def _on_auth(self, auth_user):
"""
Called after we receive authorisation information from Google.
auth_user dict is either empty or contains 'locale', 'first_name', 'last_name', 'name' and 'email'.
"""
if not auth_user:
raise tornado.web.HTTPError(500, "Google auth failed")
auth_name = auth_user["email"]
user = User.get_from_auth(self.orm, self.openid_url, auth_name)
if not user:
self.error(404, "No account found for %s" % auth_user["email"])
return
session = Session(
user,
self.get_remote_ip(),
self.get_accept_language(),
self.get_user_agent(),
)
self.orm.add(session)
self.orm.flush()
self.start_session(str(session.session_id))
self.redirect(self.next or '/')
def get(self):
redirect_path = self.url_rewrite(self.login_url)
login_url = "%s://%s%s" % (
self.request.protocol, self.request.host, redirect_path)
if not self.get_argument('code', False):
# Step 1. Send request to Google
self._batch_tasks()
if self.next_:
self.app_set_cookie("next", self.next_)
register = self.get_argument_bool("register", None)
if register is not None:
self.app_set_cookie("register", register)
yield self.authorize_redirect(
redirect_uri=login_url,
client_id=self.settings['google_oauth']['key'],
scope=['profile', 'email'],
response_type='code',
extra_params={'approval_prompt': 'auto',},
)
else:
# Step 2. Recieving response from Google
self.next_ = self.app_get_cookie("next")
self.clear_cookie("next")
access_data = yield self.get_authenticated_user(
redirect_uri=login_url,
code=self.get_argument('code')
)
user_data = yield self.get_user_data(access_data)
register = self.app_get_cookie("register")
self.app_clear_cookie("register")
if not user_data:
raise HTTPError(500, "Google authentication failed")
auth_name = user_data["email"]
user = User.get_from_auth(self.orm, self.openid_url, auth_name)
if not user:
if self._check_registering(user):
return
user = self._create_user(user_data["name"], auth_name)
self._check_locked(user)
self.create_session(user, Session)
self.redirect_next()