2014-10-22 00:06:27 +03:00
|
|
|
from flask import current_app
|
2014-08-30 18:06:12 +03:00
|
|
|
from flask.ext.login import UserMixin, logout_user, login_user, AnonymousUserMixin
|
2015-10-14 06:52:30 +03:00
|
|
|
from realms import login_manager
|
2014-08-30 18:06:12 +03:00
|
|
|
from realms.lib.util import gravatar_url
|
2014-08-20 18:28:25 +03:00
|
|
|
from itsdangerous import URLSafeSerializer, BadSignature
|
|
|
|
from hashlib import sha256
|
|
|
|
import bcrypt
|
2015-10-14 06:52:30 +03:00
|
|
|
import importlib
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
|
|
|
|
@login_manager.user_loader
|
2015-10-14 06:52:30 +03:00
|
|
|
def load_user(auth_id):
|
|
|
|
return Auth.load_user(auth_id)
|
2014-08-20 18:28:25 +03:00
|
|
|
|
2015-10-14 06:52:30 +03:00
|
|
|
auth_users = {}
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
|
2015-10-14 06:52:30 +03:00
|
|
|
class Auth(object):
|
2014-08-20 18:28:25 +03:00
|
|
|
|
2015-10-14 06:52:30 +03:00
|
|
|
@staticmethod
|
|
|
|
def get_auth_user(auth_type):
|
|
|
|
print auth_type
|
|
|
|
mod = importlib.import_module('realms.modules.auth.%s.models' % auth_type)
|
|
|
|
return mod.User
|
2014-08-20 18:28:25 +03:00
|
|
|
|
2015-10-14 06:52:30 +03:00
|
|
|
@staticmethod
|
|
|
|
def load_user(auth_id):
|
|
|
|
print auth_id
|
|
|
|
auth_type, user_id = auth_id.split("/")
|
|
|
|
return Auth.get_auth_user(auth_type).load_user(user_id)
|
2014-08-20 18:28:25 +03:00
|
|
|
|
2015-10-14 06:52:30 +03:00
|
|
|
@staticmethod
|
|
|
|
def login_forms():
|
|
|
|
forms = []
|
|
|
|
# TODO be dynamic
|
|
|
|
for t in ['local']:
|
|
|
|
forms.append(Auth.get_auth_user(t).login_form())
|
|
|
|
return forms
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
|
2014-08-30 18:06:12 +03:00
|
|
|
class AnonUser(AnonymousUserMixin):
|
|
|
|
username = 'Anon'
|
|
|
|
email = ''
|
2014-09-04 05:29:47 +03:00
|
|
|
admin = False
|
2014-08-30 18:06:12 +03:00
|
|
|
|
2014-08-20 18:28:25 +03:00
|
|
|
|
2015-10-14 06:52:30 +03:00
|
|
|
class BaseUser(UserMixin):
|
|
|
|
id = None
|
|
|
|
email = None
|
|
|
|
username = None
|
|
|
|
type = 'base'
|
2014-08-20 18:28:25 +03:00
|
|
|
|
2015-10-14 06:52:30 +03:00
|
|
|
def get_id(self):
|
|
|
|
return unicode("%s/%s" % (self.type, self.id))
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
def get_auth_token(self):
|
2015-10-14 06:52:30 +03:00
|
|
|
key = sha256(self.auth_token_id).hexdigest()
|
|
|
|
return BaseUser.signer(key).dumps(dict(id=self.id))
|
|
|
|
|
|
|
|
@property
|
|
|
|
def auth_token_id(self):
|
|
|
|
raise NotImplementedError
|
2014-08-30 18:06:12 +03:00
|
|
|
|
|
|
|
@property
|
|
|
|
def avatar(self):
|
|
|
|
return gravatar_url(self.email)
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
@staticmethod
|
2015-10-14 06:52:30 +03:00
|
|
|
def load_user(*args, **kwargs):
|
|
|
|
raise NotImplementedError
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def create(*args, **kwargs):
|
|
|
|
pass
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
@staticmethod
|
2014-08-30 18:06:12 +03:00
|
|
|
def get_by_username(username):
|
2015-10-14 06:52:30 +03:00
|
|
|
pass
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
@staticmethod
|
2014-08-30 18:06:12 +03:00
|
|
|
def get_by_email(email):
|
2015-10-14 06:52:30 +03:00
|
|
|
pass
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
@staticmethod
|
2014-08-30 18:06:12 +03:00
|
|
|
def signer(salt):
|
2014-10-22 00:06:27 +03:00
|
|
|
return URLSafeSerializer(current_app.config['SECRET_KEY'] + salt)
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def auth(email, password):
|
2015-10-14 06:52:30 +03:00
|
|
|
raise NotImplementedError()
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
@staticmethod
|
2014-08-30 18:06:12 +03:00
|
|
|
def hash_password(password):
|
|
|
|
return bcrypt.hashpw(password.encode('utf-8'), bcrypt.gensalt(12))
|
|
|
|
|
|
|
|
@staticmethod
|
|
|
|
def check_password(password, hashed):
|
|
|
|
return bcrypt.hashpw(password.encode('utf-8'), hashed.encode('utf-8')) == hashed
|
2014-08-20 18:28:25 +03:00
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def logout(cls):
|
|
|
|
logout_user()
|
|
|
|
|
2015-10-14 06:52:30 +03:00
|
|
|
@staticmethod
|
|
|
|
def login_form():
|
|
|
|
pass
|
|
|
|
|
2014-11-17 19:25:26 +02:00
|
|
|
login_manager.anonymous_user = AnonUser
|