CEiiNddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlmZdd lm Z dd lm Z d d l m Z d d l m Z d dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dlmZd dlmZd dlmZd dlmZd dlmZd dlm Z d dlm!Z!d d l"m#Z#d d!l"m$Z$d d"l"m%Z%d d#l"m&Z&d d$l"m'Z'd d%l"m(Z)d d&l"m*Z*Gd'd(Z+y))*)datetime) timedelta)abort) current_app)flash)g)has_app_context)redirect)request)session)AUTH_HEADER_NAME)COOKIE_DURATION)COOKIE_HTTPONLY) COOKIE_NAME)COOKIE_SAMESITE) COOKIE_SECURE) ID_ATTRIBUTE) LOGIN_MESSAGE)LOGIN_MESSAGE_CATEGORY)REFRESH_MESSAGE)REFRESH_MESSAGE_CATEGORY) SESSION_KEYS)USE_SESSION_FOR_NEXT)AnonymousUserMixin)session_protected) user_accessed)user_loaded_from_cookie)user_loaded_from_request)user_needs_refresh)user_unauthorized)_create_identifier)_user_context_processor) decode_cookie) encode_cookie)expand_login_view) login_url)make_next_paramceZdZdZddZddZddZdZdZe dZ d Z e d Z d Z d Zd ZdZddZdZdZdZdZdZdZdZdZe dZej6dZy) LoginManagerzThis object is used to hold the settings used for logging in. Instances of :class:`LoginManager` are *not* bound to specific apps, so you can create one in the main body of your code and then bind it to your app in a factory function. NcTt|_d|_i|_t|_t |_d|_t|_ t|_ d|_ d|_d|_d|_t"|_d|_d|_d|_t,|_||j1||yy)Nbasic)ranonymous_user login_viewblueprint_login_viewsr login_messagerlogin_message_category refresh_viewrneeds_refresh_messagerneeds_refresh_message_categorysession_protectionlocalize_callbackunauthorized_callbackneeds_refresh_callbackr id_attribute_user_callback_header_callback_request_callbackr"_session_identifier_generatorinit_appselfappadd_context_processors L/var/www/html/venv/lib/python3.12/site-packages/flask_login/login_manager.py__init__zLoginManager.__init__1s1  &("+'=#!&5"/G+ #*"&%)"&*#(" $!%-?* ? MM#4 5 c`ddl}|jdtd|j||y)zl This method has been deprecated. Please use :meth:`LoginManager.init_app` instead. rNzY'setup_app' is deprecated and will be removed in Flask-Login 0.7. Use 'init_app' instead. stacklevel)warningswarnDeprecationWarningr>)r@rArBrJs rC setup_appzLoginManager.setup_appms4   8   c01rEcx||_|j|j|r|jtyy)a Configures an application. This registers an `after_request` call, and attaches this `LoginManager` to it as `app.login_manager`. :param app: The :class:`flask.Flask` object to configure. :type app: :class:`flask.Flask` :param add_context_processor: Whether to add a context processor to the app that adds a `current_user` variable to the template. Defaults to ``True``. :type add_context_processor: bool N) login_manager after_request_update_remember_cookiecontext_processorr#r?s rCr>zLoginManager.init_app|s7! $667  ! !"9 : !rEcLtjtj|jr|j St j |jvr|jt j }n |j}|s td|jr^|j1t|j|j|jn!t|j|jtj}|jdt rYt#|}|j%t&d<t)|t j*t&d<t-|}t/|St-|t j*}t/|S)a This is called when the user is required to log in. If you register a callback with :meth:`LoginManager.unauthorized_handler`, then it will be called. Otherwise, it will take the following actions: - Flash :attr:`LoginManager.login_message` to the user. - If the app is using blueprints find the login view for the current blueprint using `blueprint_login_views`. If the app is not using blueprints or the login view for the current blueprint is not specified use the value of `login_view`. - Redirect the user to the login view. (The page they were attempting to access will be passed in the ``next`` query string variable, so you can redirect there if present instead of the homepage. Alternatively, it will be added to the session as ``next`` if USE_SESSION_FOR_NEXT is set.) If :attr:`LoginManager.login_view` is not defined, then it will simply raise a HTTP 401 (Unauthorized) error instead. This should be returned from a view or before/after_request function, otherwise the redirect will have no effect. categoryr_idnextnext_url)r!sendr_get_current_objectr7r blueprintr/r.rr0r6rr1configgetrr&r=r r(urlmake_login_urlr )r@r.r^r' redirect_urls rC unauthorizedzLoginManager.unauthorizedsA2 {>>@A  % %--/ /    : : :33G4E4EFJJ #J   %%1**4+=+=>!88 d((43N3NO## ::,.B C)*5I!??AGEN-iEGFO)*5L %%**w{{KL %%rEc(||_|jS)a> This sets the callback for reloading a user from the session. The function you set should take a user ID (a ``str``) and return a user object, or ``None`` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable )r: user_callbackr@callbacks rC user_loaderzLoginManager.user_loaders'!!!rEc|jS)z;Gets the user_loader callback set by user_loader decorator.)r:r@s rCrezLoginManager.user_callbacks"""rEc(||_|jS)a= This sets the callback for loading a user from a Flask request. The function you set should take Flask request object and