oauth work

This commit is contained in:
Matthew Scragg 2015-10-15 17:36:47 -05:00
parent e9709b6c8f
commit a0124baf1d
4 changed files with 66 additions and 28 deletions

View file

@ -193,4 +193,4 @@ if ENV != "DEV":
ASSETS_DEBUG = False
SQLALCHEMY_ECHO = False
MODULES = ['wiki', 'search', 'auth', 'auth.local', 'auth.oauth', 'auth.ldap']
MODULES = ['wiki', 'search', 'auth', 'auth.local', 'auth.oauth', 'auth.ldap', 'auth.oauth']

View file

@ -67,18 +67,6 @@ class BaseUser(UserMixin):
def load_user(*args, **kwargs):
raise NotImplementedError
@staticmethod
def create(*args, **kwargs):
pass
@staticmethod
def get_by_username(username):
pass
@staticmethod
def get_by_email(email):
pass
@staticmethod
def signer(salt):
return URLSafeSerializer(current_app.config['SECRET_KEY'] + salt)

View file

@ -1,5 +1,6 @@
from flask import render_template
from flask_login import login_user
from flask_oauthlib.client import OAuth
from realms import config
from ..models import BaseUser
@ -10,23 +11,66 @@ users = {}
providers = {
'twitter': {
'oauth': dict(
base_url='https://api.twitter.com/1/',
base_url='https://api.twitter.com/1.1/',
request_token_url='https://api.twitter.com/oauth/request_token',
access_token_url='https://api.twitter.com/oauth/access_token',
authorize_url='https://api.twitter.com/oauth/authenticate')
authorize_url='https://api.twitter.com/oauth/authenticate',
access_token_method='GET'),
'button': '<a href="/login/oauth/twitter" class="btn btn-default"><i class="fa fa-twitter"></i> Twitter</a>'
}
}
class User(BaseUser):
type = 'oauth'
provider = None
def __init__(self, provider, username, token):
self.provider = provider
self.username = username
self.id = username
self.token = token
@property
def auth_token_id(self):
return self.token
@staticmethod
def load_user(*args, **kwargs):
return User.get_by_id(args[0])
@staticmethod
def get_by_id(user_id):
return users.get(user_id)
@staticmethod
def auth(username, provider, token):
user = User(provider, username, User.hash_password(token))
users[user.id] = user
if user:
login_user(user, remember=True)
return True
else:
return False
@classmethod
def get_app(cls, provider):
return oauth.remote_app(provider,
consumer_key=config.OAUTH.get(provider, {}).get('key'),
consumer_secret=config.OAUTH.get(provider, {}).get('secret'),
**providers[provider]['oauth'])
if oauth.remote_apps.get(provider):
return oauth.remote_apps.get(provider)
return oauth.remote_app(
provider,
consumer_key=config.OAUTH.get(provider, {}).get('key'),
consumer_secret=config.OAUTH.get(provider, {}).get(
'secret'),
**providers[provider]['oauth'])
def get_id(self):
return unicode("%s/%s/%s" % (self.type, self.provider, self.id))
@staticmethod
def login_form():
pass
buttons = ''
for k, v in providers.items():
buttons += v.get('button')
return buttons

View file

@ -10,17 +10,23 @@ def oauth_failed(next_url):
@blueprint.route("/login/oauth/<provider>")
def oauth_login(provider):
return User.get_app(provider).authorize(callback=url_for('oauth_callback', provider=provider,
next=request.args.get('next') or request.referrer or None))
def login(provider):
return User.get_app(provider).authorize(callback=url_for('auth.oauth.callback', provider=provider))
@blueprint.route('/login/oauth/<provider>/callback')
def oauth_callback(provider):
def callback(provider):
next_url = request.args.get('next') or url_for('index')
resp = User.get_app(provider).authorized_response()
if resp is None:
return oauth_failed(next_url)
try:
resp = User.get_app(provider).authorized_response()
if resp is None:
flash('You denied the request to sign in.', 'error')
flash('Reason: ' + request.args['error_reason'] +
' ' + request.args['error_description'], 'error')
return redirect(next_url)
except Exception as e:
flash('Access denied: %s' % e.message)
return redirect(next_url)
session[provider + '_token'] = (
resp['oauth_token'],