def authorize(self): """ OAuth callback. Will load the state and the response and login the user if it can. TODO: Check for groups and set attributes based on that (admin or not, etc...) """ try: state = json.loads(request.args.get('state')) except Exception: state = {'next': url_for('MetaView:index')} res = j4oauth.authorized_response() if not res: flash('Invalid login attempt.') return redirect(url_for('MetaView:index')) session['j4oauth_token'] = ( res['access_token'], '' ) user_info = j4oauth.get('auth_user').data['user'] if user_info['auth_status'] not in ('Internal', 'Ally'): flash('You are not authorized to access this application', 'danger') return redirect(url_for('Metaview:index')) user = User.query.filter_by(user_id=user_info['user_id']).first() if not user: user = User(user_id=user_info['user_id']) user.main_character = user_info['main_character'] user.main_character_id = user_info['main_character_id'] user.alliance_name = user_info['alliance'] user.corporation_name = user_info['corporation'] db.session.add(user) db.session.commit() if login_user(user): user.last_login_on = arrow.utcnow() user.last_ip = request.remote_addr flash('Welcome back {}!'.format(user.main_character)) return safe_redirect(next=state['next']) else: flash('There was an issue logging you in.', 'danger') return redirect(url_for('MetaView:index'))