add more oauth providers, really authenticate

This commit is contained in:
Matthew Scragg 2015-10-21 17:34:20 -05:00
parent 4375db4f8c
commit c92cc46db2
4 changed files with 54 additions and 13 deletions

View file

@ -33,7 +33,7 @@ class Auth(object):
# TODO be dynamic # TODO be dynamic
for t in ['local', 'ldap', 'oauth']: for t in ['local', 'ldap', 'oauth']:
forms.append(Auth.get_auth_user(t).login_form()) forms.append(Auth.get_auth_user(t).login_form())
return forms return "<hr />".join(forms)
class AnonUser(AnonymousUserMixin): class AnonUser(AnonymousUserMixin):
@ -61,6 +61,9 @@ class BaseUser(UserMixin):
@property @property
def avatar(self): def avatar(self):
if not self.email:
# TODO return default avatar
return ""
return gravatar_url(self.email) return gravatar_url(self.email)
@staticmethod @staticmethod

View file

@ -16,7 +16,10 @@ providers = {
access_token_url='https://api.twitter.com/oauth/access_token', access_token_url='https://api.twitter.com/oauth/access_token',
authorize_url='https://api.twitter.com/oauth/authenticate', authorize_url='https://api.twitter.com/oauth/authenticate',
access_token_method='GET'), access_token_method='GET'),
'button': '<a href="/login/oauth/twitter" class="btn btn-default"><i class="fa fa-twitter"></i> Twitter</a>' 'button': '<a href="/login/oauth/twitter" class="btn btn-default"><i class="fa fa-twitter"></i> Twitter</a>',
'field_map': {
'username': 'screen_name'
}
}, },
'github': { 'github': {
'oauth': dict( 'oauth': dict(
@ -27,6 +30,30 @@ providers = {
access_token_url='https://github.com/login/oauth/access_token', access_token_url='https://github.com/login/oauth/access_token',
authorize_url='https://github.com/login/oauth/authorize'), authorize_url='https://github.com/login/oauth/authorize'),
'button': '<a href="/login/oauth/github" class="btn btn-default"><i class="fa fa-github"></i> Github</a>' 'button': '<a href="/login/oauth/github" class="btn btn-default"><i class="fa fa-github"></i> Github</a>'
},
'facebook': {
'oauth': dict(
request_token_params={'scope': 'email'},
base_url='https://graph.facebook.com',
request_token_url=None,
access_token_url='/oauth/access_token',
access_token_method='GET',
authorize_url='https://www.facebook.com/dialog/oauth'
),
'button': '<a href="/login/oauth/github" class="btn btn-default"><i class="fa fa-faceboook"></i> Facebook</a>'
},
'google': {
'oauth': dict(
request_token_params={
'scope': 'https://www.googleapis.com/auth/userinfo.email'
},
base_url='https://www.googleapis.com/oauth2/v1/',
request_token_url=None,
access_token_method='POST',
access_token_url='https://accounts.google.com/o/oauth2/token',
authorize_url='https://accounts.google.com/o/oauth2/auth',
),
'button': '<a href="/login/oauth/google" class="btn btn-default"><i class="fa fa-google"></i> Google</a>'
} }
} }
@ -40,6 +67,7 @@ class User(BaseUser):
self.username = username self.username = username
self.id = username self.id = username
self.token = token self.token = token
self.auth_id = "%s-%s" % (provider, username)
@property @property
def auth_token_id(self): def auth_token_id(self):
@ -54,9 +82,18 @@ class User(BaseUser):
return users.get(user_id) return users.get(user_id)
@staticmethod @staticmethod
def auth(username, provider, token): def auth(provider, resp):
user = User(provider, username, User.hash_password(token)) field_map = providers.get(provider).get('field_map')
users[user.id] = user if not field_map:
raise NotImplementedError
fields = {}
for k, v in field_map.items():
fields[k] = resp[v]
user = User(provider, fields['username'], User.hash_password(resp['oauth_token']))
users[user.auth_id] = user
if user: if user:
login_user(user, remember=True) login_user(user, remember=True)
return True return True
@ -75,12 +112,14 @@ class User(BaseUser):
**providers[provider]['oauth']) **providers[provider]['oauth'])
def get_id(self): def get_id(self):
return unicode("%s/%s/%s" % (self.type, self.provider, self.id)) return unicode("%s/%s" % (self.type, self.auth_id))
@staticmethod @staticmethod
def login_form(): def login_form():
buttons = [] buttons = []
for k, v in providers.items(): for name, val in providers.items():
buttons.append(v.get('button')) if not config.OAUTH.get(name, {}).get('key') or not config.OAUTH.get(name, {}).get('secret'):
continue
buttons.append(val.get('button'))
return " ".join(buttons) return "<h4>Social Login</h4>" + " ".join(buttons)

View file

@ -33,4 +33,6 @@ def callback(provider):
resp['oauth_token_secret'] resp['oauth_token_secret']
) )
User.auth(provider, resp)
return redirect(next_url) return redirect(next_url)

View file

@ -1,7 +1,4 @@
{% extends 'layout.html' %} {% extends 'layout.html' %}
{% block body %} {% block body %}
{% for form in forms %} {{ forms|safe }}
{{ form|safe }}
<hr />
{% endfor %}
{% endblock %} {% endblock %}