class GoogleAuth(object):
"""Google Federated Authentication manager.
If ``install==True`` (default), it is automatically installed into the
given Flask application.
"""
def __init__(self, app, install=True, prefix=None, name='GoogleAuth'):
self.app = app
self.app.config.setdefault('GOOGLE_DOMAIN', None)
self.oid = OpenID(self.app)
self.url_prefix = prefix
self.name = name
self.blueprint = self._get_blueprint(self.name)
self.domain = self.app.config.get('GOOGLE_DOMAIN')
self._login = self.oid.loginhandler(self.__login)
self._create_or_login = self.oid.after_login(self.__create_or_login)
if install:
self.install()
def _check_auth(self):
"""Returns True if authentication is valid."""
return ('openid' in session) if self.domain else True
def __login(self):
return self.oid.try_login('https://www.google.com/accounts/o8/site-xrds?hd=%s' % self.domain)
def _before_request(self):
g.user = None
def __create_or_login(self, resp):
"""This is called when login with OpenID succeeded and it's not
necessary to figure out if this is the users's first login or not.
This function has to redirect otherwise the user will be presented
with a terrible URL which we certainly don't want.
"""
session['openid'] = resp.identity_url
return redirect(self.oid.get_next_url())
def _logout(self):
session.pop('openid', None)
return redirect(self.oid.get_next_url())
def _get_blueprint(self, name):
return Blueprint(
name,
__name__,
static_folder=os.path.join(current_dir, 'static'),
template_folder=os.path.join(current_dir, 'templates'),
)
def _configure_routes(self):
self.blueprint.route('/login/', methods=['GET', 'POST'])(self._login)
self.blueprint.route('/logout/', methods=['GET', 'POST'])(self._logout)
def _register_blueprint(self, **kwargs):
self.app.register_blueprint(
self.blueprint,
url_prefix=self.url_prefix,
**kwargs
)
def install(self):
"""Installs the Blueprint into the app."""
self.app.before_request(self._before_request)
self._configure_routes()
self._register_blueprint()
def required(self, f):
"""Request decorator. Forces authentication."""
@wraps(f)
def decorated(*args, **kwargs):
auth = request.authorization
if not self._check_auth():
return redirect(url_for('%s.__login' % self.blueprint.name, next=request.url))
return f(*args, **kwargs)
return decorated
class GoogleAuth(object):
"""Google Federated Authentication manager.
If ``install==True`` (default), it is automatically installed into the
given Flask application.
"""
def __init__(self, app, install=True, prefix=None, name='GoogleAuth'):
self.app = app
self.app.config.setdefault('GOOGLE_DOMAIN', None)
self.oid = OpenID(self.app)
self.url_prefix = prefix
self.name = name
self.blueprint = self._get_blueprint(self.name)
self.domain = self.app.config.get('GOOGLE_DOMAIN')
self._login = self.oid.loginhandler(self.__login)
self._create_or_login = self.oid.after_login(self.__create_or_login)
if install:
self.install()
def _check_auth(self):
"""Returns True if authentication is valid."""
return ('openid' in session) if self.domain else True
def __login(self):
return self.oid.try_login(
'https://www.google.com/accounts/o8/site-xrds?hd=%s' % self.domain)
def _before_request(self):
g.user = None
def __create_or_login(self, resp):
"""This is called when login with OpenID succeeded and it's not
necessary to figure out if this is the users's first login or not.
This function has to redirect otherwise the user will be presented
with a terrible URL which we certainly don't want.
"""
session['openid'] = resp.identity_url
return redirect(self.oid.get_next_url())
def _logout(self):
session.pop('openid', None)
return redirect(self.oid.get_next_url())
def _get_blueprint(self, name):
return Blueprint(
name,
__name__,
static_folder=os.path.join(current_dir, 'static'),
template_folder=os.path.join(current_dir, 'templates'),
)
def _configure_routes(self):
self.blueprint.route('/login/', methods=['GET', 'POST'])(self._login)
self.blueprint.route('/logout/', methods=['GET', 'POST'])(self._logout)
def _register_blueprint(self, **kwargs):
self.app.register_blueprint(self.blueprint,
url_prefix=self.url_prefix,
**kwargs)
def install(self):
"""Installs the Blueprint into the app."""
self.app.before_request(self._before_request)
self._configure_routes()
self._register_blueprint()
def required(self, f):
"""Request decorator. Forces authentication."""
@wraps(f)
def decorated(*args, **kwargs):
auth = request.authorization
if not self._check_auth():
return redirect(
url_for('%s.__login' % self.blueprint.name,
next=request.url))
return f(*args, **kwargs)
return decorated
