def google_logged_in(blueprint, token): """ Handle the callback from Google and create a user and log the user in if the user does not exist, if the user exist then just log in the user matching the credentials. """ if not token: flash("Failed to log in with Google.", category="error") return False resp = blueprint.session.get("/oauth2/v1/userinfo") if not resp.ok: msg = "Failed to fetch user info from Google." flash(msg, category="error") return False google_info = resp.json() google_id = google_info['id'] # Find this OAuth token in the database, or create it query = OAuth.query.filter_by( provider=blueprint.name, provider_user_id=google_id, ) try: oauth = query.one() except NoResultFound: oauth = OAuth( provider=blueprint.name, provider_user_id=google_id, token=token, ) if oauth.user: # If this OAuth token already has an associated local account, # log in that local user account. # Note that if we just created this OAuth token, then it can't # have an associated local account yet. login_user(oauth.user) else: # If this OAuth token doesn't have an associated local account, # create a new local user account for this user. We can log # in that account as well, while we're at it. user = User( email=google_info["email"], name=google_info["name"], ) # Associate the new local user account with the OAuth token oauth.user = user # Save and commit our database models db.session.add_all([user, oauth]) db.session.commit() # Log in the new local user account login_user(user) flash("Successfully signed in with Google.") # Disable Flask-Dance's default behavior for saving the OAuth token return False
def twitter_logged_in(blueprint, token): if not token: flash("Failed to log in.", category="error") return False resp = blueprint.session.get( "account/verify_credentials.json?include_email=true") if not resp.ok: msg = "Failed to fetch user info." flash(msg, category="error") return False info = resp.json() user_id = info["id_str"] # Find this OAuth token in the database, or create it query = OAuth.query.filter_by(provider=blueprint.name, provider_user_id=user_id) try: oauth = query.one() except NoResultFound: oauth = OAuth(provider=blueprint.name, provider_user_id=user_id, token=token) if oauth.user: session['user_id'] = oauth.user_id login_user(oauth.user) else: # Create a new local user account for this user unique_id = uuid.uuid4().hex[:8] # generate unique_id for user if Users.query.filter_by(email=info["email"]).first() is not None: flash("This email is already registered with other account.") return redirect(url_for('sign_in')) user = Users(unique_id, None, None, info["screen_name"], info["name"], info["screen_name"], info["email"], None, False) # Associate the new local user account with the OAuth token oauth.user = user # Save and commit our database models db.session.add_all([user, oauth]) db.session.commit() # Log in the new local user account session['user_id'] = Users.query.filter_by( unique_id=unique_id).first().id login_user(user) # Disable Flask-Dance's default behavior for saving the OAuth token return False
def twitter_logged_in(blueprint, token): if not token: flash("Failed to log in.", category="error") return False resp = blueprint.session.get("account/verify_credentials.json") if not resp.ok: msg = "Failed to fetch user info." flash(msg, category="error") return False info = resp.json() user_id = info["id_str"] # Find this OAuth token in the database, or create it query = OAuth.query.filter_by(provider=blueprint.name, provider_user_id=user_id) try: oauth = query.one() except NoResultFound: oauth = OAuth(provider=blueprint.name, provider_user_id=user_id, token=token) if oauth.user: session['user_id'] = oauth.user_id login_user(oauth.user) flash("Successfully signed in.") else: # Create a new local user account for this user unique_id = uuid.uuid4().hex[:8] user = Users(twitter_name=info["screen_name"], twitter_user_name=info["name"], unique_id=unique_id) # Associate the new local user account with the OAuth token oauth.user = user # Save and commit our database models db.session.add_all([user, oauth]) db.session.commit() # Log in the new local user account session['user_id'] = Users.query.filter_by( unique_id=unique_id).first().id login_user(user) flash("Successfully signed in.") # Disable Flask-Dance's default behavior for saving the OAuth token return False
