def get(self):
resp = make_response(redirect('/login/'))
session.pop('username', None)
session.pop('nickname', None)
session.pop('description', None)
session.pop('avatar', None)
session.pop('status', None)
session.pop('usergroup', None)
session.pop('token', None)
resp.set_cookie('docklet-jupyter-cookie', '', expires=0)
return resp
python类pop()的实例源码
def not_authorized(error):
if "username" in session:
if "401" in session:
reason = session['401']
session.pop('401', None)
if (reason == 'Token Expired'):
return redirect('/logout/')
return render_template('error/401.html', mysession = session)
else:
return redirect('/login/')
def logout():
session.pop('user')
return redirect(url_for("for_login"))
def logout():
log_action(session['uid'], 3)
session.pop('logged_in', None)
session.pop('uid', None)
session.pop('priv', None)
session.pop('username', None)
flash('You were just logged out.')
return redirect(url_for('home'))
#
# CHANGE PASSWORD PAGE
#
def logout():
"""Logout handler.
Ends the client session and deletes the session ID from the database.
Returns:
JSON formatted output describing success.
"""
log.debug("Entering logout, attempting to end session.")
fe.delete_login_id(escape(session['logged_in']))
session.pop('logged_in', None)
log.debug("Returning to user.")
return jsonify({ "logout": "success" })
def sign_out():
# remove the token from the session if it's there
session.pop('access_token', None)
return redirect(url_for('index'))
def logout():
login_session.pop('user_id', None)
login_session.pop('access_token', None)
flash("Logged out!")
return redirect(url_for('show_home'))
def get(self):
if "userID" not in session:
return jsonify({"loggedIn": False})
user = db.user.find_one({"_id": session["userID"]})
if user is None:
session.pop("userID")
return jsonify({"loggedIn": False})
return jsonify({ "loggedIn": True, "user": user })
def delete(self):
if "userID" not in session:
abort(404)
session.pop("userID")
return jsonify({"result": True})
def post(self):
parser = reqparse.RequestParser()
parser.add_argument("problemID", type=str, required=True, location="json")
parser.add_argument("userID", type=str, required=True, location="json")
parser.add_argument("file", type=FileStorage, required=True, location="files")
entry = parser.parse_args()
try:
if db.problem.find_one({"_id": ObjectId(entry['problemID'])}) == None:
abort(400)
if db.user.find_one({"_id": entry['userID']}) == None:
abort(400)
except:
abort(400)
problemName = db.problem.find_one({"_id": ObjectId(entry['problemID'])})['name']
gradingFilePath = os.path.join(os.path.join(PROBLEMS_DIR, problemName.lower()), GRADING_SCRIPT)
command = "python3 "+gradingFilePath+" \""+entry["file"].stream+"\""
gradingOutput = subprocess.Popen(shlex.split(command.replace('\\','/')), stdout=subprocess.PIPE).communicate()[0]
structuredGradingOutput = json.loads(gradingOutput)
status_code = None
if "score" in structuredGradingOutput:
entry["score"] = structuredGradingOutput["score"]
entry.pop("file")
db.entry.insert_one(entry)
status_code = 201
else:
status_code = 400
return jsonify(structuredGradingOutput, status=status_code)
def check_csrf_protection():
"""Make sure POST requests are sent with a CSRF token unless they're part of the API.
In the future we might want to think about a system where we can disable CSRF protection
on a per-view basis, maybe with a decorator.
"""
if request.method == 'POST':
token = session.pop('_csrf_token', None)
if not token or token != request.form.get('_csrf_token'):
abort(403)
def _get_flow_for_token(csrf_token):
"""Retrieves the flow instance associated with a given CSRF token from
the Flask session."""
flow_pickle = session.pop(
_FLOW_KEY.format(csrf_token), None)
if flow_pickle is None:
return None
else:
return pickle.loads(flow_pickle)
def _make_flow(self, return_url=None, **kwargs):
"""Creates a Web Server Flow"""
# Generate a CSRF token to prevent malicious requests.
csrf_token = hashlib.sha256(os.urandom(1024)).hexdigest()
session[_CSRF_KEY] = csrf_token
state = json.dumps({
'csrf_token': csrf_token,
'return_url': return_url
})
kw = self.flow_kwargs.copy()
kw.update(kwargs)
extra_scopes = kw.pop('scopes', [])
scopes = set(self.scopes).union(set(extra_scopes))
flow = client.OAuth2WebServerFlow(
client_id=self.client_id,
client_secret=self.client_secret,
scope=scopes,
state=state,
redirect_uri=url_for('oauth2.callback', _external=True),
**kw)
flow_key = _FLOW_KEY.format(csrf_token)
session[flow_key] = pickle.dumps(flow)
return flow
def logout():
"""Log out the user from the application.
Log out the user from the application by removing them from the
session. Note: this does not log the user out of Facebook - this is done
by the JavaScript SDK.
"""
session.pop('user', None)
return redirect(url_for('index'))
def sign_out():
session.pop('is_login', None)
session.pop('user_profile', None)
return redirect('/')
def csrf_protect():
if request.method == "POST":
token = session.pop('_csrf_token', None)
request_token = request.form.get('_csrf_token')
if not token or token != request_token:
abort(403)
def logout():
"""View function for logout."""
# Remove the username from the cookie.
# session.pop('username', None)
# Using the Flask-Login to processing and check the logout status for user.
logout_user()
identity_changed.send(
current_app._get_current_object(),
identity=AnonymousIdentity())
flash("You have been logged out.", category="success")
return redirect(url_for('main.login'))
def csrf_protect():
if request.method == 'POST':
token = session.pop('_csrf_token', None)
if not token or token != request.form.get('_csrf_token'):
abort(403)
if '_csrf_token' not in session:
session['_csrf_token'] = str(uuid.uuid4())
def restrict_to_admin_users():
g.user = None
if 'user' in session:
g.user = User.get_by_id(session['user'])
if not g.user or not g.user.is_admin:
session.pop('user', None)
abort(403)
def csrf_protect():
if request.method == 'POST':
token = session.pop('_csrf_token', None)
if not token or token != request.form.get('_csrf_token'):
abort(403)
if '_csrf_token' not in session:
session['_csrf_token'] = str(uuid.uuid4())
