| |
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" |
| "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| |
| <html xmlns="http://www.w3.org/1999/xhtml"> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> |
| |
| <title>Flask-OpenID</title> |
| <link rel="stylesheet" href="_static/flasky.css" type="text/css" /> |
| <link rel="stylesheet" href="_static/pygments.css" type="text/css" /> |
| <script type="text/javascript"> |
| var DOCUMENTATION_OPTIONS = { |
| URL_ROOT: '', |
| VERSION: '1.0', |
| COLLAPSE_INDEX: false, |
| FILE_SUFFIX: '.html', |
| HAS_SOURCE: true |
| }; |
| </script> |
| <script type="text/javascript" src="_static/jquery.js"></script> |
| <script type="text/javascript" src="_static/underscore.js"></script> |
| <script type="text/javascript" src="_static/doctools.js"></script> |
| <link rel="top" title="Flask-OpenID v1.0 documentation" href="#" /> |
| </head> |
| <body> |
| |
| <div class="document"> |
| <div class="documentwrapper"> |
| <div class="bodywrapper"> |
| <div class="body"> |
| |
| <div class="section" id="module-flaskext.openid"> |
| <span id="flask-openid"></span><h1>Flask-OpenID<a class="headerlink" href="#module-flaskext.openid" title="Permalink to this headline">¶</a></h1> |
| <p>Flask-OpenID is an extension to <a class="reference external" href="http://flask.pocoo.org/">Flask</a> that allows you to add <a class="reference external" href="http://openid.net/">OpenID</a> |
| based authentication to your website in a matter of minutes. It depends |
| on Flask and <a class="reference external" href="http://openidenabled.com/python-openid/">python-openid</a> 2.x. You can install the requirements from |
| PyPI with <cite>easy_install</cite> or <cite>pip</cite> or download them by hand.</p> |
| <div class="section" id="features"> |
| <h2>Features<a class="headerlink" href="#features" title="Permalink to this headline">¶</a></h2> |
| <ul class="simple"> |
| <li>support for OpenID 2.x</li> |
| <li>friendly API</li> |
| <li>perfect integration into Flask</li> |
| <li>basic support for AX and SReg extensions to OpenID that make it possible |
| to fetch basic profile information from a user’s OpenID provider.</li> |
| </ul> |
| </div> |
| <div class="section" id="installation"> |
| <h2>Installation<a class="headerlink" href="#installation" title="Permalink to this headline">¶</a></h2> |
| <p>Install the extension with one of the following commands:</p> |
| <div class="highlight-python"><pre>$ easy_install Flask-OpenID</pre> |
| </div> |
| <p>or alternatively if you have <cite>pip</cite> installed:</p> |
| <div class="highlight-python"><pre>$ pip install Flask-OpenID</pre> |
| </div> |
| </div> |
| <div class="section" id="how-to-use"> |
| <h2>How to Use<a class="headerlink" href="#how-to-use" title="Permalink to this headline">¶</a></h2> |
| <p>To integrate Flask-OpenID into your application you need to create an |
| instance of the <a title="flaskext.openid.OpenID" class="reference internal" href="#flaskext.openid.OpenID"><tt class="xref py py-class docutils literal"><span class="pre">OpenID</span></tt></a> object first:</p> |
| <div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">flaskext.openid</span> <span class="kn">import</span> <span class="n">OpenID</span> |
| <span class="n">oid</span> <span class="o">=</span> <span class="n">OpenID</span><span class="p">(</span><span class="s">'/path/to/store'</span><span class="p">)</span> |
| </pre></div> |
| </div> |
| <p>By default it will use the filesystem as store for information needed by |
| OpenID for the authentication process. You can alternatively implement |
| your own store that uses the database or a no-sql server. For more |
| information about that, consult the python-openid documentation.</p> |
| <p>The current logged in user has to memorized somewhere, we will use the |
| <tt class="docutils literal"><span class="pre">'openid'</span></tt> key in the <cite>session</cite>. This can be implemented in a |
| <cite>before_request</cite> function:</p> |
| <div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">flask</span> <span class="kn">import</span> <span class="n">g</span><span class="p">,</span> <span class="n">session</span> |
| |
| <span class="nd">@app.before_request</span> |
| <span class="k">def</span> <span class="nf">lookup_current_user</span><span class="p">():</span> |
| <span class="n">g</span><span class="o">.</span><span class="n">user</span> <span class="o">=</span> <span class="bp">None</span> |
| <span class="k">if</span> <span class="s">'openid'</span> <span class="ow">in</span> <span class="n">session</span><span class="p">:</span> |
| <span class="n">g</span><span class="o">.</span><span class="n">user</span> <span class="o">=</span> <span class="n">User</span><span class="o">.</span><span class="n">query</span><span class="o">.</span><span class="n">filter_by</span><span class="p">(</span><span class="n">openid</span><span class="o">=</span><span class="n">openid</span><span class="p">)</span><span class="o">.</span><span class="n">first</span><span class="p">()</span> |
| </pre></div> |
| </div> |
