I have a simple site made with python (django). User registers, inputs some basic info and it stores it to mysql. User then is able to log in with his username/password which he created...
Now i want to add a flex application which will run once the user is logged in, but i dont want the user to have to log in twice (once into django, once into flex app). For the sake of learning i just want the flex app to also load some information from the mysql database, like the users firstname or something.
So my question is how would i go about passing session information into the flex app? Any info or guidance, or opinion would be great.
If your Python/DJango app uses cookies for tracking sessions; then you just have to make sure that your SWF is served off the same domain that the Python app is served from.
The Flash Player will pass the appropriate cookies to the remote server whenever it makes a call to that server. As long as your "Flash Call" exists in the same Application space on the server, it should have access to the same session variables available on the server.
If you want to validate the user has logged in before loading the SWF; just make a remote call from the SWF to the server side to validate that the session exists, and the user is appropriately logged in. Don't activate any of the controls in the app until you get confirmation from the server that the user is allowed to use the app.
Related
I am currently working on a site that is deployed on an AWS EC2 instance using Apache, Django, and mod_wsgi. I am trying to configure my Apache to use mod_authz_user and a python script for user validation following this tutorial but after implementing it, I get a 500 error when successfully logging into the server and the error logs show nothing except that there was an initial GET request for the home page of the site. The structure of my code follows the tutorial linked above pretty much to tea, so I'm not sure what could be going wrong. The site properly asks the user for the username and password, and I know for sure my authentication script is being called by Apache.
Technically, all I need is the HTTP_AUTHENTICATION head to be set for my Django application, so if I could somehow have the user enter in their credentials but not have Apache validate it (which leads to the 500 error) that would be great. In that case the HTTP_AUTHENTICATION header would be set because the user entered in the credentials and then my Django application could deal with the authentication from there.
For a bit more context, this site runs on an intranet and I am attempting to make it so that not just anybody can access the site internally in the company. Once the Windows user is passed into Django I will check the membership of the user against an AD group.
When logging out a user with Flask-Login, is there a way to log out all sessions that user may have (Ex: in different browsers, different devices, etc)?
Flask-Login stores user_id in Flask session which is client-side session, the data stores in cookie file in users browser. Hereby you can't delete cookies in all devices and browsers of the client.
Nevertheless you can use server-side sessions instead with the help e.g. Redis and Flask-Session extension for Flask. Server side session will solve problem with removing or manipulating (imagine admin gave or removed user's rights) user session simultaneously for any user's browser or device.
https://pythonhosted.org/Flask-Session/
As Artiom said in his answer, Flask-Login by default uses Flask session which is client side, and you won't be able to delete all those cookies from other clients.
However, there is a way to prevent other clients from logging in. Flask-Login relies on user_loader callback function to fetch the user from your cache, this function gets called on every HTTP request coming from the user's client.
What you can do is on logout, you delete this particular user from this cache. That way when any client (phone, other browser,etc..) used by this user try to access your page. Flask-Login won't find the user in the cache and will redirect them to the login page.
I have built a python script that sends users telegram notifications about things happening in their account on another service.
For this a user needs to specify API keys for said service so that my script can pull the required information.
Now currently, for a new user, I manually create a new folder on my VPS, create a new venv, a new settings file and run the application from a screen session named after the user. This is becoming tedious with 10+ users, especially with updates to the script.
I am currently building a flask based website, where users can log in and set their API keys and other parameters on a own dashboard.
What I want to achieve:
if user registers, a new entity of the script has to be created with a settings file next to it containing user information
the user should have the option to start/stop said application from the dashboard
if I release an update to the script I want to deploy it to all users at once and restart their script if it was running
basically the flask website should only act as a configuration dashboard/frontend for the script that runs on my server so that people don't need to have an own VPS or leave their private system running 24/7
How do I go about this? Is it "just" file handling, creating new folders and files from a blueprint after a user registers? Are there better practices?
I tried to find answers to that via google and the stackoverflow search but I did not find a specific recommendation for that usecase.
If anyone could point me towards a resource on that or even better an example somewhere I'd really appreciate it!
Thanks in advance.
You should have only one script and all the configurations saved into a database, then you need to dispatch some notification just pass the right parameters to the script.
Background info
I'm currently in the process of making a system that tracks work sessions, and the shifts done by people in those sessions. It will consist of a discord bot for alerts and responses to invites, a python app for initiating these sessions & invites, and eventually a rails web app for everything. Users will log on with their google accounts. MySQL database currently stores all the data.
Question
I want to make it so my python script (and eventually web app) users can log on using their Google accounts. What's the simplest use of OAuth2 to just get the user's email? The SQL database has their email and it would be nice to just have some simple call to the Google API that returns the email of the user, so I can cross-reference that with my user table to find which user is logging on.
Also...
This isn't just me being lazy and wanting someone else to give me the code for this project, I've actually done Google authentication before with accessing spreadsheets shared with users, however in this example I feel as though it could be simplified as I don't need access to any of the user's Google account, just which email they used to sign in, and I can't find a way myself.
I am trying to integrate ejabberd with django authentication. I am following instructions on: https://github.com/ffalcinelli/django-ejabberd-bridge
I have followed every step.
I have defined the path of the script for authentication
{auth_method, external}.
{extauth_program, "script.sh"}. ( I have defined full path here )
Script file's content is :
#!/bin/bash
source <path>/env/bin/activate
python <path>/manage.py ejabberd_auth $#
My Problem is that I want ejjaberd to maintain the state of every user ( online , offline , away etc ). I think that whenever a user will login ( or logout ), that data needs to be sent to ejjaberd server. I tried to login and logout, but these users are not registering at ejabberd ( localhost:5280/admin )
I have tried this command from console :
python manage.py ejabberd_auth $#
It should ask me username and password. In the log file there is only one log :
2015-08-03 08:11:05,791 [DEBUG] ejabberd_bridge.management.commands.ejabberd_auth: Starting serving authentication requests for eJabberd
How can I send the user data to ejabberd?
You are expecting too much feature from that authentication module.
django-ejabberd-bridge purpose is to let ejabberd check authentication against Django authentication middleware, as described in project README:
Right now it just allows the ejabberd service to perform
authentication against Django's authentication middleware.
This has nothing to do with changing presence for example. That bridge will be use in that worklow:
a user want to log in ejabberd using XMPP client
ejabberd use external auth, thus your script for Django bridge to check if user and credentials are valid.
ejabberd use the result of the script to either accept or reject the user authentication request.
That's it. Presence and user state is still managed as usual with XMPP. While XMPP session is open, user will be seen as online. When XMPP client disconnect, user will be seen as offline by ejabberd, etc.
The user database is not duplicated. It is kept in the backend service. That's also the reason why user cannot be listed from the web interface: ejabberd does not handle them.
If you want only the presence of the user state, the django-ejabberd-bridge can manage it. you can see the online users in the web admin interface http://localhost:5280/admin/server/localhost/online-users/. But in your point of registering the user, the django-ejabberd-bridge doesn't do that. If you want to register the user from django to XMPP, then you should query it with the javascript libraries like converse.js, strophe.js etc.
I haven't tried registering the user using converse.js. Strophe provide the plugin called strophe.register.js for registering the users.