def catch_login(): #TODO: Add state # from docs: https://developer.github.com/apps/building-oauth-apps/authorizing-oauth-apps/ client_id = settings.GITHUB_CLIENT_ID client_secret = settings.GITHUB_CLIENT_SECRET oauth_url = settings.GITHUB_OAUTH_URL user_url = settings.GITHUB_USER_URL payload = { 'client_id': client_id, 'client_secret': client_secret, 'code': request.args.get('code') } headers = { "content-type": "application/json", "accept": "application/json" } if payload.get('code'): response = requests.post(oauth_url, json=payload, headers=headers) # Check if the code has expired body = response.json() if response.status_code == 200: token = response.json().get('access_token') headers = { "Accept": "application/json", "Authorization": f"token {token}" } response = requests.get(user_url, headers=headers).json() username = response.get('login') exists = User.query.filter_by(username=username).first() # Just a login version, skip registration if exists: return exists.encode_auth_token(), 200 user = User(username=username, email=response.get('email'), name=response.get('name')) db.session.add(user) db.session.commit() oauth = OAuth(user=user, token=token, provider="github") db.session.add(oauth) db.session.commit() return user.encode_auth_token(), 201 else: return jsonify({"status": "failed"}), 409 else: return jsonify({}), 400 return jsonify({"error": "fallthrough"}), 400
def google_logged_in(blueprint, token): if not token: flash("Failed to log in.", category="error") return False resp = blueprint.session.get("/oauth2/v1/userinfo") if not resp.ok: msg = "Failed to fetch user info." flash(msg, category="error") return False info = resp.json() user_id = info["id"] # Find this OAuth token in the database, or create it query = OAuth.query.filter_by(provider=blueprint.name, provider_user_id=user_id) try: oauth = query.one() except NoResultFound: oauth = OAuth(provider=blueprint.name, provider_user_id=user_id, token=token) if oauth.user: session['user_id'] = oauth.user_id login_user(oauth.user) else: # Create a new local user account for this user if Users.query.filter_by(email=info["email"]).first() is not None: flash("This email is already registered with other account.") return redirect(url_for('sign_in')) u_name = info["email"].split("@")[0] user = Users(info["email"], info["name"], None, None, u_name, info["email"], None) # Associate the new local user account with the OAuth token oauth.user = user # Save and commit our database models db.session.add_all([user, oauth]) db.session.commit() # Log in the new local user account session['user_id'] = user.id login_user(user) # Disable Flask-Dance's default behavior for saving the OAuth token return False
def google_logged_in(blueprint, token): if not token: flash("Failed to log in.", category="error") return False resp = blueprint.session.get("/oauth2/v1/userinfo") if not resp.ok: msg = "Failed to fetch user info." flash(msg, category="error") return False info = resp.json() user_id = info["id"] # Find this OAuth token in the database, or create it query = OAuth.query.filter_by(provider=blueprint.name, provider_user_id=user_id) try: oauth = query.one() except NoResultFound: oauth = OAuth(provider=blueprint.name, provider_user_id=user_id, token=token) if oauth.user: login_user(oauth.user) flash("Successfully signed in.") else: # Create a new local user account for this user user = User(email=info["email"], profile_pic=info["picture"]) profile = Profile(username=info["email"].split("@")[0]) # Associate the new local user account with the OAuth token oauth.user = user # Save and commit our database models db.session.add_all([user, oauth, profile]) db.session.commit() # Log in the new local user account login_user(user) flash("Successfully signed in.") # Disable Flask-Dance's default behavior for saving the OAuth token return False
def facebook_logged_in(blueprint, token): if not token: flash("Failed to log in.", category="error") return False resp = blueprint.session.get("/me") if not resp.ok: msg = "Failed to fetch user info." flash(msg, category="error") return False info = resp.json() user_id = info["id"] # Find this OAuth token in the database, or create it query = OAuth.query.filter_by(provider=blueprint.name, provider_user_id=user_id) try: oauth = query.one() except NoResultFound: oauth = OAuth(provider=blueprint.name, provider_user_id=user_id, token=token) if oauth.user: login_user(oauth.user) else: # Create a new local user account for this user user = User(name=info["name"]) # Associate the new local user account with the OAuth token oauth.user = user # Save and commit our database models db.session.add_all([user, oauth]) db.session.commit() # Log in the new local user account login_user(user) print(login_session.get("current_uri")) # Disable Flask-Dance's default behavior for saving the OAuth token return False
def twitter_logged_in(blueprint, token): if not token: flash("Failed to log in with GitHub.", category="error") return False account_info = blueprint.session.get('account/verify_credentials.json') if account_info.ok: account_info_json = account_info.json() user_id = str(account_info_json['id']) username = account_info_json['screen_name'] query = OAuth.query.filter_by( provider=blueprint.name, provider_user_id=user_id, ) try: oauth = query.one() except NoResultFound: oauth = OAuth( provider=blueprint.name, provider_user_id=user_id, token=token, ) if oauth.user: login_user(oauth.user) flash("Successfully signed in with Twitter.") else: user = User(username=username) oauth.user = user db.session.add_all([user, oauth]) db.session.commit() login_user(user) flash("Successfully signed with Twitter.") else: msg = "Failed to fetch user info from GitHub." flash(msg, category="error") return False