| <p>This assumes the openid used for a user is stored in the user table |
| itself. As you can see from the example above, we’re using SQLAlchemy |
| here, but feel free to use a different storage backend. It’s just |
| important that you can somehow map from openid URL to user.</p> |
| <p>Next you need to define a login handling function. This function is a |
| standard view function that is additionally decorated as |
| <a title="flaskext.openid.OpenID.loginhandler" class="reference internal" href="#flaskext.openid.OpenID.loginhandler"><tt class="xref py py-meth docutils literal"><span class="pre">loginhandler()</span></tt></a>:</p> |
| <div class="highlight-python"><div class="highlight"><pre><span class="nd">@app.route</span><span class="p">(</span><span class="s">'/login'</span><span class="p">,</span> <span class="n">methods</span><span class="o">=</span><span class="p">[</span><span class="s">'GET'</span><span class="p">,</span> <span class="s">'POST'</span><span class="p">])</span> |
| <span class="nd">@oid.loginhandler</span> |
| <span class="k">def</span> <span class="nf">login</span><span class="p">():</span> |
| <span class="k">if</span> <span class="n">g</span><span class="o">.</span><span class="n">user</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span> |
| <span class="k">return</span> <span class="n">redirect</span><span class="p">(</span><span class="n">oid</span><span class="o">.</span><span class="n">get_next_url</span><span class="p">())</span> |
| <span class="k">if</span> <span class="n">request</span><span class="o">.</span><span class="n">method</span> <span class="o">==</span> <span class="s">'POST'</span><span class="p">:</span> |
| <span class="n">openid</span> <span class="o">=</span> <span class="n">request</span><span class="o">.</span><span class="n">form</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="s">'openid'</span><span class="p">)</span> |
| <span class="k">if</span> <span class="n">openid</span><span class="p">:</span> |
| <span class="k">return</span> <span class="n">oid</span><span class="o">.</span><span class="n">try_login</span><span class="p">(</span><span class="n">openid</span><span class="p">,</span> <span class="n">ask_for</span><span class="o">=</span><span class="p">[</span><span class="s">'email'</span><span class="p">,</span> <span class="s">'fullname'</span><span class="p">,</span> |
| <span class="s">'nickname'</span><span class="p">])</span> |
| <span class="k">return</span> <span class="n">render_template</span><span class="p">(</span><span class="s">'login.html'</span><span class="p">,</span> <span class="nb">next</span><span class="o">=</span><span class="n">oid</span><span class="o">.</span><span class="n">get_next_url</span><span class="p">(),</span> |
| <span class="n">error</span><span class="o">=</span><span class="n">oid</span><span class="o">.</span><span class="n">fetch_error</span><span class="p">())</span> |
| </pre></div> |
| </div> |
| <p>What’s happening inside the login handler is that first we try to figure |
| out if the user is already logged in. In that case we return to where we |
| just came from (<a title="flaskext.openid.OpenID.get_next_url" class="reference internal" href="#flaskext.openid.OpenID.get_next_url"><tt class="xref py py-meth docutils literal"><span class="pre">get_next_url()</span></tt></a> can do that for us). When |
| the data is submitted we get the openid the user entered and try to login |
| with that information. Additionally we ask the openid provider for email, |
| nickname and the user’s full name. If that information is available, we |
| can use it to simplify the account creation process in our application.</p> |
| <p>The template also needs the URL we want to return to, because it has to |
| forward that information in the form. If an error happened, |
| <a title="flaskext.openid.OpenID.fetch_error" class="reference internal" href="#flaskext.openid.OpenID.fetch_error"><tt class="xref py py-meth docutils literal"><span class="pre">fetch_error()</span></tt></a> will return that error message for us.</p> |
| <p>This is what a login template typically looks like:</p> |
| <div class="highlight-html+jinja"><div class="highlight"><pre><span class="cp">{%</span> <span class="k">extends</span> <span class="s2">"layout.html"</span> <span class="cp">%}</span> |
| <span class="cp">{%</span> <span class="k">block</span> <span class="nv">title</span> <span class="cp">%}</span>Sign in<span class="cp">{%</span> <span class="k">endblock</span> <span class="cp">%}</span> |
| <span class="cp">{%</span> <span class="k">block</span> <span class="nv">body</span> <span class="cp">%}</span> |
| <span class="nt"><h2></span>Sign in<span class="nt"></h2></span> |
| <span class="nt"><form</span> <span class="na">action=</span><span class="s">""</span> <span class="na">method=</span><span class="s">post</span><span class="nt">></span> |
