def _remember_identity(self, result, provider_name): alsoProvides(self.request, IDisableCSRFProtection) self.authopas.remember(result) api.portal.show_message( _('logged_in_with', 'Logged in with ${provider}', mapping={'provider': provider_name}), self.request)
def _remember_identity(self, result, provider_name): alsoProvides(self.request, IDisableCSRFProtection) aclu = api.portal.get_tool('acl_users') aclu.authomatic.remember(result) api.portal.show_message( _('logged_in_with', 'Logged in with ${provider}', mapping={'provider': provider_name}), self.request)
def _add_identity(self, result, provider_name): # delegate to PAS plugin to add the identity alsoProvides(self.request, IDisableCSRFProtection) aclu = api.portal.get_tool('acl_users') aclu.authomatic.remember_identity(result) api.portal.show_message( _('added_identity', default='Added identity provided by ${provider}', mapping={'provider': provider_name}), self.request)
def _remember_identity(self, result, provider_name): alsoProvides(self.request, IDisableCSRFProtection) aclu = api.portal.get_tool('acl_users') aclu.authomatic.remember(result) api.portal.show_message( _( 'logged_in_with', 'Logged in with ${provider}', mapping={'provider': provider_name} ), self.request )
class AuthomaticSettingsEditForm(controlpanel.RegistryEditForm): schema = IPasPluginsAuthomaticSettings label = _(u"PAS Authomatic Plugin Settings") description = u"" def updateFields(self): super(AuthomaticSettingsEditForm, self).updateFields() # self.fields['json_config'].widgetFactory = TextLinesFieldWidget def updateWidgets(self): super(AuthomaticSettingsEditForm, self).updateWidgets()
def _remember_identity(self, result, provider_name): alsoProvides(self.request, IDisableCSRFProtection) aclu = api.portal.get_tool("acl_users") aclu.authomatic.remember(result) api.portal.show_message( _( "logged_in_with", "Logged in with ${provider}", mapping={"provider": provider_name}, ), self.request, )
def _add_identity(self, result, provider_name): # delegate to PAS plugin to add the identity alsoProvides(self.request, IDisableCSRFProtection) aclu = api.portal.get_tool('acl_users') aclu.authomatic.remember_identity(result) api.portal.show_message( _( 'added_identity', default='Added identity provided by ${provider}', mapping={'provider': provider_name} ), self.request )
def _add_identity(self, result, provider_name): # delegate to PAS plugin to add the identity alsoProvides(self.request, IDisableCSRFProtection) success = True try: self.authopas.remember_identity(result, userid=self.user.id) except Exception as e: success = False error = unicode(e) if success: api.portal.show_message( _('added_identity', default='Added identity provided by ${provider}', mapping={'provider': provider_name}), self.request) else: api.portal.show_message( _('added_identity_error', default= 'Unable to add identity provided by ${provider}: ${error}', mapping={ 'provider': provider_name, 'error': error }), self.request)
class EmailFactory(BaseUserIDFactory): title = _(u'Provider Email Address') def __call__(self, plugin, result): return self.normalize(plugin, result, result.user.email)
class ProviderIDUserNameFactory(BaseUserIDFactory): title = _(u'Provider User Name') def __call__(self, plugin, result): return self.normalize(plugin, result, result.user.username)
class UUID4UserIDFactory(BaseUserIDFactory): title = _(u'UUID as User ID') def __call__(self, plugin, result): return self.normalize(plugin, result, str(uuid.uuid4()))
class ProviderIDUserIDFactory(BaseUserIDFactory): title = _("Provider User ID") def __call__(self, plugin, result): return self.normalize(plugin, result, result.user.id)
def __call__(self): # callback url is expected on site root if not ISiteRoot.providedBy(self.context): root = api.portal.get() self.request.response.redirect("{0}/authomatic-handler/{1}".format( root.absolute_url(), getattr(self, 'provider', ''))) return "redirecting" self.authopas = authomatic_plugin() self.cfgs = authomatic_cfg() if self.cfgs is None: return "Authomatic is not configured" self.is_anon = api.user.is_anonymous() if not self.is_anon: self.user = api.user.get_current() self.user_providers = self.authopas._useridentities_by_userid.get( self.user.id).providers() # Validate provider if not hasattr(self, 'provider'): return self.template() if self.provider not in self.cfgs: return "Provider not supported" if not self.is_anon and self.provider in self.user_providers: action = self.request.form.get('action', None) if action == 'unlink': alsoProvides(self.request, IDisableCSRFProtection) self.authopas.remove_identity(self.user.id, self.provider) api.portal.show_message( _('Unlink account with {provider} provider', mapping={'provider': self.provider}), self.request) return self.template() #Any other action ? else: api.portal.show_message( _('Provider {provider} is already connected to current user', mapping={'provider': self.provider}), self.request) return self.template() # TODO: some sort of CSRF check might be needed, so that # not an account got connected by CSRF. Research needed. #Authomatic login auth = Authomatic(self.cfgs, secret=authomatic_settings().secret.encode('utf8')) result = auth.login(ZopeRequestAdapter(self), self.provider) if not result: logger.info('return from view') # let authomatic do its work return if result.error: return result.error.message # fetch provider specific user-data result.user.update() display = self.cfgs[self.provider].get('display', {}) provider_name = display.get('title', self.provider) if not self.is_anon: # now we delegate to PAS plugin to add the identity self._add_identity(result, provider_name) self.request.response.redirect("{0}".format( self.context.absolute_url())) else: # now we delegate to PAS plugin in order to login self._remember_identity(result, provider_name) redirect = self.cfgs[self.provider].get( 'redirect_url', "${portal_url}/login_success") redirect = redirect.replace("${portal_url}", api.portal.get().absolute_url()) self.request.response.redirect(redirect) return "redirecting"