Example #1
0
    def _on_auth(self, auth_user):
        """
        Called after we receive authorisation information from Google.
        auth_user dict is either empty or contains 'locale', 'first_name', 'last_name', 'name' and 'email'.
        """

        if not auth_user:
            raise tornado.web.HTTPError(500, "Google auth failed")

        auth_name = auth_user["email"]

        user = User.get_from_auth(self.orm, self.openid_url, auth_name)

        if not user:
            self.error(404, "No account found for %s" % auth_user["email"])
            return

        session = Session(
            user,
            self.get_remote_ip(),
            self.get_accept_language(),
            self.get_user_agent(),
        )
        self.orm.add(session)
        self.orm.flush()
        self.start_session(str(session.session_id))

        self.redirect(self.next or '/')
Example #2
0
    def get(self):
        redirect_path = self.url_rewrite(self.login_url)
        login_url = "%s://%s%s" % (
            self.request.protocol, self.request.host, redirect_path)

        if not self.get_argument('code', False):
            # Step 1. Send request to Google

            self._batch_tasks()

            if self.next_:
                self.app_set_cookie("next", self.next_)

            register = self.get_argument_bool("register", None)
            if register is not None:
                self.app_set_cookie("register", register)

            yield self.authorize_redirect(
                redirect_uri=login_url,
                client_id=self.settings['google_oauth']['key'],
                scope=['profile', 'email'],
                response_type='code',
                extra_params={'approval_prompt': 'auto',},
            )
        else:
            # Step 2. Recieving response from Google

            self.next_ = self.app_get_cookie("next")
            self.clear_cookie("next")

            access_data = yield self.get_authenticated_user(
                redirect_uri=login_url,
                code=self.get_argument('code')
            )

            user_data = yield self.get_user_data(access_data)

            register = self.app_get_cookie("register")
            self.app_clear_cookie("register")

            if not user_data:
                raise HTTPError(500, "Google authentication failed")

            auth_name = user_data["email"]
            user = User.get_from_auth(self.orm, self.openid_url, auth_name)

            if not user:
                if self._check_registering(user):
                    return
                user = self._create_user(user_data["name"], auth_name)

            self._check_locked(user)

            self.create_session(user, Session)

            self.redirect_next()