add more oauth providers, really authenticate
This commit is contained in:
parent
4375db4f8c
commit
c92cc46db2
|
@ -33,7 +33,7 @@ class Auth(object):
|
||||||
# TODO be dynamic
|
# TODO be dynamic
|
||||||
for t in ['local', 'ldap', 'oauth']:
|
for t in ['local', 'ldap', 'oauth']:
|
||||||
forms.append(Auth.get_auth_user(t).login_form())
|
forms.append(Auth.get_auth_user(t).login_form())
|
||||||
return forms
|
return "<hr />".join(forms)
|
||||||
|
|
||||||
|
|
||||||
class AnonUser(AnonymousUserMixin):
|
class AnonUser(AnonymousUserMixin):
|
||||||
|
@ -61,6 +61,9 @@ class BaseUser(UserMixin):
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def avatar(self):
|
def avatar(self):
|
||||||
|
if not self.email:
|
||||||
|
# TODO return default avatar
|
||||||
|
return ""
|
||||||
return gravatar_url(self.email)
|
return gravatar_url(self.email)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
|
|
@ -16,7 +16,10 @@ providers = {
|
||||||
access_token_url='https://api.twitter.com/oauth/access_token',
|
access_token_url='https://api.twitter.com/oauth/access_token',
|
||||||
authorize_url='https://api.twitter.com/oauth/authenticate',
|
authorize_url='https://api.twitter.com/oauth/authenticate',
|
||||||
access_token_method='GET'),
|
access_token_method='GET'),
|
||||||
'button': '<a href="/login/oauth/twitter" class="btn btn-default"><i class="fa fa-twitter"></i> Twitter</a>'
|
'button': '<a href="/login/oauth/twitter" class="btn btn-default"><i class="fa fa-twitter"></i> Twitter</a>',
|
||||||
|
'field_map': {
|
||||||
|
'username': 'screen_name'
|
||||||
|
}
|
||||||
},
|
},
|
||||||
'github': {
|
'github': {
|
||||||
'oauth': dict(
|
'oauth': dict(
|
||||||
|
@ -27,6 +30,30 @@ providers = {
|
||||||
access_token_url='https://github.com/login/oauth/access_token',
|
access_token_url='https://github.com/login/oauth/access_token',
|
||||||
authorize_url='https://github.com/login/oauth/authorize'),
|
authorize_url='https://github.com/login/oauth/authorize'),
|
||||||
'button': '<a href="/login/oauth/github" class="btn btn-default"><i class="fa fa-github"></i> Github</a>'
|
'button': '<a href="/login/oauth/github" class="btn btn-default"><i class="fa fa-github"></i> Github</a>'
|
||||||
|
},
|
||||||
|
'facebook': {
|
||||||
|
'oauth': dict(
|
||||||
|
request_token_params={'scope': 'email'},
|
||||||
|
base_url='https://graph.facebook.com',
|
||||||
|
request_token_url=None,
|
||||||
|
access_token_url='/oauth/access_token',
|
||||||
|
access_token_method='GET',
|
||||||
|
authorize_url='https://www.facebook.com/dialog/oauth'
|
||||||
|
),
|
||||||
|
'button': '<a href="/login/oauth/github" class="btn btn-default"><i class="fa fa-faceboook"></i> Facebook</a>'
|
||||||
|
},
|
||||||
|
'google': {
|
||||||
|
'oauth': dict(
|
||||||
|
request_token_params={
|
||||||
|
'scope': 'https://www.googleapis.com/auth/userinfo.email'
|
||||||
|
},
|
||||||
|
base_url='https://www.googleapis.com/oauth2/v1/',
|
||||||
|
request_token_url=None,
|
||||||
|
access_token_method='POST',
|
||||||
|
access_token_url='https://accounts.google.com/o/oauth2/token',
|
||||||
|
authorize_url='https://accounts.google.com/o/oauth2/auth',
|
||||||
|
),
|
||||||
|
'button': '<a href="/login/oauth/google" class="btn btn-default"><i class="fa fa-google"></i> Google</a>'
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -40,6 +67,7 @@ class User(BaseUser):
|
||||||
self.username = username
|
self.username = username
|
||||||
self.id = username
|
self.id = username
|
||||||
self.token = token
|
self.token = token
|
||||||
|
self.auth_id = "%s-%s" % (provider, username)
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def auth_token_id(self):
|
def auth_token_id(self):
|
||||||
|
@ -54,9 +82,18 @@ class User(BaseUser):
|
||||||
return users.get(user_id)
|
return users.get(user_id)
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def auth(username, provider, token):
|
def auth(provider, resp):
|
||||||
user = User(provider, username, User.hash_password(token))
|
field_map = providers.get(provider).get('field_map')
|
||||||
users[user.id] = user
|
if not field_map:
|
||||||
|
raise NotImplementedError
|
||||||
|
|
||||||
|
fields = {}
|
||||||
|
for k, v in field_map.items():
|
||||||
|
fields[k] = resp[v]
|
||||||
|
|
||||||
|
user = User(provider, fields['username'], User.hash_password(resp['oauth_token']))
|
||||||
|
users[user.auth_id] = user
|
||||||
|
|
||||||
if user:
|
if user:
|
||||||
login_user(user, remember=True)
|
login_user(user, remember=True)
|
||||||
return True
|
return True
|
||||||
|
@ -75,12 +112,14 @@ class User(BaseUser):
|
||||||
**providers[provider]['oauth'])
|
**providers[provider]['oauth'])
|
||||||
|
|
||||||
def get_id(self):
|
def get_id(self):
|
||||||
return unicode("%s/%s/%s" % (self.type, self.provider, self.id))
|
return unicode("%s/%s" % (self.type, self.auth_id))
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def login_form():
|
def login_form():
|
||||||
buttons = []
|
buttons = []
|
||||||
for k, v in providers.items():
|
for name, val in providers.items():
|
||||||
buttons.append(v.get('button'))
|
if not config.OAUTH.get(name, {}).get('key') or not config.OAUTH.get(name, {}).get('secret'):
|
||||||
|
continue
|
||||||
|
buttons.append(val.get('button'))
|
||||||
|
|
||||||
return " ".join(buttons)
|
return "<h4>Social Login</h4>" + " ".join(buttons)
|
||||||
|
|
|
@ -33,4 +33,6 @@ def callback(provider):
|
||||||
resp['oauth_token_secret']
|
resp['oauth_token_secret']
|
||||||
)
|
)
|
||||||
|
|
||||||
|
User.auth(provider, resp)
|
||||||
|
|
||||||
return redirect(next_url)
|
return redirect(next_url)
|
||||||
|
|
|
@ -1,7 +1,4 @@
|
||||||
{% extends 'layout.html' %}
|
{% extends 'layout.html' %}
|
||||||
{% block body %}
|
{% block body %}
|
||||||
{% for form in forms %}
|
{{ forms|safe }}
|
||||||
{{ form|safe }}
|
|
||||||
<hr />
|
|
||||||
{% endfor %}
|
|
||||||
{% endblock %}
|
{% endblock %}
|
||||||
|
|
Loading…
Reference in a new issue