return a user object, or `None` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable )r<request_callbackrfs rCrequest_loaderzLoginManager.request_loaders"*$$$rEc|jS)zAGets the request_loader callback set by request_loader decorator.)r<rjs rCrlzLoginManager.request_callbacks%%%rEc||_|S)ab This will set the callback for the `unauthorized` method, which among other things is used by `login_required`. It takes no arguments, and should return a response to be sent to the user instead of their normal view. :param callback: The callback for unauthorized users. :type callback: callable )r7rfs rCunauthorized_handlerz!LoginManager.unauthorized_handlers&."rEc||_|S)ai This will set the callback for the `needs_refresh` method, which among other things is used by `fresh_login_required`. It takes no arguments, and should return a response to be sent to the user instead of their normal view. :param callback: The callback for unauthorized users. :type callback: callable )r8rfs rCneeds_refresh_handlerz"LoginManager.needs_refresh_handlers'/#rEctjtj|jr|j S|j s t d|jr^|j1t|j|j|jn!t|j|jtj}|jdtrmt|j }|jt d<t#|t$j&t d<t)|j }t+|S|j }t)|t$j&}t+|S)a This is called when the user is logged in, but they need to be reauthenticated because their session is stale. If you register a callback with `needs_refresh_handler`, then it will be called. Otherwise, it will take the following actions: - Flash :attr:`LoginManager.needs_refresh_message` to the user. - Redirect the user to :attr:`LoginManager.refresh_view`. (The page they were attempting to access will be passed in the ``next`` query string variable, so you can redirect there if present instead of the homepage.) If :attr:`LoginManager.refresh_view` is not defined, then it will simply raise a HTTP 401 (Unauthorized) error instead. This should be returned from a view or before/after_request function, otherwise the redirect will have no effect. rTrUrrWrXrY)r r[rr\r8r2rr3r6rr4r^r_rr&r=r r(r r`rar )r@r^r'rbs rC needs_refreshzLoginManager.needs_refreshs1(  ? ? AB  & &..0 0  #J  % %%%1**4+E+EF!@@ ..!@@ ## ::,.B C)$*;*;   !)rEc>||j}|t_y)z!Store the given user as ctx.user.N)r-r _login_user)r@users rC!_update_request_context_with_userz.LoginManager._update_request_context_with_userOs <&&(D rEc6|j|j tdtjt j |jr|jSd}tjd}||j|j|}|t j}|jdt}|jdt}|tjvxrtjddk7}|r%tj|}|j!|}nX|jr|j#t}n6|tj$vr$tj$|}|j'|}|j|S)z;Loads user from session or remember_me cookie as applicableNznMissing user_loader or request_loader. Refer to http://flask-login.readthedocs.io/#how-it-works for more info._user_idREMEMBER_COOKIE_NAMEr _rememberclear)r:r< Exceptionrr[rr\_session_protection_failedrzr r_r^rrr cookies_load_user_from_remember_cookie_load_user_from_requestheaders_load_user_from_header) r@ryuser_idr^ cookie_name header_name has_cookiecookieheaders rC _load_userzLoginManager._load_userWsi    &4+A+A+I!  ;::<=  * * ,99; ;++j)  4#6#6#B&&w/D < ''F **%;[IK **%79IJKw.V7;;{3Kw3V  5;;FC''33G</ 5226:55d;;rEctj}|j}tj}|jj d|j }|r|dvry|r||j ddk7r||dk(s |jr.|j ddurd|d<tj|y|dk(r8tD]}|j|dd|d <tj|y y) NSESSION_PROTECTION)r,strongFrWr,_freshrrr~T) r r\r=rr^r_r5 permanentrr[rpop)r@sessidentrAmodeks rCrz'LoginManager._session_protection_faileds**,224--/zz~~2D4K4KLt#66 ETXXeT22w$..88H%U2%*DN!&&s+!%&AHHQ%&%,[!!&&s+rEct|}|`|td<dtd<d}|jr|j|}|-tj}t j |||Sy)Nr|Frry)r$r r:rr\rr[)r@rrryrAs rCrz,LoginManager._load_user_from_remember_cookiesp'  ")GJ  %GH D""**73!557',,St< rEc|jrB|j|}|/tj}ddlm}|j |||Sy)Nr )_user_loaded_from_headerr)r;rr\signalsrr[)r@rryrArs rCrz#LoginManager._load_user_from_headersM  ((0D!557=(--c-= rEc|jr@|j|}|-tj}tj|||Sy)Nr)r<rr\rr[)r@r ryrAs rCrz$LoginManager._load_user_from_requestsG  ! !))'2D!557(--c= rEcdtvr(tjjdr dtd<dtvrLtjdd}|dk(rdtvr|j ||S|dk(r|j ||S)Nr~$REMEMBER_COOKIE_REFRESH_EACH_REQUESTsetr|r)r rr^r_r _set_cookie _clear_cookie)r@response operations rCrQz$LoginManager._update_remember_cookies g %+*<*<*@*@ 2+ $)GK ' ! K6IE!jG&;  *g%""8,rEc tj}|jdt}|jd}|jdd}|jdt}|jdt }|jdt }dtvrttd } n|jd t} tttd } t| tr t| } tj| z} |j%|| | ||||| y#t $r} t#d | | d} ~ wwxYw)Nr}REMEMBER_COOKIE_DOMAINREMEMBER_COOKIE_PATH/REMEMBER_COOKIE_SECUREREMEMBER_COOKIE_HTTPONLYREMEMBER_COOKIE_SAMESITE_remember_seconds)secondsREMEMBER_COOKIE_DURATIONr|zDREMEMBER_COOKIE_DURATION must be a datetime.timedelta, instead got: )valueexpiresdomainpathsecurehttponlysamesite)rr^r_rrrrr rrr%str isinstanceintrutcnow TypeErrorr set_cookie) r@rr^rrrrrrdurationdatares rCrzLoginManager._set_cookies:##jj!7E 45zz0#64mD::8/J::8/J ' ) 1D)EFHzz"rcrhpropertyrermrlrprrrtrvrzrrrrrrQrrrsetterrErCr*r**s :6x 2;$8&t "## %&&  2&h.(rs!$###! !*#, (&&",-'&%* $."u8u8rE