'[fiNddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlmZdd lm Z dd lm Z d d l m Z d d l m Z d dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dl mZd dlmZd dlmZd dlmZd dlmZd dlmZd dlm Z d dlm!Z!d d l"m#Z#d d!l"m$Z$d d"l"m%Z%d d#l"m&Z&d d$l"m'Z'd d%l"m(Z)d d&l"m*Z*Gd'd(Z+d)S)*)datetime) timedelta)abort) current_app)flash)g)has_app_context)redirect)request)session)AUTH_HEADER_NAME)COOKIE_DURATION)COOKIE_HTTPONLY) COOKIE_NAME)COOKIE_SAMESITE) COOKIE_SECURE) ID_ATTRIBUTE) LOGIN_MESSAGE)LOGIN_MESSAGE_CATEGORY)REFRESH_MESSAGE)REFRESH_MESSAGE_CATEGORY) SESSION_KEYS)USE_SESSION_FOR_NEXT)AnonymousUserMixin)session_protected) user_accessed)user_loaded_from_cookie)user_loaded_from_request)user_needs_refresh)user_unauthorized)_create_identifier)_user_context_processor) decode_cookie) encode_cookie)expand_login_view) login_url)make_next_paramceZdZdZddZddZddZdZdZe d Z d Z e d Z d Z d ZdZdZddZdZdZdZdZdZdZdZdZe dZejdZdS) LoginManagerzThis object is used to hold the settings used for logging in. Instances of :class:`LoginManager` are *not* bound to specific apps, so you can create one in the main body of your code and then bind it to your app in a factory function. NTcnt|_d|_i|_t|_t |_d|_t|_ t|_ d|_ d|_d|_d|_t"|_d|_d|_d|_t,|_||||dSdS)Nbasic)ranonymous_user login_viewblueprint_login_viewsr login_messagerlogin_message_category refresh_viewrneeds_refresh_messagerneeds_refresh_message_categorysession_protectionlocalize_callbackunauthorized_callbackneeds_refresh_callbackr id_attribute_user_callback_header_callback_request_callbackr"_session_identifier_generatorinit_appselfappadd_context_processors M/var/www/piapp/venv/lib/python3.11/site-packages/flask_login/login_manager.py__init__zLoginManager.__init__1s1  &("+'=#!&5"/G+ #*"&%)"&*#(" $!%-?* ? MM#4 5 5 5 5 5 ?ctddl}|dtd|||dS)zl This method has been deprecated. Please use :meth:`LoginManager.init_app` instead. rNzY'setup_app' is deprecated and will be removed in Flask-Login 0.7. Use 'init_app' instead. stacklevel)warningswarnDeprecationWarningr>)r@rArBrJs rC setup_appzLoginManager.setup_appmsP   8     c011111rEc||_||j|r|tdSdS)a Configures an application. This registers an `after_request` call, and attaches this `LoginManager` to it as `app.login_manager`. :param app: The :class:`flask.Flask` object to configure. :type app: :class:`flask.Flask` :param add_context_processor: Whether to add a context processor to the app that adds a `current_user` variable to the template. Defaults to ``True``. :type add_context_processor: bool N) login_manager after_request_update_remember_cookiecontext_processorr#r?s rCr>zLoginManager.init_app|sP! $6777  ;  ! !"9 : : : : : ; ;rEctjtj|jr|St j|jvr|jt j}n|j}|std|j rQ|j /t| |j |j nt|j |j tj}|dt r]t#|}|t&d<t)|t jt&d<t-|}nt-|t j}t/|S)a This is called when the user is required to log in. If you register a callback with :meth:`LoginManager.unauthorized_handler`, then it will be called. Otherwise, it will take the following actions: - Flash :attr:`LoginManager.login_message` to the user. - If the app is using blueprints find the login view for the current blueprint using `blueprint_login_views`. If the app is not using