| <span class="cp">{%</span> <span class="k">if</span> <span class="nv">error</span> <span class="cp">%}</span><span class="nt"><p</span> <span class="na">class=</span><span class="s">error</span><span class="nt">><strong></span>Error:<span class="nt"></strong></span> <span class="cp">{{</span> <span class="nv">error</span> <span class="cp">}}</span><span class="nt"></p></span><span class="cp">{%</span> <span class="k">endif</span> <span class="cp">%}</span> |
| <span class="nt"><p></span> |
| OpenID: |
| <span class="nt"><input</span> <span class="na">type=</span><span class="s">text</span> <span class="na">name=</span><span class="s">openid</span> <span class="na">size=</span><span class="s">30</span><span class="nt">></span> |
| <span class="nt"><input</span> <span class="na">type=</span><span class="s">submit</span> <span class="na">value=</span><span class="s">"Sign in"</span><span class="nt">></span> |
| <span class="nt"><input</span> <span class="na">type=</span><span class="s">hidden</span> <span class="na">name=</span><span class="s">next</span> <span class="na">value=</span><span class="s">"</span><span class="cp">{{</span> <span class="nv">next</span> <span class="cp">}}</span><span class="s">"</span><span class="nt">></span> |
| <span class="nt"></form></span> |
| <span class="cp">{%</span> <span class="k">endblock</span> <span class="cp">%}</span> |
| </pre></div> |
| </div> |
| <p>See how <cite>error</cite> and <cite>next</cite> are used. The name of the form field <cite>next</cite> is |
| required, so don’t change it.</p> |
| </div> |
| <div class="section" id="responding-to-successful-logins"> |
| <h2>Responding to Successful Logins<a class="headerlink" href="#responding-to-successful-logins" title="Permalink to this headline">¶</a></h2> |
| <p>Next we have to define a function that is called after the login was |
| successful. The resonsibility of that function is to remember the user |
| that just logged in and to figure out if it’s a new user to the system or |
| one with an existing profile (if you want to use profiles).</p> |
| <p>Such a function is decorated with <a title="flaskext.openid.OpenID.after_login" class="reference internal" href="#flaskext.openid.OpenID.after_login"><tt class="xref py py-meth docutils literal"><span class="pre">after_login()</span></tt></a> and must |
| remember the user in the session and redirect to the proper page:</p> |
| <div class="highlight-python"><div class="highlight"><pre><span class="kn">from</span> <span class="nn">flask</span> <span class="kn">import</span> <span class="n">flash</span> |
| |
| <span class="nd">@oid.after_login</span> |
| <span class="k">def</span> <span class="nf">create_or_login</span><span class="p">(</span><span class="n">resp</span><span class="p">):</span> |
| <span class="n">session</span><span class="p">[</span><span class="s">'openid'</span><span class="p">]</span> <span class="o">=</span> <span class="n">resp</span><span class="o">.</span><span class="n">identity_url</span> |
| <span class="n">user</span> <span class="o">=</span> <span class="n">User</span><span class="o">.</span><span class="n">query</span><span class="o">.</span><span class="n">filter_by</span><span class="p">(</span><span class="n">openid</span><span class="o">=</span><span class="n">resp</span><span class="o">.</span><span class="n">identity_url</span><span class="p">)</span><span class="o">.</span><span class="n">first</span><span class="p">()</span> |
| <span class="k">if</span> <span class="n">user</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span><span class="p">:</span> |
| <span class="n">flash</span><span class="p">(</span><span class="s">u'Successfully signed in'</span><span class="p">)</span> |
| <span class="n">g</span><span class="o">.</span><span class="n">user</span> <span class="o">=</span> <span class="n">user</span> |
| <span class="k">return</span> <span class="n">redirect</span><span class="p">(</span><span class="n">oid</span><span class="o">.</span><span class="n">get_next_url</span><span class="p">())</span> |
| <span class="k">return</span> <span class="n">redirect</span><span class="p">(</span><span class="n">url_for</span><span class="p">(</span><span class="s">'create_profile'</span><span class="p">,</span> <span class="nb">next</span><span class="o">=</span><span class="n">oid</span><span class="o">.</span><span class="n">get_next_url</span><span class="p">(),</span> |
| <span class="n">name</span><span class="o">=</span><span class="n">resp</span><span class="o">.</span><span class="n">fullname</span> <span class="ow">or</span> <span class="n">resp</span><span class="o">.</span><span class="n">nickname</span><span class="p">,</span> |
| <span class="n">email</span><span class="o">=</span><span class="n">resp</span><span class="o">.</span><span class="n">email</span><span class="p">))</span> |
| </pre></div> |
| </div> |
| <p>The <cite>resp</cite> object passed is a <a title="flaskext.openid.OpenIDResponse" class="reference internal" href="#flaskext.openid.OpenIDResponse"><tt class="xref py py-class docutils literal"><span class="pre">OpenIDResponse</span></tt></a> object with all the |
| information you might desire. As you can see, we memorize the user’s |
| openid and try to get the user with that OpenID from the database. If |
