManager` are *not* bound to specific apps, so you can create one in the main body of your code and then bind it to your app in a factory function. NTcCst|_d|_i|_t|_t|_d|_t |_ t |_ d|_ d|_d|_d|_t|_d|_d|_d|_t|_|dur?|||dSdS)Nbasic)ranonymous_user login_viewblueprint_login_viewsr login_messagerlogin_message_category refresh_viewrneeds_refresh_messagerneeds_refresh_message_categorysession_protectionlocalize_callbackunauthorized_callbackneeds_refresh_callbackrZ id_attribute_user_callback_header_callback_request_callbackr!_session_identifier_generatorinit_appselfappadd_context_processorr?ZC:\Users\micha\Documents\internet-seite\env\lib\site-packages\flask_login\login_manager.py__init__1s(zLoginManager.__init__cCs(ddl}|jdtdd|||dS)zl This method has been deprecated. Please use :meth:`LoginManager.init_app` instead. rNzY'setup_app' is deprecated and will be removed in Flask-Login 0.7. Use 'init_app' instead. stacklevel)warningswarnDeprecationWarningr:)r<r=r>rEr?r?r@ setup_appmszLoginManager.setup_appcCs(||_||j|r|tdSdS)a Configures an application. This registers an `after_request` call, and attaches this `LoginManager` to it as `app.login_manager`. :param app: The :class:`flask.Flask` object to configure. :type app: :class:`flask.Flask` :param add_context_processor: Whether to add a context processor to the app that adds a `current_user` variable to the template. Defaults to ``True``. :type add_context_processor: bool N) login_manager after_request_update_remember_cookiecontext_processorr"r;r?r?r@r:|s  zLoginManager.init_appcCstt|jr|Stj|jvr|jtj}n|j}|s$t d|j r@|j dur8t | |j |j dnt |j |j dtj}|dtrct|}|td<t|tjtd<t|}t|St|tjd}t|S)a This is called when the user is required to log in. If you register a callback with :meth:`LoginManager.unauthorized_handler`, then it will be called. Otherwise, it will take the following actions: - Flash :attr:`LoginManager.login_message` to the user. - If the app is using blueprints find the login view for the current blueprint using `blueprint_login_views`. If the app is not using blueprints or the login view for the current blueprint is not specified use the value of `login_view`. - Redirect the user to the login view. (The page they were attempting to access will be passed in the ``next`` query string variable, so you can redirect there if present instead of the homepage. Alternatively, it will be added to the session as ``next`` if USE_SESSION_FOR_NEXT is set.) If :attr:`LoginManager.login_view` is not defined, then it will simply raise a HTTP 401 (Unauthorized) error instead. This should be returned from a view or before/after_request function, otherwise the redirect will have no effect. Ncategoryr_idnextZnext_url)r sendr_get_current_objectr4r blueprintr,r+rr-r3rr.configgetrr%r9r r'urlmake_login_urlr )r<r+rVr& redirect_urlr?r?r@ unauthorizeds0     zLoginManager.unauthorizedcC ||_|jS)a> This sets the callback for reloading a user from the session. The function you set should take a user ID (a ``str``) and return a user object, or ``None`` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable )r6 user_callbackr<callbackr?r?r@ user_loader zLoginManager.user_loadercC|jS)z;Gets the user_loader callback set by user_loader decorator.)r6r<r?r?r@r]zLoginManager.user_callbackcCr\)a= This sets the callback for loading a user from a Flask request. The function you set should take Flask request object and return a user object, or `None` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable )r8request_callbackr^r?r?r@request_loaderrazLoginManager.request_loadercCrb)zAGets the request_loader callback set by request_loader decorator.)r8rcr?r?r@rerdzLoginManager.request_callbackcC ||_|S)ab This will set the callback for the `unauthorized` method, which among other things is used by `login_required`. It takes no arguments, and should return a response to be sent to the user instead of their normal view. :param callback: The callback for unauthorized users. :type callback: callable )r4r^r?r?r@unauthorized_handler z!LoginManager.unauthorized_handlercCrg)ai This will set the callback for the `needs_refresh` method, which among other things is used by `fresh_login_required`. It takes no arguments, and should return a response to be sent to the user instead of their normal view. :param callback: The callback for unauthorized users. :type callback: callable )r5r^r?r?r@needs_refresh_handlerriz"LoginManager.needs_refresh_handlercCstt|jr|S|jstd|jr1|jdur)t ||j|j dnt |j|j dtj }| dt rVt|j}|td<t|tjtd<t|j}t|S|j}t|tjd}t|S)a This is called when the user is logged in, but they need to be reauthenticated because their session is stale. If you register a callback with `needs_refresh_handler`, then it will be called. Otherwise, it will take the following actions: - Flash :attr:`LoginManager.needs_refresh_message` to the user. - Redirect the user to :attr:`LoginManager.refresh_view`. (The page they were attempting to access will be passed in the ``next`` query string variable, so you can redirect there if present instead of the homepage.) If :attr:`LoginManager.refresh_view` is not defined, then it will simply raise a HTTP 401 (Unauthorized) error instead. This should be returned from a view or before/after_request function, otherwise the redirect will have no effect. rMNrNrrPrQrR)rrSrrTr5r/rr0r3rr1rVrWrr%r9r r'r rXrYr )r<rVr&rZr?r?r@ needs_refreshs2      zLoginManager.needs_refreshcCs"ddl}|jdtdd||_|S)a This function has been deprecated. Please use :meth:`LoginManager.request_loader` instead. This sets the callback for loading a user from a header value. The function you set should take an authentication token and return a user object, or `None` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable rNzc'header_loader' is deprecated and will be removed in Flask-Login 0.7. Use 'request_loader' instead.rBrC)rErFrGr7)r<r_rEr?r?r@ header_loader8s zLoginManager.header_loadercCs|dur|}|t_dS)z!Store the given user as ctx.user.N)r*rZ _login_user)r<userr?r?r@!_update_request_context_with_userOs z.LoginManager._update_request_context_with_userc Cs|jdur|jdurtdtt|r|Sd}t d}|dur2|jdur2||}|durvtj }| dt }| dt }|tjvoPt ddk}|r^tj|}||}n|jrg|t}n|tjvrvtj|}||}||S)z;Loads user from session or remember_me cookie as applicableNznMissing user_loader or request_loader. Refer to http://flask-login.readthedocs.io/#how-it-works for more info._user_idREMEMBER_COOKIE_NAMEr _rememberclear)r6r8 ExceptionrrSrrT_session_protection_failedrnr rWrVrr r cookies_load_user_from_remember_cookie_load_user_from_requestheaders_load_user_from_header) r<rmuser_idrV cookie_name header_nameZ has_cookiecookieheaderr?r?r@ _load_userWs4           zLoginManager._load_usercCst}|}t}|jd|j}|r|dvrdS|rY||ddkrY|dks-|jr?|ddur8d|d<t |dS|dkrYt D]}| |dqEd|d <t |d SdS) NZSESSION_PROTECTION)r)strongFrPr)_freshrrrrqT) r rTr9rrVrWr2 permanentrrSrpop)r<sessidentr=modekr?r?r@rts&   z'LoginManager._session_protection_failedcCsZt|}|dur+|td<dtd<d}|jr||}|dur+t}tj||d|SdS)NroFrrm)r#r r6rrTrrS)r<r}rzrmr=r?r?r@rvs z,LoginManager._load_user_from_remember_cookiecCsB|jr||}|durt}ddlm}|j||d|SdS)Nr )_user_loaded_from_headerr)r7rrTsignalsrrS)r<r~rmr=rr?r?r@rys  z#LoginManager._load_user_from_headercCs6|jr||}|durt}tj||d|SdS)Nr)r8rrTrrS)r<r rmr=r?r?r@rws z$LoginManager._load_user_from_requestcCsddtvrtjdrdtd<dtvr0tdd}|dkr'dtvr'|||S|dkr0|||S)NrqZ$REMEMBER_COOKIE_REFRESH_EACH_REQUESTsetrorr)r rrVrWr _set_cookie _clear_cookie)r<response operationr?r?r@rKs   z$LoginManager._update_remember_cookiec Cstj}|dt}|d}|dd}|dt}|dt}|dt}dtvr2ttdd } n|d t } t t td } t | t rJt| d } zt| } Wntyf} ztd | | d} ~ ww|j|| | |||||d dS)NrpREMEMBER_COOKIE_DOMAINREMEMBER_COOKIE_PATH/ZREMEMBER_COOKIE_SECUREZREMEMBER_COOKIE_HTTPONLYZREMEMBER_COOKIE_SAMESITE_remember_seconds)secondsZREMEMBER_COOKIE_DURATIONrozDREMEMBER_COOKIE_DURATION must be a datetime.timedelta, instead got: )valueexpiresdomainpathsecurehttponlysamesite)rrVrWrrrrr rrr$str isinstanceintrutcnow TypeErrorrs set_cookie) r<rrVr{rrrrrZdurationdatarer?r?r@rsF          zLoginManager._set_cookiecCs<tj}|dt}|d}|dd}|j|||ddS)Nrprrr)rr)rrVrWr delete_cookie)r<rrVr{rrr?r?r@rs    zLoginManager._clear_cookiecCs0ddl}|jdtddtrtjddSdS)z:Legacy property, use app.config['LOGIN_DISABLED'] instead.rNu'_login_disabled' is deprecated and will be removed in Flask-Login 0.7. Use 'LOGIN_DISABLED' in 'app.config' instead.rBrCLOGIN_DISABLEDF)rErFrGrrrVrW)r<rEr?r?r@_login_disabledszLoginManager._login_disabledcCs&ddl}|jdtdd|tjd<dS)zALegacy property setter, use app.config['LOGIN_DISABLED'] instead.rNrrBrCr)rErFrGrrV)r<newvaluerEr?r?r@rs)NT)T)N)__name__ __module__ __qualname____doc__rArHr:r[r`propertyr]rfrerhrjrkrlrnrrtrvryrwrKrrrsetterr?r?r?r@r(*s:  < :    4 *  * r(N),rrflaskrrrrrr r r rVr rrrrrrrrrrrrmixinsrrrrrrrr utilsr!r"r#r$r%r&rYr'r(r?r?r?r@sL