def spotify_logged_in(blueprint, token): if not token: msg = "Failed to log in." flash(msg, category="error") return False resp = blueprint.session.get("/v1/me") if not resp.ok: msg = "Failed to fetch user info." flash(msg, category="error") return False info = resp.json() user_id = info["id"] query = OAuth.query.filter_by(provider=blueprint.name, provider_user_id=user_id) try: oauth = query.one() except NoResultFound: oauth = OAuth(provider=blueprint.name, provider_user_id=user_id, token=token) if oauth.user: login_user(oauth.user) flash("Successfully signed in.") else: user = User(email=info["email"], display_name=info["display_name"]) oauth.user = user db.session.add_all([user, oauth]) db.session.commit() login_user(user) flash("Successfully signed in.") return False
def google_logged_in(blueprint, token): if not token: flash("Failed to log in with Google.", category="error") return resp = blueprint.session.get("/oauth2/v2/userinfo") if not resp.ok: msg = "Failed to fetch user info from Google." flash(msg, category="error") return google_info = resp.json() google_user_id = str(google_info["id"]) # Find this OAuth token in the database, or create it query = OAuth.query.filter_by(provider=blueprint.name, provider_user_id=google_user_id) try: oauth = query.one() except: google_user_login = str(google_info["email"]) oauth = OAuth( provider=blueprint.name, provider_user_id=google_user_id, provider_user_login=google_user_login, token=token, ) # Now, figure out what to do with this token. There are 2x2 options: # user login state and token link state. if current_user.is_anonymous: if oauth.user: # If the user is not logged in and the token is linked, # log the user into the linked user account login_user(oauth.user) else: # If the user is not logged in and the token is unlinked, # create a new local user account and log that account in. # This means that one person can make multiple accounts, but it's # OK because they can merge those accounts later. user = User(email=google_info["email"]) oauth.user = user db.session.add_all([user, oauth]) db.session.commit() login_user(user) else: if oauth.user: # If the user is logged in and the token is linked, check if these # accounts are the same! if current_user != oauth.user: # Account collision! Ask user if they want to merge accounts. url = url_for("auth.merge", username=oauth.user.username) return redirect(url) else: # If the user is logged in and the token is unlinked, # link the token to the current user oauth.user = current_user db.session.add(oauth) db.session.commit() # Indicate that the backend shouldn't manage creating the OAuth object # in the database, since we've already done so! return False
def wrap(*args, **kwargs): kind = None # Grab the session cookie if it exists. cookie = request.cookies.get(current_app.session_cookie_name, None) # Try get the Auth header data. try: auth = request.headers['Authorization'] kind, _, value = auth.partition(' ') if kind == 'Basic': value = base64.standard_b64decode(bytes(value, 'utf8')) id, _, pw = str(value, 'utf8').partition(':') elif kind == 'Google' or kind == 'Facebook': xtra = request.headers['X-Requested-With'] # elif kind == 'Token': except (KeyError, base64.binascii.Error) as ex: # print(type(ex)) return fn(*args, **kwargs) # If there was an Auth header, autheticate with that info, # and create a session. if kind == 'Basic': with db_session: user = select(u for u in User if u.email == id or u.username == id)[:] if len(user) == 1: if Password.verify(pw, user[0].password): sessionize(user=user[0].to_dict()) else: session.clear() elif not user: with db_session: user = User(email=id, password=pw) sessionize(user=user.to_dict()) else: session.clear() elif kind in ('Google', 'Facebook') and xtra == 'Fetch': kind = kind.lower() sec = client_secrets[kind]['web'] sec['provider'] = kind sec['token'] = value try: value = oauth.upgrade_token(**sec) ouser = oauth.get_user(provider=kind, **value) print(ouser) with db_session: user_oauth = select(o for o in OAuth if o.puid == ouser['id'])[:] if len(user_oauth) == 1: print(user_oauth[0].user) user = user_oauth[0].user.to_dict( ('password', 'oauth')) try: user['picture'] =\ ouser['picture']['data']['url'] except TypeError as ex: user['picture'] = ouser.get('picture', '') sessionize(user=user) elif not user_oauth: # with db_session: user = User(name=ouser.get('name')) user_oauth = OAuth( provider=kind, puid=ouser.get('id'), access_token=value.get('access_token', ''), refresh_token=value.get('refresh_token', ''), user=user) commit() user = user.to_dict(('password', 'oauth')) try: user['picture'] =\ ouser['picture']['data']['url'] except TypeError as ex: user['picture'] = ouser.get('picture', '') sessionize(user=user) except oauth.HTTPError as ex: abort(make_response(ex.text, ex.status_code)) elif kind is not None: # An unknown kind or kind 'None' session.clear() return fn(*args, **kwargs)