def __init__(self, *args, **kwargs): """Add the mozillian user in the init method.""" self.mozillian_user = None self.mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL, settings.MOZILLIANS_API_KEY) super(ModeratorAuthBackend, self).__init__(*args, **kwargs)
def forwards(apps, schema_editor): """Forwards method. Sync with mozillians.org to fix avatar url. """ User = apps.get_model('auth', 'User') mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL, settings.MOZILLIANS_API_KEY) for user in User.objects.all(): try: mozillian_user = mozillians_client.lookup_user({'email': user.email}) except (BadStatusCode, ResourceDoesNotExist): continue if mozillian_user['photo']['privacy'] == 'Public': user.userprofile.avatar_url = mozillian_user['photo']['value'] else: user.userprofile.avatar_url = '' user.userprofile.save()
def forwards(apps, schema_editor): """Forwards method. Sync with mozillians.org to fix avatar url. """ User = apps.get_model('auth', 'User') mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL, settings.MOZILLIANS_API_KEY) for user in User.objects.all(): try: mozillian_user = mozillians_client.lookup_user( {'email': user.email}) except (BadStatusCode, ResourceDoesNotExist): continue if mozillian_user['photo']['privacy'] == 'Public': user.userprofile.avatar_url = mozillian_user['photo']['value'] else: user.userprofile.avatar_url = '' user.userprofile.save()
class ModeratorAuthBackend(OIDCAuthenticationBackend): """Override base authentication class.""" def __init__(self, *args, **kwargs): """Add the mozillian user in the init method.""" self.mozillian_user = None self.mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL, settings.MOZILLIANS_API_KEY) super(ModeratorAuthBackend, self).__init__(*args, **kwargs) def create_user(self, claims, **kwargs): """Create a new user only if there is a vouched mozillians.org account.""" email = claims.get('email') try: self.mozillian_user = self.mozillians_client.lookup_user( {'email': email}) except (BadStatusCode, ResourceDoesNotExist): return None user_emails = [] if self.mozillian_user['is_vouched']: for email_entry in self.mozillian_user['alternate_emails']: user_emails.append(email_entry['email']) user_emails.append(self.mozillian_user['email']['value']) users = User.objects.filter(email__in=user_emails) if users: return users[0] return super(ModeratorAuthBackend, self).create_user(claims, **kwargs) return None def authenticate(self, **kwargs): """Override authenticate method of the OIDC lib.""" user = super(ModeratorAuthBackend, self).authenticate(**kwargs) if not user: return None profile = user.userprofile profile.is_nda_member = False try: self.mozillian_user = self.mozillians_client.lookup_user( {'email': user.email}) except (BadStatusCode, ResourceDoesNotExist): return None # The email the user used to log in user_email_domains = [user.email.split('@')[1]] # Get alternate emails for email_resource in self.mozillian_user['alternate_emails']: user_email_domains.append(email_resource['email'].split('@')[1]) user_email = self.mozillian_user['email'].get('value') if user_email: user_email_domains.append(user_email.split('@')[1]) # Remove duplicate domains user_email_domains = list(set(user_email_domains)) user_groups = [ group['name'] for group in self.mozillian_user['groups']['value'] ] # Check if the user is member of the NDA group on each login. # Automatically add users with @mozilla* email in the nda group. if ([ email_domain for email_domain in user_email_domains if email_domain in settings.TRUSTED_MOZILLA_DOMAINS ] or settings.NDA_GROUP in user_groups): # Find an exact match for the username, eg foo != foo1 profile.is_nda_member = True if profile.username != self.mozillian_user['username']: profile.username = self.mozillian_user['username'] if self.mozillian_user['photo']['privacy'] == 'Public': profile.avatar_url = self.mozillian_user['photo']['value'] else: profile.avatar_url = '' profile.save() return user
class ModeratorAuthBackend(OIDCAuthenticationBackend): """Override base authentication class.""" def __init__(self, *args, **kwargs): """Add the mozillian user in the init method.""" self.mozillian_user = None self.mozillians_client = MozilliansClient(settings.MOZILLIANS_API_URL, settings.MOZILLIANS_API_KEY) super(ModeratorAuthBackend, self).__init__(*args, **kwargs) def create_user(self, claims, **kwargs): """Create a new user only if there is a vouched mozillians.org account.""" email = claims.get('email') try: self.mozillian_user = self.mozillians_client.lookup_user({'email': email}) except (BadStatusCode, ResourceDoesNotExist): return None user_emails = [] if self.mozillian_user['is_vouched']: for email_entry in self.mozillian_user['alternate_emails']: user_emails.append(email_entry['email']) user_emails.append(self.mozillian_user['email']['value']) users = User.objects.filter(email__in=user_emails) if users: return users[0] return super(ModeratorAuthBackend, self).create_user(claims, **kwargs) return None def authenticate(self, **kwargs): """Override authenticate method of the OIDC lib.""" user = super(ModeratorAuthBackend, self).authenticate(**kwargs) if not user: return None profile = user.userprofile profile.is_nda_member = False try: self.mozillian_user = self.mozillians_client.lookup_user({'email': user.email}) except (BadStatusCode, ResourceDoesNotExist): return None # The email the user used to log in user_email_domains = [user.email.split('@')[1]] # Get alternate emails for email_resource in self.mozillian_user['alternate_emails']: user_email_domains.append(email_resource['email'].split('@')[1]) user_email = self.mozillian_user['email'].get('value') if user_email: user_email_domains.append(user_email.split('@')[1]) # Remove duplicate domains user_email_domains = list(set(user_email_domains)) user_groups = [group['name'] for group in self.mozillian_user['groups']['value']] # Check if the user is member of the NDA group on each login. # Automatically add users with @mozilla* email in the nda group. if ([email_domain for email_domain in user_email_domains if email_domain in settings.TRUSTED_MOZILLA_DOMAINS] or settings.NDA_GROUP in user_groups): # Find an exact match for the username, eg foo != foo1 profile.is_nda_member = True if profile.username != self.mozillian_user['username']: profile.username = self.mozillian_user['username'] if self.mozillian_user['photo']['privacy'] == 'Public': profile.avatar_url = self.mozillian_user['photo']['value'] else: profile.avatar_url = '' profile.save() return user