def oidc_callback():
auth_code = request.args.get('code')
provider = session['provider']
try:
user_info = current_app.oidc_client.authenticate(
provider,
auth_code,
url_for('.oidc_callback', _external=True))
except Exception as e:
flash('Login failed: {}: {}'.format(e.__class__.__name__, e), 'error')
return redirect(url_for('frontend.index'))
user = user_datastore.get_user(user_info['email'])
if not user:
# query identity mapping service for linked identities that may already
# have an account
for uid in mapped_ids(user_info['email'])['ids']:
user = user_datastore.get_user(uid)
if user:
break
if not user:
# user has successfully logged in or registered on IdP
# so create an account
user = user_datastore.create_user(
email=user_info['email'],
inbox_email=make_inbox_email(user_info['email']),
full_name=user_info.get('nickname', user_info.get('name')))
user_role = user_datastore.find_or_create_role('USER')
user_datastore.add_role_to_user(user, user_role)
login_user(user)
publish_login(user)
if 'next' in request.args:
return redirect(request.args['next'])
return redirect(url_for('frontend.index'))
def oidc_callback():
auth_code = request.args.get('code')
provider = session['provider']
try:
user_info = current_app.oidc_client.authenticate(
provider, auth_code, url_for('.oidc_callback', _external=True))
except Exception as e:
flash('Login failed: {}: {}'.format(e.__class__.__name__, e), 'error')
return redirect(url_for('frontend.index'))
user = user_datastore.get_user(user_info['email'])
if not user:
# query identity mapping service for linked identities that may already
# have an account
for uid in mapped_ids(user_info['email'])['ids']:
user = user_datastore.get_user(uid)
if user:
break
if not user:
# user has successfully logged in or registered on IdP
# so create an account
user = user_datastore.create_user(
email=user_info['email'],
inbox_email=make_inbox_email(user_info['email']),
full_name=user_info.get('nickname', user_info.get('name')))
user_role = user_datastore.find_or_create_role('USER')
user_datastore.add_role_to_user(user, user_role)
login_user(user)
publish_login(user)
if 'next' in request.args:
return redirect(request.args['next'])
return redirect(url_for('frontend.index'))
def login():
form = LoginForm()
if request.args.get('next'):
form.next.data = request.args.get('next')
if form.validate_on_submit():
current_app.logger.info(form.data)
email = form.email.data.strip()
user = user_datastore.get_user(email)
if not user:
flash("You don't have a user account yet")
return redirect(url_for('frontend.index'))
login_user(user)
publish_login(user)
# TODO check next is valid
return redirect(form.next.data)
return render_template('login.html', form=form)
def login():
form = LoginForm()
if request.args.get('next'):
form.next.data = request.args.get('next')
if form.validate_on_submit():
current_app.logger.info(form.data)
email = form.email.data.strip()
user = user_datastore.get_user(email)
if not user:
flash("You don't have a user account yet")
return redirect(url_for('frontend.index'))
login_user(user)
publish_login(user)
# TODO check next is valid
return redirect(form.next.data)
return render_template('login.html', form=form)
