def get_or_create_user(saml_name_id, saml_user_data):
user = User.get(saml_name_id=saml_name_id)
if user:
return user_if_enabled(user)
return create_user(saml_name_id, saml_user_data)
def api_auth(request):
api_key = request.headers.get('X-API-KEY')
user = User.get(api_key=api_key)
if user:
user.is_api = True
return user_if_enabled(user)
def authenticate(email, password):
user = User.get(email=email.lower())
if user_if_enabled(user):
if 'pwd_hash' in user:
if check_password_hash(user['pwd_hash'], password):
if 'auth_token' not in user:
user.update_value('auth_token', auth_token(user))
login_user(user)
return user
return None
def update_or_create_user(ldap_user):
user = User.get(email=ldap_user['mail'])
if user:
# update groups
groups = get_mapping(ldap_user['groups'], "groups")
user.update_value('groups', groups)
# update default sharings
default_sharing = get_mapping(ldap_user['groups'], "default_sharing")
user.update_value('default_sharing', default_sharing)
# update permissions
permissions = get_mapping(ldap_user["groups"], "permissions")
user.update_value('permissions', permissions)
# enable/disable user
user.update_value('enabled', ldap_user['enabled'])
return user_if_enabled(user)
return create_user(ldap_user)
def load_user(token):
return user_if_enabled(User.get(auth_token=token))
def load_user(user_id):
return user_if_enabled(User.get(_id=ObjectId(user_id)))