blueprints or the login view for the current blueprint is not specified use the value of `login_view`. - Redirect the user to the login view. (The page they were attempting to access will be passed in the ``next`` query string variable, so you can redirect there if present instead of the homepage. Alternatively, it will be added to the session as ``next`` if USE_SESSION_FOR_NEXT is set.) If :attr:`LoginManager.login_view` is not defined, then it will simply raise a HTTP 401 (Unauthorized) error instead. This should be returned from a view or before/after_request function, otherwise the redirect will have no effect. Ncategoryr_idnextnext_url)r!sendr_get_current_objectr7r blueprintr/r.rr0r6rr1configgetrr&r=r r(urlmake_login_urlr )r@r.r^r' redirect_urls rC unauthorizedzLoginManager.unauthorizedsg2 {>@@AAA  % 0--// /   : : :3G4EFJJJ  #JJJ   P%1**4+=>>!8 d(43NOOOO# ::,.B C C L)*55I!??AAGEN-iEEGFO)*55LL)*w{KKKL %%%rEc||_|jS)a> This sets the callback for reloading a user from the session. The function you set should take a user ID (a ``str``) and return a user object, or ``None`` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable )r: user_callbackr@callbacks rC user_loaderzLoginManager.user_loaders'!!rEc|jS)z;Gets the user_loader callback set by user_loader decorator.)r:r@s rCrezLoginManager.user_callbacks ""rEc||_|jS)a= This sets the callback for loading a user from a Flask request. The function you set should take Flask request object and return a user object, or `None` if the user does not exist. :param callback: The callback for retrieving a user object. :type callback: callable )r<request_callbackrfs rCrequest_loaderzLoginManager.request_loaders"*$$rEc|jS)zAGets the request_loader callback set by request_loader decorator.)r<rjs rCrlzLoginManager.request_callbacks %%rEc||_|S)ab This will set the callback for the `unauthorized` method, which among other things is used by `login_required`. It takes no arguments, and should return a response to be sent to the user instead of their normal view. :param callback: The callback for unauthorized users. :type callback: callable )r7rfs rCunauthorized_handlerz!LoginManager.unauthorized_handlers&."rEc||_|S)ai This will set the callback for the `needs_refresh` method, which among other things is used by `fresh_login_required`. It takes no arguments, and should return a response to be sent to the user instead of their normal view. :param callback: The callback for unauthorized users. :type callback: callable )r8rfs rCneeds_refresh_handlerz"LoginManager.needs_refresh_handlers'/#rEctjtj|jr|S|jst d|jrQ|j/t||j|j nt|j|j tj }| dtrgt|j}|t d<t#|t$jt d<t)|j}n"|j}t)|t$j}t+|S)a This is called when the user is logged in, but they need to be reauthenticated because their session is stale. If you register a callback with `needs_refresh_handler`, then it will be called. Otherwise, it will take the following actions: - Flash :attr:`LoginManager.needs_refresh_message` to the user. - Redirect the user to :attr:`LoginManager.refresh_view`. (The page they were attempting to access will be passed in the ``next`` query string variable, so you can redirect there if present instead of the homepage.) If :attr:`LoginManager.refresh_view` is not defined, then it will simply raise a HTTP 401 (Unauthorized) error instead. This should be returned from a view or before/after_request function, otherwise the redirect will have no effect. rTNrUrrWrXrY)r r[rr\r8r2rr3r6rr4r^r_rr&r=r r(r r`rar )r@r^r'rbs rC needs_refreshzLoginManager.needs_refreshsY(  ? A ABBB  & 1..00 0   #JJJ  % %1**4+EFF!