| that fails we redirect the user to a page to create a new profile and also |
| forward the name (or nickname if no name is provided) and the email |
| address. Please keep in mind that an openid provider does not have to |
| support these profile information and not every value you ask for will be |
| there. If it’s missing it will be <cite>None</cite>. Again make sure to not lose |
| the information about the next URL.</p> |
| </div> |
| <div class="section" id="creating-a-profile"> |
| <h2>Creating a Profile<a class="headerlink" href="#creating-a-profile" title="Permalink to this headline">¶</a></h2> |
| <p>A typical page to create such a profile might look like this:</p> |
| <div class="highlight-python"><div class="highlight"><pre><span class="nd">@app.route</span><span class="p">(</span><span class="s">'/create-profile'</span><span class="p">,</span> <span class="n">methods</span><span class="o">=</span><span class="p">[</span><span class="s">'GET'</span><span class="p">,</span> <span class="s">'POST'</span><span class="p">])</span> |
| <span class="k">def</span> <span class="nf">create_profile</span><span class="p">():</span> |
| <span class="k">if</span> <span class="n">g</span><span class="o">.</span><span class="n">user</span> <span class="ow">is</span> <span class="ow">not</span> <span class="bp">None</span> <span class="ow">or</span> <span class="s">'openid'</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">session</span><span class="p">:</span> |
| <span class="k">return</span> <span class="n">redirect</span><span class="p">(</span><span class="n">url_for</span><span class="p">(</span><span class="s">'index'</span><span class="p">))</span> |
| <span class="k">if</span> <span class="n">request</span><span class="o">.</span><span class="n">method</span> <span class="o">==</span> <span class="s">'POST'</span><span class="p">:</span> |
| <span class="n">name</span> <span class="o">=</span> <span class="n">request</span><span class="o">.</span><span class="n">form</span><span class="p">[</span><span class="s">'name'</span><span class="p">]</span> |
| <span class="n">email</span> <span class="o">=</span> <span class="n">request</span><span class="o">.</span><span class="n">form</span><span class="p">[</span><span class="s">'email'</span><span class="p">]</span> |
| <span class="k">if</span> <span class="ow">not</span> <span class="n">name</span><span class="p">:</span> |
| <span class="n">flash</span><span class="p">(</span><span class="s">u'Error: you have to provide a name'</span><span class="p">)</span> |
| <span class="k">elif</span> <span class="s">'@'</span> <span class="ow">not</span> <span class="ow">in</span> <span class="n">email</span><span class="p">:</span> |
| <span class="n">flash</span><span class="p">(</span><span class="s">u'Error: you have to enter a valid email address'</span><span class="p">)</span> |
| <span class="k">else</span><span class="p">:</span> |
| <span class="n">flash</span><span class="p">(</span><span class="s">u'Profile successfully created'</span><span class="p">)</span> |
| <span class="n">db_session</span><span class="o">.</span><span class="n">add</span><span class="p">(</span><span class="n">User</span><span class="p">(</span><span class="n">name</span><span class="p">,</span> <span class="n">email</span><span class="p">,</span> <span class="n">session</span><span class="p">[</span><span class="s">'openid'</span><span class="p">]))</span> |
| <span class="n">db_session</span><span class="o">.</span><span class="n">commit</span><span class="p">()</span> |
| <span class="k">return</span> <span class="n">redirect</span><span class="p">(</span><span class="n">oid</span><span class="o">.</span><span class="n">get_next_url</span><span class="p">())</span> |
| <span class="k">return</span> <span class="n">render_template</span><span class="p">(</span><span class="s">'create_profile.html'</span><span class="p">,</span> <span class="n">next_url</span><span class="o">=</span><span class="n">oid</span><span class="o">.</span><span class="n">get_next_url</span><span class="p">())</span> |
| </pre></div> |
| </div> |
| <p>If you’re using the same names for the URL parameters in the step before |
| and in this form, you have nice looking and simple templates:</p> |
| <div class="highlight-html+jinja"><div class="highlight"><pre><span class="cp">{%</span> <span class="k">extends</span> <span class="s2">"layout.html"</span> <span class="cp">%}</span> |
| <span class="cp">{%</span> <span class="k">block</span> <span class="nv">title</span> <span class="cp">%}</span>Create Profile<span class="cp">{%</span> <span class="k">endblock</span> <span class="cp">%}</span> |
| <span class="cp">{%</span> <span class="k">block</span> <span class="nv">body</span> <span class="cp">%}</span> |
| <span class="nt"><h2></span>Create Profile<span class="nt"></h2></span> |
| <span class="nt"><p></span> |
| Hey! This is the first time you signed in on this website. In |
| order to proceed we need a couple of more information from you: |
