async def oauth(request):
""" Get lichess.org oauth token. """
# TODO: check https://lichess.org/api/user/{username}
# see https://lichess.org/api#operation/apiUser
# and disable login if engine or booster is true or user is disabled
client = aioauth_client.LichessClient(
client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
if not request.query.get("code"):
raise web.HTTPFound(client.get_authorize_url(
# scope="email:read",
redirect_uri=REDIRECT_URI
))
try:
token_data = await client.get_access_token(
request.query.get("code"),
redirect_uri=REDIRECT_URI
)
token, data = token_data
session = await aiohttp_session.get_session(request)
session["token"] = token
except Exception:
log.error("Failed to get oauth access token.")
raise web.HTTPFound("/login")
async def login(request):
""" Login with lichess.org oauth. """
if REDIRECT_PATH is None:
log.error("Set REDIRECT_PATH env var if you want lichess OAuth login!")
raise web.HTTPFound("/")
# TODO: flag and ratings using lichess.org API
session = await aiohttp_session.get_session(request)
if DEV_TOKEN1 and DEV_TOKEN2:
if "dev_token" in request.app:
session["token"] = DEV_TOKEN2
else:
session["token"] = DEV_TOKEN1
request.app["dev_token"] = True
if "token" not in session:
raise web.HTTPFound(REDIRECT_PATH)
client = aioauth_client.LichessClient(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET,
access_token=session["token"])
try:
user, info = await client.user_info()
except Exception:
log.error("Failed to get user info from lichess.org")
log.exception(
"ERROR: Exception in login(request) user, info = await client.user_info()!"
)
raise web.HTTPFound("/")
log.info("+++ Lichess authenticated user: %s %s %s" %
(user.id, user.username, user.country))
users = request.app["users"]
prev_session_user = session.get("user_name")
prev_user = users.get(prev_session_user)
if prev_user is not None:
prev_user.lobby_ws = None # make it offline
session["user_name"] = user.username
session["country"] = user.country
session["first_name"] = user.first_name
session["last_name"] = user.last_name
session["title"] = user.gender if user.gender is not None else ""
if user.username:
db = request.app["db"]
doc = await db.user.find_one({"_id": user.username})
if doc is None:
result = await db.user.insert_one({
"_id":
user.username,
"first_name":
session.get("first_name"),
"last_name":
session.get("last_name"),
"country":
session.get("country"),
"title":
session.get("title"),
"perfs": {},
})
print("db insert user result %s" % repr(result.inserted_id))
elif not doc.get("enabled", "True"):
log.info("Closed account %s tried to log in." % user.username)
session["user_name"] = prev_session_user
del session["token"]
raise web.HTTPFound("/")
