def authorize(self):
"""
OAuth callback. Will load the state and the response and login the user if it can.
TODO: Check for groups and set attributes based on that (admin or not, etc...)
"""
try:
state = json.loads(request.args.get('state'))
except Exception:
state = {'next': url_for('MetaView:index')}
res = j4oauth.authorized_response()
if not res:
flash('Invalid login attempt.')
return redirect(url_for('MetaView:index'))
session['j4oauth_token'] = (
res['access_token'], ''
)
user_info = j4oauth.get('auth_user').data['user']
if user_info['auth_status'] not in ('Internal', 'Ally'):
flash('You are not authorized to access this application', 'danger')
return redirect(url_for('Metaview:index'))
user = User.query.filter_by(user_id=user_info['user_id']).first()
if not user:
user = User(user_id=user_info['user_id'])
user.main_character = user_info['main_character']
user.main_character_id = user_info['main_character_id']
user.alliance_name = user_info['alliance']
user.corporation_name = user_info['corporation']
db.session.add(user)
db.session.commit()
if login_user(user):
user.last_login_on = arrow.utcnow()
user.last_ip = request.remote_addr
flash('Welcome back {}!'.format(user.main_character))
return safe_redirect(next=state['next'])
else:
flash('There was an issue logging you in.', 'danger')
return redirect(url_for('MetaView:index'))