| <span class="nt"><form</span> <span class="na">action=</span><span class="s">""</span> <span class="na">method=</span><span class="s">post</span><span class="nt">></span> |
| <span class="nt"><dl></span> |
| <span class="nt"><dt></span>Name: |
| <span class="nt"><dd><input</span> <span class="na">type=</span><span class="s">text</span> <span class="na">name=</span><span class="s">name</span> <span class="na">size=</span><span class="s">30</span> <span class="na">value=</span><span class="s">"</span><span class="cp">{{</span> <span class="nv">request.values.name</span> <span class="cp">}}</span><span class="s">"</span><span class="nt">></span> |
| <span class="nt"><dt></span>E-Mail: |
| <span class="nt"><dd><input</span> <span class="na">type=</span><span class="s">text</span> <span class="na">name=</span><span class="s">email</span> <span class="na">size=</span><span class="s">30</span> <span class="na">value=</span><span class="s">"</span><span class="cp">{{</span> <span class="nv">request.values.email</span> <span class="cp">}}</span><span class="s">"</span><span class="nt">></span> |
| <span class="nt"></dl></span> |
| <span class="nt"><p></span> |
| <span class="nt"><input</span> <span class="na">type=</span><span class="s">submit</span> <span class="na">value=</span><span class="s">"Create profile"</span><span class="nt">></span> |
| <span class="nt"><input</span> <span class="na">type=</span><span class="s">hidden</span> <span class="na">name=</span><span class="s">next</span> <span class="na">value=</span><span class="s">"</span><span class="cp">{{</span> <span class="nv">next</span> <span class="cp">}}</span><span class="s">"</span><span class="nt">></span> |
| <span class="nt"></form></span> |
| <span class="nt"><p></span> |
| If you don't want to proceed, you can <span class="nt"><a</span> <span class="na">href=</span><span class="s">"</span><span class="cp">{{</span> <span class="nv">url_for</span><span class="o">(</span><span class="s1">'logout'</span><span class="o">)</span> |
| <span class="cp">}}</span><span class="s">"</span><span class="nt">></span>sign out<span class="nt"></a></span> again. |
| <span class="cp">{%</span> <span class="k">endblock</span> <span class="cp">%}</span> |
| </pre></div> |
| </div> |
| </div> |
| <div class="section" id="logging-out"> |
| <h2>Logging Out<a class="headerlink" href="#logging-out" title="Permalink to this headline">¶</a></h2> |
| <p>The logout function is very simple, it just has to unset the openid from |
| the session and redirect back to where the user was before:</p> |
| <div class="highlight-python"><div class="highlight"><pre><span class="nd">@app.route</span><span class="p">(</span><span class="s">'/logout'</span><span class="p">)</span> |
| <span class="k">def</span> <span class="nf">logout</span><span class="p">():</span> |
| <span class="n">session</span><span class="o">.</span><span class="n">pop</span><span class="p">(</span><span class="s">'openid'</span><span class="p">,</span> <span class="bp">None</span><span class="p">)</span> |
| <span class="n">flash</span><span class="p">(</span><span class="s">u'You were signed out'</span><span class="p">)</span> |
| <span class="k">return</span> <span class="n">redirect</span><span class="p">(</span><span class="n">oid</span><span class="o">.</span><span class="n">get_next_url</span><span class="p">())</span> |
| </pre></div> |
| </div> |
| </div> |
| <div class="section" id="full-example"> |
| <h2>Full Example<a class="headerlink" href="#full-example" title="Permalink to this headline">¶</a></h2> |
| <p>To see the full code of that example, you can download the code <a class="reference external" href="http://github.com/mitsuhiko/flask-openid">from |
| github</a>.</p> |
| </div> |
| <div class="section" id="api-references"> |
| <h2>API References<a class="headerlink" href="#api-references" title="Permalink to this headline">¶</a></h2> |
| <p>The full API reference:</p> |
| <dl class="class"> |
| <dt id="flaskext.openid.OpenID"> |
| <em class="property">class </em><tt class="descclassname">flaskext.openid.</tt><tt class="descname">OpenID</tt><big>(</big><em>fs_store_path=None</em>, <em>store_factory=None</em>, <em>fallback_endpoint=None</em><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID" title="Permalink to this definition">¶</a></dt> |
| <dd><p>Simple helper class for OpenID auth. Has to be created in advance |
| like a <a title="(in Flask v0.2)" class="reference external" href="http://flask.pocoo.org/docs/api/#flask.Flask"><tt class="xref py py-class docutils literal"><span class="pre">Flask</span></tt></a> object.</p> |
| <table class="docutils field-list" frame="void" rules="none"> |
| <col class="field-name" /> |
| <col class="field-body" /> |
| <tbody valign="top"> |
| <tr class="field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first last simple"> |
| <li><strong>fs_store_path</strong> – if given this is the name of a folder where the |
| OpenID auth process can store temporary |
| information. If neither is provided a temporary |
| folder is assumed.</li> |
| <li><strong>store_factory</strong> – alternatively a function that creates a |
