def oidc_callback(): auth_code = request.args.get('code') provider = session['provider'] try: user_info = current_app.oidc_client.authenticate( provider, auth_code, url_for('.oidc_callback', _external=True)) except Exception as e: flash('Login failed: {}: {}'.format(e.__class__.__name__, e), 'error') return redirect(url_for('frontend.index')) user = user_datastore.get_user(user_info['email']) if not user: # query identity mapping service for linked identities that may already # have an account for uid in mapped_ids(user_info['email'])['ids']: user = user_datastore.get_user(uid) if user: break if not user: # user has successfully logged in or registered on IdP # so create an account user = user_datastore.create_user( email=user_info['email'], inbox_email=make_inbox_email(user_info['email']), full_name=user_info.get('nickname', user_info.get('name'))) user_role = user_datastore.find_or_create_role('USER') user_datastore.add_role_to_user(user, user_role) login_user(user) publish_login(user) if 'next' in request.args: return redirect(request.args['next']) return redirect(url_for('frontend.index'))
def login(): form = LoginForm() if request.args.get('next'): form.next.data = request.args.get('next') if form.validate_on_submit(): current_app.logger.info(form.data) email = form.email.data.strip() user = user_datastore.get_user(email) if not user: flash("You don't have a user account yet") return redirect(url_for('frontend.index')) login_user(user) publish_login(user) # TODO check next is valid return redirect(form.next.data) return render_template('login.html', form=form)