@ .!@ # ::,.B C C K)$*;<     !)rEcJ||}|t_dS)z!Store the given user as ctx.user.N)r-r _login_user)r@users rC!_update_request_context_with_userz.LoginManager._update_request_context_with_userOs% <&&((D rEc>|j|jtdtjt j|r|Sd}tj d}||j||}|t j }| dt}| dt}|tjvotj ddk}|r(tj|}||}nW|jr|t}n5|tjvr'tj|}||}||S)z;Loads user from session or remember_me cookie as applicableNznMissing user_loader or request_loader. Refer to http://flask-login.readthedocs.io/#how-it-works for more info._user_idREMEMBER_COOKIE_NAMEr _rememberclear)r:r< Exceptionrr[rr\_session_protection_failedrzr r_r^rrr cookies_load_user_from_remember_cookie_load_user_from_requestheaders_load_user_from_header) r@ryuser_idr^ cookie_name header_name has_cookiecookieheaders rC _load_userzLoginManager._load_userWs   &4+A+I!  ;:<<===  * * , , <99;; ;+j))  4#6#B&&w//D < 'F **%;[IIK **%79IJJKw.V7;{3K3Kw3V  ; 5;;FCC' ;33G<<// 5226::55d;;;rEctj}|}tj}|jd|j}|r|dvrdS|r||ddkr|dks|jr2|ddurd|d<tj |dS|dkr;tD]}| |dd|d <tj |d SdS) NSESSION_PROTECTION)r,strongFrWr,_freshrrr~T) r r\r=rr^r_r5 permanentrr[rpop)r@sessidentrAmodeks rCrz'LoginManager._session_protection_faileds*,,2244-//z~~2D4KLL t#6665  ETXXeT2222w$.88H%%U22%*DN!&s+++u!!%&&AHHQ%%%%$+[!!&s+++turEct|}|_|td<dtd<d}|jr||}|+tj}t j|||SdS)Nr|Frry)r$r r:rr\rr[)r@rrryrAs rCrz,LoginManager._load_user_from_remember_cookies''  ")GJ  %GH D" 4**733!577',St<<<< trEc|jrI||}|2tj}ddlm}||||SdS)Nr )_user_loaded_from_headerr)r;rr\signalsrr[)r@rryrArs rCrz#LoginManager._load_user_from_headersi   ((00D!577======(--c-=== trEc|jrB||}|+tj}tj|||SdS)Nr)r<rr\rr[)r@r ryrAs rCrz$LoginManager._load_user_from_requestsT  ! ))'22D!577(-c==== trEc&dtvr)tjdr dtd<dtvrUtjdd}|dkrdtvr||n|dkr|||S)Nr~$REMEMBER_COOKIE_REFRESH_EACH_REQUESTsetr|r)r rr^r_r _set_cookie _clear_cookie)r@response operations rCrQz$LoginManager._update_remember_cookies g % %+*<*@*@ 2+ + %$)GK ' ! ! K66IE!!jG&;&;  ****g%%""8,,,rEc tj}|dt}|d}|dd}|dt}|dt }|dt }dtvrttd } n|d t} tttd } t| trt| } tj| z} n%#t $r} t#d | | d} ~ wwxYw||| | ||||| dS)Nr}REMEMBER_COOKIE_DOMAINREMEMBER_COOKIE_PATH/REMEMBER_COOKIE_SECUREREMEMBER_COOKIE_HTTPONLYREMEMBER_COOKIE_SAMESITE_remember_seconds)secondsREMEMBER_COOKIE_DURATIONr|zDREMEMBER_COOKIE_DURATION must be a datetime.timedelta, instead got: )valueexpiresdomainpathsecurehttponlysamesite)rr^r_rrrrr rrr%str isinstanceintrutcnow TypeErrorr set_cookie) r@rr^rrrrrrdurationdatares rCrzLoginManager._set_cookies#jj!7EE 455zz0#664mDD::8/JJ::8/JJ ' ) ) 1D)EFFFHHzz"rcrhpropertyrermrlrprrrtrvrzrrrrrrQrrrsetterrErCr*r**s :6:6:6:6x 2 2 2 2;;;;$8&8&8&t " " "##X# % % %&&X&      2&2&2&h.(<(<(rs!!!!!!$$$$$$##################!!!!!! !!!!!!******######,,,,,, ((((((&&&&&&&&&&&&"""""",,,,,,------''''''&&&&&&%%%%%%****** $$$$$$......""""""u8u8u8u8u8u8u8u8u8u8rE