| python-openid store object.</li> |
| <li><strong>fallback_endpoint</strong> – optionally a string with the name of an URL |
| endpoint the user should be redirected to |
| if the HTTP referrer is unreliable. By |
| default the user is redirected back to the |
| application’s index in that case.</li> |
| </ul> |
| </td> |
| </tr> |
| </tbody> |
| </table> |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.after_login"> |
| <tt class="descname">after_login</tt><big>(</big><em>f</em><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.after_login" title="Permalink to this definition">¶</a></dt> |
| <dd>This function will be called after login. It must redirect to |
| a different place and remember the user somewhere. The session |
| is not modified by SimpleOpenID. The decorated function is |
| passed a <a title="flaskext.openid.OpenIDResponse" class="reference internal" href="#flaskext.openid.OpenIDResponse"><tt class="xref py py-class docutils literal"><span class="pre">OpenIDResponse</span></tt></a> object.</dd></dl> |
| |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.attach_reg_info"> |
| <tt class="descname">attach_reg_info</tt><big>(</big><em>auth_request</em>, <em>keys</em><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.attach_reg_info" title="Permalink to this definition">¶</a></dt> |
| <dd><p>Attaches sreg and ax requests to the auth request.</p> |
| <table class="docutils field-list" frame="void" rules="none"> |
| <col class="field-name" /> |
| <col class="field-body" /> |
| <tbody valign="top"> |
| <tr class="field"><th class="field-name">Internal :</th><td class="field-body"></td> |
| </tr> |
| </tbody> |
| </table> |
| </dd></dl> |
| |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.errorhandler"> |
| <tt class="descname">errorhandler</tt><big>(</big><em>f</em><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.errorhandler" title="Permalink to this definition">¶</a></dt> |
| <dd><p>Called if an error occours with the message. By default |
| <tt class="docutils literal"><span class="pre">'openid_error'</span></tt> is added to the session so that <a title="flaskext.openid.OpenID.fetch_error" class="reference internal" href="#flaskext.openid.OpenID.fetch_error"><tt class="xref py py-meth docutils literal"><span class="pre">fetch_error()</span></tt></a> |
| can fetch that error from the session. Alternatively it makes sense |
| to directly flash the error for example:</p> |
| <div class="highlight-python"><div class="highlight"><pre><span class="nd">@oid.errorhandler</span> |
| <span class="k">def</span> <span class="nf">on_error</span><span class="p">(</span><span class="n">message</span><span class="p">):</span> |
| <span class="n">flash</span><span class="p">(</span><span class="s">u'Error: '</span> <span class="o">+</span> <span class="n">message</span><span class="p">)</span> |
| </pre></div> |
| </div> |
| </dd></dl> |
| |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.fetch_error"> |
| <tt class="descname">fetch_error</tt><big>(</big><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.fetch_error" title="Permalink to this definition">¶</a></dt> |
| <dd>Fetches the error from the session. This removes it from the |
| session and returns that error. This method is probably useless |
| if <a title="flaskext.openid.OpenID.errorhandler" class="reference internal" href="#flaskext.openid.OpenID.errorhandler"><tt class="xref py py-meth docutils literal"><span class="pre">errorhandler()</span></tt></a> is used.</dd></dl> |
| |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.get_current_url"> |
| <tt class="descname">get_current_url</tt><big>(</big><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.get_current_url" title="Permalink to this definition">¶</a></dt> |
| <dd>the current URL + next.</dd></dl> |
| |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.get_next_url"> |
| <tt class="descname">get_next_url</tt><big>(</big><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.get_next_url" title="Permalink to this definition">¶</a></dt> |
| <dd>Returns the URL where we want to redirect to. This will |
| always return a valid URL.</dd></dl> |
| |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.get_success_url"> |
| <tt class="descname">get_success_url</tt><big>(</big><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.get_success_url" title="Permalink to this definition">¶</a></dt> |
| <dd><p>Return the internal success URL.</p> |
| <table class="docutils field-list" frame="void" rules="none"> |
| <col class="field-name" /> |
| <col class="field-body" /> |
| <tbody valign="top"> |
| <tr class="field"><th class="field-name">Internal :</th><td class="field-body"></td> |
| </tr> |
| </tbody> |
| </table> |
| </dd></dl> |
| |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.loginhandler"> |
| <tt class="descname">loginhandler</tt><big>(</big><em>f</em><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.loginhandler" title="Permalink to this definition">¶</a></dt> |
| <dd>Marks a function as login handler. This decorator injects some |
