linotp.controllers.selfservice module

selfservice controller - This is the controller for the self service interface,

where users can manage their own tokens

class linotp.controllers.selfservice.SelfserviceController(name, install_name='', **kwargs)

Bases: BaseController

after_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.AfterRequestCallable]]

A data structure of functions to call at the end of each request, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the after_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

assign()

GET, POST /selfservice/assign

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form the user may assign an already existing Token to himself. For this, the user needs to know the serial number of the Token.

authUser = None
before_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.BeforeRequestCallable]]

A data structure of functions to call at the beginning of each request, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the before_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

custom_style()

GET, POST /selfservice/custom_style

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In case the user hasn’t defined a custom css, Pylons calls this action. Return an empty file instead of a 404 (which would mean hitting the debug console)

default_url_prefix = '/selfservice-legacy'

Suggested URL to access this controller.

The URL at which this controller will be available depends on a number of factors. These are, in order of priority: 1. Any explicit path in the

settings ENABLE_CONTROLLER or DISABLE_CONTROLLER = ControllerName:PATH

  1. The controller’s base_url_prefix setting

  2. The name of the controller

deferred_functions: t.List[DeferredSetupFunction]
delete()

GET, POST /selfservice/delete

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form the user may select a token of his own and delete this token.

disable()

GET, POST /selfservice/disable

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form the user may select a token of his own and disable this token.

enable()

GET, POST /selfservice/enable

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form the user may select a token of his own and enable this token.

error_handler_spec: t.Dict[ft.AppOrBlueprintKey, t.Dict[t.Optional[int], t.Dict[t.Type[Exception], ft.ErrorHandlerCallable]]]

A data structure of registered error handlers, in the format {scope: {code: {class: handler}}}. The scope key is the name of a blueprint the handlers are active for, or None for all requests. The code key is the HTTP status code for HTTPException, or None for other exceptions. The innermost dictionary maps exception classes to handler functions.

To register an error handler, use the errorhandler() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

form_access_methods = ['assign', 'custom_style', 'delete', 'disable', 'enable', 'getotp', 'history', 'index', 'landing', 'load_form', 'reset', 'resync', 'setmpin', 'setpin', 'unassign', 'webprovisiongoogletoken', 'webprovisionoathtoken']
getotp()

GET, POST /selfservice/getotp

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form, the user can retrieve OTP values

history()

GET, POST /selfservice/history

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

This is the form to display the history table for the user

index()

GET, POST /selfservice/index

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

This is the redirect to the first template

jwt_exempt = True
landing()

GET, POST /selfservice/landing

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

This is the landing page for selfservice

load_form()

GET, POST /selfservice/load_form

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

This shows the enrollment form for a requested token type.

implicit parameters are:

Parameters:

  • type – token type

  • scope – defines the rendering scope

Returns:

rendered html of the requested token

login()

GET, POST /selfservice/login

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

render the selfservice login page

logout()

GET, POST /selfservice/logout

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

handle the logout

we delete the cookies from the server and the client and redirect to the login page

name: str
reset()

GET, POST /selfservice/reset

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form the user can reset the Failcounter of the Token.

resync()

GET, POST /selfservice/resync

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form, the user can resync an HMAC based OTP token by providing two OTP values

setmpin()

GET, POST /selfservice/setmpin

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form the user my set the PIN for his mOTP application soft token on his phone. This is the pin, he needs to enter on his phone, before a otp value will be generated.

setpin()

GET, POST /selfservice/setpin

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form the user may set the OTP PIN, which is the static password he enters when logging in in front of the otp value.

teardown_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.TeardownCallable]]

A data structure of functions to call at the end of each request even if an exception is raised, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the teardown_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

template_context_processors: t.Dict[ft.AppOrBlueprintKey, t.List[ft.TemplateContextProcessorCallable]]

A data structure of functions to call to pass extra context values when rendering templates, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the context_processor() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

unassign()

GET, POST /selfservice/unassign

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

In this form the user may select a token of his own and unassign this token.

url_default_functions: t.Dict[ft.AppOrBlueprintKey, t.List[ft.URLDefaultCallable]]

A data structure of functions to call to modify the keyword arguments when generating URLs, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the url_defaults() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

url_value_preprocessors: t.Dict[ft.AppOrBlueprintKey, t.List[ft.URLValuePreprocessorCallable]]

A data structure of functions to call to modify the keyword arguments passed to the view function, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the url_value_preprocessor() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

usertokenlist()

GET, POST /selfservice/usertokenlist

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

This returns a tokenlist as html output

view_functions: t.Dict[str, t.Callable]

A dictionary mapping endpoint names to view functions.

To register a view function, use the route() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

webprovisiongoogletoken()

GET, POST /selfservice/webprovisiongoogletoken

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

This is the form for an google token to do web provisioning.

webprovisionoathtoken()

GET, POST /selfservice/webprovisionoathtoken

Deprecated since version 3.2: Requests using HTTP POST method (because it is only reading data). This endpoint will only be available via HTTP GET method in the future.

This is the form for an oathtoken to do web provisioning.