def authenticate(self, request):
email = request.user_email
validate_email(email)
team_key = request.team_key
user = User.find_user_by_email(email, team_key)
if team_key:
team_secret = request.team_secret
validate_team_secret(team_secret)
display_name = request.display_name
image_url = request.user_image_url
if not user:
user = User.insert_user(email=email, username=display_name, account_type=team_key, image_url=image_url)
community = Community.getCommunityFromTeamKey(team_key)
UserRole.insert(user, community)
elif (display_name != user.display_name) or (image_url != user.image_url):
User.update_user(user=user, email=email, username=display_name, account_type=team_key, image_url=image_url)
if not Community.authenticate(team_key, md5(team_secret)):
raise endpoints.UnauthorizedException("Authentication failed. Team key and secret are not matched.")
elif user.auth_source == AuthSourceType.ANNO:
password = request.password
validate_password(password)
if not user:
raise endpoints.NotFoundException("Authentication failed. User account " + email + " doesn't exist.")
if not User.authenticate(email, md5(password)):
raise endpoints.UnauthorizedException("Authentication failed. Email and password are not matched.")
else:
raise endpoints.ForbiddenException("Account for '%s' is Google or Facebook OAuth account." % email)
return UserMessage(id=user.key.id(), display_name=user.display_name)
def auth_user(headers):
current_user = get_endpoints_current_user(raise_unauthorized=False)
user = None
if current_user is None:
credential_pair = get_credential(headers)
signinMethod = SignInMethod.ANNO
team_key = None
team_secret = None
display_name = None
image_url = None
if len(credential_pair) == 2:
email, password = credential_pair
elif len(credential_pair) == 5:
signinMethod, email, password, team_key, team_secret = credential_pair
else:
signinMethod, email, password, team_key, team_secret, display_name, image_url = credential_pair
validate_email(email)
user = User.find_user_by_email(email, team_key)
if signinMethod == SignInMethod.ANNO:
User.authenticate(email, md5(password))
elif signinMethod == SignInMethod.PLUGIN:
if not Community.authenticate(team_key, team_secret):
raise endpoints.UnauthorizedException("Incorrect team key or secret")
display_name = unicode(display_name, "utf-8", "ignore")
if not user:
user = User.insert_user(email=email, username=display_name, account_type=team_key, image_url=image_url)
community = Community.getCommunityFromTeamKey(team_key)
UserRole.insert(user, community)
elif (display_name and display_name != user.display_name) or (image_url and image_url != user.image_url):
User.update_user(user=user, email=email, username=display_name, account_type=team_key, image_url=image_url)
else:
user = User.find_user_by_email(current_user.email())
if user is None:
raise endpoints.UnauthorizedException("Oops, something went wrong. Please try later.")
return user