| more OpenID required logic. Always decorate your login function with |
| this decorator.</dd></dl> |
| |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.signal_error"> |
| <tt class="descname">signal_error</tt><big>(</big><em>msg</em><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.signal_error" title="Permalink to this definition">¶</a></dt> |
| <dd>Signals an error. It does this by storing the message in the |
| session. Use <a title="flaskext.openid.OpenID.errorhandler" class="reference internal" href="#flaskext.openid.OpenID.errorhandler"><tt class="xref py py-meth docutils literal"><span class="pre">errorhandler()</span></tt></a> to this method.</dd></dl> |
| |
| <dl class="method"> |
| <dt id="flaskext.openid.OpenID.try_login"> |
| <tt class="descname">try_login</tt><big>(</big><em>identity_url</em>, <em>ask_for=None</em><big>)</big><a class="headerlink" href="#flaskext.openid.OpenID.try_login" title="Permalink to this definition">¶</a></dt> |
| <dd><p>This tries to login with the given identity URL. This function |
| must be called from the login_handler. The <cite>ask_for</cite> parameter can |
| be a set of values to be asked from the openid provider.</p> |
| <p>The following strings can be used in the <cite>ask_for</cite> parameter: |
| <tt class="docutils literal"><span class="pre">aim</span></tt>, <tt class="docutils literal"><span class="pre">blog</span></tt>, <tt class="docutils literal"><span class="pre">country</span></tt>, <tt class="docutils literal"><span class="pre">dob</span></tt> (date of birth), <tt class="docutils literal"><span class="pre">email</span></tt>, |
| <tt class="docutils literal"><span class="pre">fullname</span></tt>, <tt class="docutils literal"><span class="pre">gender</span></tt>, <tt class="docutils literal"><span class="pre">icq</span></tt>, <tt class="docutils literal"><span class="pre">image</span></tt>, <tt class="docutils literal"><span class="pre">jabber</span></tt>, <tt class="docutils literal"><span class="pre">language</span></tt>, |
| <tt class="docutils literal"><span class="pre">msn</span></tt>, <tt class="docutils literal"><span class="pre">nickname</span></tt>, <tt class="docutils literal"><span class="pre">phone</span></tt>, <tt class="docutils literal"><span class="pre">postcode</span></tt>, <tt class="docutils literal"><span class="pre">skype</span></tt>, |
| <tt class="docutils literal"><span class="pre">timezone</span></tt>, <tt class="docutils literal"><span class="pre">website</span></tt>, <tt class="docutils literal"><span class="pre">yahoo</span></tt></p> |
| </dd></dl> |
| |
| </dd></dl> |
| |
| <dl class="class"> |
| <dt id="flaskext.openid.OpenIDResponse"> |
| <em class="property">class </em><tt class="descclassname">flaskext.openid.</tt><tt class="descname">OpenIDResponse</tt><big>(</big><em>resp</em><big>)</big><a class="headerlink" href="#flaskext.openid.OpenIDResponse" title="Permalink to this definition">¶</a></dt> |
| <dd><p>Passed to the <cite>after_login</cite> function. Provides all the information |
| sent from the OpenID provider. The profile information has to be |
| requested from the server by passing a list of fields as <cite>ask_for</cite> to |
| the <a title="flaskext.openid.OpenID.try_login" class="reference internal" href="#flaskext.openid.OpenID.try_login"><tt class="xref py py-meth docutils literal"><span class="pre">try_login()</span></tt></a> function.</p> |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.aim"> |
| <tt class="descname">aim</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.aim" title="Permalink to this definition">¶</a></dt> |
| <dd>AIM messenger address as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.blog"> |
| <tt class="descname">blog</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.blog" title="Permalink to this definition">¶</a></dt> |
| <dd>URL of blog as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.country"> |
| <tt class="descname">country</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.country" title="Permalink to this definition">¶</a></dt> |
| <dd>the country of the user as specified by ISO3166</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.date_of_birth"> |
| <tt class="descname">date_of_birth</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.date_of_birth" title="Permalink to this definition">¶</a></dt> |
| <dd>date of birth as <a title="(in Python v2.7)" class="reference external" href="http://docs.python.org/dev/library/datetime.html#datetime.datetime"><tt class="xref py py-class docutils literal"><span class="pre">datetime</span></tt></a> object.</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.email"> |
| <tt class="descname">email</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.email" title="Permalink to this definition">¶</a></dt> |
| <dd>the email address of the user</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.fullname"> |
| <tt class="descname">fullname</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.fullname" title="Permalink to this definition">¶</a></dt> |
| <dd>the full name of the user</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.gender"> |
