def google_verify(self, registration): openid_session = session.get("openid_session", {}) openid_store = None # stateless cons = Consumer(openid_session, openid_store) current_url = registration.url(action='google_verify', qualified=True) info = cons.complete(request.params, current_url) display_identifier = info.getDisplayIdentifier() if info.status == consumer.SUCCESS: identity_url = info.identity_url if User.get_byopenid(identity_url, registration.location): message = _('This Google account is already linked to another Ututi account.') else: registration.openid = identity_url if not registration.fullname: registration.fullname = '%s %s' % ( request.params.get('openid.ext1.value.firstname'), request.params.get('openid.ext1.value.lastname')) email = request.params.get('openid.ext1.value.email') registration.openid_email = email meta.Session.commit() message = _('Linked to Google account.') elif info.status == consumer.FAILURE and display_identifier: # In the case of failure, if info is non-None, it is the # URL that we were verifying. We include it in the error # message to help the user figure out what happened. fmt = _("Verification of %s failed: %s") message = fmt % (display_identifier, cgi.escape(info.message)) elif info.status == consumer.CANCEL: message = _('Verification cancelled') elif info.status == consumer.SETUP_NEEDED: if info.setup_url: message = _('<a href=%s>Setup needed</a>') % quoteattr(info.setup_url), else: # This means auth didn't succeed, but you're welcome to try # non-immediate mode. message = _('Setup needed') else: message = _('Authentication failed: %s') % info.message # TODO: log info.status and info.message h.flash(message) redirect(registration.url(action='personal_info'))
def google_verify(self): openid_session = session.get("openid_session", {}) openid_store = None # stateless cons = Consumer(openid_session, openid_store) info = cons.complete(request.params, url('google_verify', qualified=True)) display_identifier = info.getDisplayIdentifier() if info.status == consumer.SUCCESS: identity_url = info.identity_url if 'linking_to_user' in session: user = User.get_byid(session.pop('linking_to_user')) if not User.get_byopenid(identity_url): user.openid = identity_url meta.Session.commit() h.flash(_('Linked to Google account.')) else: h.flash(_('This Google account is already linked to another Ututi account.')) redirect(url(controller='profile', action='login_settings')) name = '%s %s' % (request.params.get('openid.ext1.value.firstname'), request.params.get('openid.ext1.value.lastname')) email = request.params.get('openid.ext1.value.email') return self._try_to_login(name, email, google_id=identity_url) elif info.status == consumer.FAILURE and display_identifier: # In the case of failure, if info is non-None, it is the # URL that we were verifying. We include it in the error # message to help the user figure out what happened. fmt = _("Verification of %s failed: %s") message = fmt % (display_identifier, cgi.escape(info.message)) elif info.status == consumer.CANCEL: message = _('Verification cancelled') elif info.status == consumer.SETUP_NEEDED: if info.setup_url: message = _('<a href=%s>Setup needed</a>') % ( quoteattr(info.setup_url),) else: # This means auth didn't succeed, but you're welcome to try # non-immediate mode. message = _('Setup needed') else: message = _('Authentication failed: %s') % info.message # TODO: log info.status and info.message h.flash(message) redirect(c.came_from or url(controller='federation', action='index'))
def _try_to_login(self, name, email, google_id=None, facebook_id=None, fb_access_token=None): assert bool(google_id) != bool(facebook_id) if google_id: user = User.get_byopenid(google_id) elif facebook_id: user = User.get_byfbid(facebook_id) if user is not None: # Existing user, log him in and proceed. if facebook_id and not user.logo: user.update_logo_from_facebook() meta.Session.commit() sign_in_user(user) redirect(c.came_from or url(controller='home', action='index')) else: # Facebook needs to be asked for the email separately. if facebook_id: name, email = self._facebook_name_and_email(facebook_id, fb_access_token) if not email: h.flash(_('Facebook did not provide your email address.')) redirect(c.came_from or url(controller='home', action='index')) # This user has never logged in using FB/Google before. user = User.get_global(email) if user is None: h.flash(_('Login failed. Please login using your username and bind your account first.')) redirect(url(controller='home', action='login')) else: # Existing user logging in using FB/Google. if google_id: h.flash(_('Your Google account "%s" has been linked to your existing Ututi account.') % email) user.openid = google_id elif facebook_id: h.flash(_('Your Facebook account "%s" has been linked to your existing Ututi account.') % email) user.facebook_id = facebook_id bind_group_invitations(user) if not user.logo: user.update_logo_from_facebook() meta.Session.commit() sign_in_user(user) redirect(c.came_from or url(controller='home', action='index'))
def _bind_user(self, user, flash=True): """Bind user to FB/Google account (retrieve info from session).""" if session.get('confirmed_openid'): if User.get_byopenid(session['confirmed_openid']): # This rarely happens, but we have to check to avoid an error. if flash: h.flash(_('This Google account is already linked to another Ututi account.')) return user.openid = session['confirmed_openid'] if flash: h.flash(_('Your Google account has been associated with your Ututi account.')) elif session.get('confirmed_facebook_id'): if User.get_byfbid(session['confirmed_facebook_id']): # This rarely happens, but we have to check to avoid an error. if flash: h.flash(_('This Facebook account is already linked to another Ututi account.')) return user.facebook_id = int(session['confirmed_facebook_id']) user.update_logo_from_facebook() if flash: h.flash(_('Your Facebook account has been associated with your Ututi account.'))