def login():
code = request.values.get("code")
if code is None:
# Authorize the client from SSO, redirect as a query with "code"
sl = "?".join([config.sso_params.get("cootek.authorize"), urlencode(config.authorize_params)])
return redirect(sl)
else:
config.token_params.update({"code": code})
ret = requests.post(config.sso_params.get("cootek.token"), data=config.token_params)
token = json.loads(ret.text)
if "access_token" in token and "id_token" in token:
# Analyse username from id_token
user_info = token['id_token'].split(".")[1]
missing_padding = 4 - len(user_info) % 4
if missing_padding:
user_info += '=' * missing_padding
temp_user_info = base64.b64decode(user_info)
user_info = json.loads(bytes.decode(temp_user_info))
username = user_info['upn'].split("@")[0]
sid = user_info['sid'].split("@")[0]
token = uuid.uuid4().hex
user = User.query.filter_by(username=username).first()
if not user:
user = User()
user.username = username
user.access_token = token
user.token_expired = time.time() + 8 * 60 * 60
user.save()
login_user(user)
return app.send_static_file('index.html')
else:
sl = "?".join([config.sso_params.get("cootek.authorize"), urlencode(config.authorize_params)])
return redirect(sl)
def post(self):
args = self.parser.parse_args()
username = args.get('username')
password = args.get('password')
if username and password:
try:
user = User()
user.username = username
user.password = password
db.session.add(user)
db.session.commit()
except:
db.session.rollback()
def create_user_by_parameters(parameters):
"""
Method for create a User model Object populated with a dict of parameters.
:param parameters: Dict of values, this key are(
first_name
last_name
username
email
password
is_active
)
:return: populated user
"""
user = User()
user.first_name = parameters['first_name']
user.last_name = parameters['last_name']
user.username = parameters['username']
user.email = parameters['email'].lower()
user.password = make_password(parameters['password'])
user.is_active = parameters['is_active']
return user
