def authenticate(self, request): email = request.user_email validate_email(email) team_key = request.team_key user = User.find_user_by_email(email, team_key) if team_key: team_secret = request.team_secret validate_team_secret(team_secret) display_name = request.display_name image_url = request.user_image_url if not user: user = User.insert_user(email=email, username=display_name, account_type=team_key, image_url=image_url) community = Community.getCommunityFromTeamKey(team_key) UserRole.insert(user, community) elif (display_name != user.display_name) or (image_url != user.image_url): User.update_user(user=user, email=email, username=display_name, account_type=team_key, image_url=image_url) if not Community.authenticate(team_key, md5(team_secret)): raise endpoints.UnauthorizedException("Authentication failed. Team key and secret are not matched.") elif user.auth_source == AuthSourceType.ANNO: password = request.password validate_password(password) if not user: raise endpoints.NotFoundException("Authentication failed. User account " + email + " doesn't exist.") if not User.authenticate(email, md5(password)): raise endpoints.UnauthorizedException("Authentication failed. Email and password are not matched.") else: raise endpoints.ForbiddenException("Account for '%s' is Google or Facebook OAuth account." % email) return UserMessage(id=user.key.id(), display_name=user.display_name)
def auth_user(headers): current_user = get_endpoints_current_user(raise_unauthorized=False) user = None if current_user is None: credential_pair = get_credential(headers) signinMethod = SignInMethod.ANNO team_key = None team_secret = None display_name = None image_url = None if len(credential_pair) == 2: email, password = credential_pair elif len(credential_pair) == 5: signinMethod, email, password, team_key, team_secret = credential_pair else: signinMethod, email, password, team_key, team_secret, display_name, image_url = credential_pair validate_email(email) user = User.find_user_by_email(email, team_key) if signinMethod == SignInMethod.ANNO: User.authenticate(email, md5(password)) elif signinMethod == SignInMethod.PLUGIN: if not Community.authenticate(team_key, team_secret): raise endpoints.UnauthorizedException("Incorrect team key or secret") display_name = unicode(display_name, "utf-8", "ignore") if not user: user = User.insert_user(email=email, username=display_name, account_type=team_key, image_url=image_url) community = Community.getCommunityFromTeamKey(team_key) UserRole.insert(user, community) elif (display_name and display_name != user.display_name) or (image_url and image_url != user.image_url): User.update_user(user=user, email=email, username=display_name, account_type=team_key, image_url=image_url) else: user = User.find_user_by_email(current_user.email()) if user is None: raise endpoints.UnauthorizedException("Oops, something went wrong. Please try later.") return user