from flask import Flask, render_template, session, request, abort, g import requests app = Flask(__name__) app.config.update( DEBUG=True, SECRET_KEY='my development key', PERSONA_JS='https://login.persona.org/include.js', PERSONA_VERIFIER='https://verifier.login.persona.org/verify', ) app.config.from_envvar('PERSONA_SETTINGS', silent=True) @app.before_request def get_current_user(): g.user = None email = session.get('email') if email is not None: g.user = email @app.route('/') def index(): """Just a generic index page to show.""" return render_template('index.html') @app.route('/_auth/login', methods=['GET', 'POST']) def login_handler(): """This is used by the persona.js file to kick off the verification securely from the server side. If all is okay the email address is remembered on the server. """ resp = requests.post(app.config['PERSONA_VERIFIER'], data={ 'assertion': request.form['assertion'], 'audience': request.host_url, }, verify=True) if resp.ok: verification_data = resp.json() if verification_data['status'] == 'okay': session['email'] = verification_data['email'] return 'OK' abort(400) @app.route('/_auth/logout', methods=['POST']) def logout_handler(): """This is what persona.js will call to sign the user out again. """ session.clear() return 'OK' if __name__ == '__main__': app.run()