def __init__(self, *args, **kwargs):
"""Add the mozillian user in the init method."""
self.mozillian_user = None
self.mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL,
settings.MOZILLIANS_API_KEY)
super(ModeratorAuthBackend, self).__init__(*args, **kwargs)
def __init__(self, *args, **kwargs):
"""Add the mozillian user in the init method."""
self.mozillian_user = None
self.mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL,
settings.MOZILLIANS_API_KEY)
super(ModeratorAuthBackend, self).__init__(*args, **kwargs)
def forwards(apps, schema_editor):
"""Forwards method.
Sync with mozillians.org to fix avatar url.
"""
User = apps.get_model('auth', 'User')
mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL,
settings.MOZILLIANS_API_KEY)
for user in User.objects.all():
try:
mozillian_user = mozillians_client.lookup_user({'email': user.email})
except (BadStatusCode, ResourceDoesNotExist):
continue
if mozillian_user['photo']['privacy'] == 'Public':
user.userprofile.avatar_url = mozillian_user['photo']['value']
else:
user.userprofile.avatar_url = ''
user.userprofile.save()
def forwards(apps, schema_editor):
"""Forwards method.
Sync with mozillians.org to fix avatar url.
"""
User = apps.get_model('auth', 'User')
mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL,
settings.MOZILLIANS_API_KEY)
for user in User.objects.all():
try:
mozillian_user = mozillians_client.lookup_user(
{'email': user.email})
except (BadStatusCode, ResourceDoesNotExist):
continue
if mozillian_user['photo']['privacy'] == 'Public':
user.userprofile.avatar_url = mozillian_user['photo']['value']
else:
user.userprofile.avatar_url = ''
user.userprofile.save()
class ModeratorAuthBackend(OIDCAuthenticationBackend):
"""Override base authentication class."""
def __init__(self, *args, **kwargs):
"""Add the mozillian user in the init method."""
self.mozillian_user = None
self.mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL,
settings.MOZILLIANS_API_KEY)
super(ModeratorAuthBackend, self).__init__(*args, **kwargs)
def create_user(self, claims, **kwargs):
"""Create a new user only if there is a vouched mozillians.org account."""
email = claims.get('email')
try:
self.mozillian_user = self.mozillians_client.lookup_user(
{'email': email})
except (BadStatusCode, ResourceDoesNotExist):
return None
user_emails = []
if self.mozillian_user['is_vouched']:
for email_entry in self.mozillian_user['alternate_emails']:
user_emails.append(email_entry['email'])
user_emails.append(self.mozillian_user['email']['value'])
users = User.objects.filter(email__in=user_emails)
if users:
return users[0]
return super(ModeratorAuthBackend,
self).create_user(claims, **kwargs)
return None
def authenticate(self, **kwargs):
"""Override authenticate method of the OIDC lib."""
user = super(ModeratorAuthBackend, self).authenticate(**kwargs)
if not user:
return None
profile = user.userprofile
profile.is_nda_member = False
try:
self.mozillian_user = self.mozillians_client.lookup_user(
{'email': user.email})
except (BadStatusCode, ResourceDoesNotExist):
return None
# The email the user used to log in
user_email_domains = [user.email.split('@')[1]]
# Get alternate emails
for email_resource in self.mozillian_user['alternate_emails']:
user_email_domains.append(email_resource['email'].split('@')[1])
user_email = self.mozillian_user['email'].get('value')
if user_email:
user_email_domains.append(user_email.split('@')[1])
# Remove duplicate domains
user_email_domains = list(set(user_email_domains))
user_groups = [
group['name'] for group in self.mozillian_user['groups']['value']
]
# Check if the user is member of the NDA group on each login.
# Automatically add users with @mozilla* email in the nda group.
if ([
email_domain for email_domain in user_email_domains
if email_domain in settings.TRUSTED_MOZILLA_DOMAINS
] or settings.NDA_GROUP in user_groups):
# Find an exact match for the username, eg foo != foo1
profile.is_nda_member = True
if profile.username != self.mozillian_user['username']:
profile.username = self.mozillian_user['username']
if self.mozillian_user['photo']['privacy'] == 'Public':
profile.avatar_url = self.mozillian_user['photo']['value']
else:
profile.avatar_url = ''
profile.save()
return user
class ModeratorAuthBackend(OIDCAuthenticationBackend):
"""Override base authentication class."""
def __init__(self, *args, **kwargs):
"""Add the mozillian user in the init method."""
self.mozillian_user = None
self.mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL,
settings.MOZILLIANS_API_KEY)
super(ModeratorAuthBackend, self).__init__(*args, **kwargs)
def create_user(self, claims, **kwargs):
"""Create a new user only if there is a vouched mozillians.org account."""
email = claims.get('email')
try:
self.mozillian_user = self.mozillians_client.lookup_user({'email': email})
except (BadStatusCode, ResourceDoesNotExist):
return None
user_emails = []
if self.mozillian_user['is_vouched']:
for email_entry in self.mozillian_user['alternate_emails']:
user_emails.append(email_entry['email'])
user_emails.append(self.mozillian_user['email']['value'])
users = User.objects.filter(email__in=user_emails)
if users:
return users[0]
return super(ModeratorAuthBackend, self).create_user(claims, **kwargs)
return None
def authenticate(self, **kwargs):
"""Override authenticate method of the OIDC lib."""
user = super(ModeratorAuthBackend, self).authenticate(**kwargs)
if not user:
return None
profile = user.userprofile
profile.is_nda_member = False
try:
self.mozillian_user = self.mozillians_client.lookup_user({'email': user.email})
except (BadStatusCode, ResourceDoesNotExist):
return None
# The email the user used to log in
user_email_domains = [user.email.split('@')[1]]
# Get alternate emails
for email_resource in self.mozillian_user['alternate_emails']:
user_email_domains.append(email_resource['email'].split('@')[1])
user_email = self.mozillian_user['email'].get('value')
if user_email:
user_email_domains.append(user_email.split('@')[1])
# Remove duplicate domains
user_email_domains = list(set(user_email_domains))
user_groups = [group['name'] for group in self.mozillian_user['groups']['value']]
# Check if the user is member of the NDA group on each login.
# Automatically add users with @mozilla* email in the nda group.
if ([email_domain for email_domain in user_email_domains
if email_domain in settings.TRUSTED_MOZILLA_DOMAINS] or
settings.NDA_GROUP in user_groups):
# Find an exact match for the username, eg foo != foo1
profile.is_nda_member = True
if profile.username != self.mozillian_user['username']:
profile.username = self.mozillian_user['username']
if self.mozillian_user['photo']['privacy'] == 'Public':
profile.avatar_url = self.mozillian_user['photo']['value']
else:
profile.avatar_url = ''
profile.save()
return user