| <tt class="descname">gender</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.gender" title="Permalink to this definition">¶</a></dt> |
| <dd>the gender of the user (<tt class="docutils literal"><span class="pre">f</span></tt> for femail and <tt class="docutils literal"><span class="pre">m</span></tt> for male)</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.icq"> |
| <tt class="descname">icq</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.icq" title="Permalink to this definition">¶</a></dt> |
| <dd>icq messenger number as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.identity_url"> |
| <tt class="descname">identity_url</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.identity_url" title="Permalink to this definition">¶</a></dt> |
| <dd>the openid the user used for sign in</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.image"> |
| <tt class="descname">image</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.image" title="Permalink to this definition">¶</a></dt> |
| <dd>URL to profile image as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.jabber"> |
| <tt class="descname">jabber</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.jabber" title="Permalink to this definition">¶</a></dt> |
| <dd>jabber address as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.language"> |
| <tt class="descname">language</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.language" title="Permalink to this definition">¶</a></dt> |
| <dd>the user’s preferred language as specified by ISO639</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.month_of_birth"> |
| <tt class="descname">month_of_birth</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.month_of_birth" title="Permalink to this definition">¶</a></dt> |
| <dd>the month of birth of the user as integer (1 based)</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.msn"> |
| <tt class="descname">msn</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.msn" title="Permalink to this definition">¶</a></dt> |
| <dd>msn name as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.nickname"> |
| <tt class="descname">nickname</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.nickname" title="Permalink to this definition">¶</a></dt> |
| <dd>desired nickname of the user</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.phone"> |
| <tt class="descname">phone</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.phone" title="Permalink to this definition">¶</a></dt> |
| <dd>phone number of the user as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.postcode"> |
| <tt class="descname">postcode</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.postcode" title="Permalink to this definition">¶</a></dt> |
| <dd>free text that should conform to the user’s country’s postal system</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.skype"> |
| <tt class="descname">skype</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.skype" title="Permalink to this definition">¶</a></dt> |
| <dd>skype name as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.timezone"> |
| <tt class="descname">timezone</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.timezone" title="Permalink to this definition">¶</a></dt> |
| <dd>timezone string from the TimeZone database</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.website"> |
| <tt class="descname">website</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.website" title="Permalink to this definition">¶</a></dt> |
| <dd>URL of website as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.yahoo"> |
| <tt class="descname">yahoo</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.yahoo" title="Permalink to this definition">¶</a></dt> |
| <dd>yahoo messenger address as string</dd></dl> |
| |
| <dl class="attribute"> |
| <dt id="flaskext.openid.OpenIDResponse.year_of_birth"> |
| <tt class="descname">year_of_birth</tt><a class="headerlink" href="#flaskext.openid.OpenIDResponse.year_of_birth" title="Permalink to this definition">¶</a></dt> |
| <dd>the year of birth of the user as integer</dd></dl> |
| |
| </dd></dl> |
| |
| <dl class="data"> |
| <dt id="flaskext.openid.COMMON_PROVIDERS"> |
| <tt class="descclassname">flaskext.openid.</tt><tt class="descname">COMMON_PROVIDERS</tt><a class="headerlink" href="#flaskext.openid.COMMON_PROVIDERS" title="Permalink to this definition">¶</a></dt> |
| <dd>a dictionary of common provider name -> login URL mappings. This can |
| be used to implement “click button to login” functionality.</dd></dl> |
| |
| </div> |
| </div> |
| |
| |
| </div> |
| </div> |
| </div> |
| <div class="clearer"></div> |
| </div> |
| <a href="http://github.com/mitsuhiko/flask-openid"><img style="position: fixed; top: 0; right: 0; border: 0;" |
| src="http://s3.amazonaws.com/github/ribbons/forkme_right_darkblue_121621.png" alt="Fork me on GitHub" /></a> |
| |
| <div class="footer"> |
| © Copyright 2010, Armin Ronacher. |
| Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.0pre/d2ce667074ac. |
| </div> |
| </body> |
| </html> |