def save_user(dn, username, userdata, memberships):
user = User.query.filter_by(username=username).first()
kwargs = {}
kwargs['username'] = username
if 'givenName' in userdata:
kwargs['first_name'] = userdata['givenName'][0]
if 'sn' in userdata:
kwargs['last_name'] = userdata['sn'][0]
return user.update(**kwargs) if user else User.create(**kwargs)
def save_user(dn, username, userdata, memberships):
user = User.query.filter_by(username=username).first()
kwargs = {}
kwargs['username'] = username
if 'givenName' in userdata:
kwargs['first_name'] = userdata['givenName'][0]
if 'sn' in userdata:
kwargs['last_name'] = userdata['sn'][0]
return user.update(**kwargs) if user else User.create(**kwargs)
def adduser(username, email):
from doorman.models import User
import getpass
import sys
if User.query.filter_by(username=username).first():
raise ValueError("Username already exists!")
password = getpass.getpass(stream=sys.stderr)
try:
user = User.create(username=username,
email=email or username,
password=password,
)
except Exception as error:
print("Failed to create user {0} - {1}".format(username, error))
exit(1)
else:
print("Created user {0}".format(user.username))
exit(0)
def adduser(username, email):
from doorman.models import User
import getpass
import sys
if User.query.filter_by(username=username).first():
raise ValueError("Username already exists!")
password = getpass.getpass(stream=sys.stderr)
try:
user = User.create(
username=username,
email=email or username,
password=password,
)
except Exception as error:
print("Failed to create user {0} - {1}".format(username, error))
exit(1)
else:
print("Created user {0}".format(user.username))
exit(0)
def fetch_user(self):
code = request.args.get('code')
state = session.pop('_oauth_state')
provider = OAuth2Session(self.client_id,
redirect_uri=self.redirect_uri,
state=state)
token = provider.fetch_token(self.token_url,
client_secret=self.client_secret,
code=code,
authorization_response=request.url,
)
response = provider.get('https://www.googleapis.com/oauth2/v1/userinfo')
userinfo = response.json()
if not userinfo:
current_app.logger.error("No userinfo object returned!")
abort(500)
current_app.logger.debug("Got userinfo: %s", userinfo)
if self.allowed_users and userinfo['email'] not in self.allowed_users:
current_app.logger.error("%s is not authorized for this application",
userinfo['email'])
flash(u"{0} is not authorized for this application.".format(
userinfo['email']), 'danger')
abort(401)
if self.allowed_domains and userinfo['hd'] not in self.allowed_domains:
current_app.logger.error("%s domain and %s not authorized",
userinfo['hd'], userinfo['email'])
flash(u"{0} is not authorized for this application.".format(
userinfo['email']), 'danger')
abort(401)
if not userinfo['verified_email']:
flash(u"You must verify your email before using this application.",
'danger')
abort(401)
user = User.query.filter_by(
email=userinfo['email'],
social_id=userinfo['id'],
).first()
if not user:
user = User.create(
username=userinfo['email'],
email=userinfo['email'],
social_id=userinfo['id'],
first_name=userinfo['given_name'],
last_name=userinfo['family_name'],
)
else:
user.update(
username=userinfo['email'],
email=userinfo['email'],
social_id=userinfo['id'],
first_name=userinfo['given_name'],
last_name=userinfo['family_name'],
)
session['_oauth_token'] = token
return user
def load_user(user_id):
if current_app.config['DOORMAN_AUTH_METHOD'] is None:
from doorman.users.mixins import NoAuthUserMixin
return NoAuthUserMixin()
return User.get_by_id(int(user_id))
def load_user(user_id):
if current_app.config['DOORMAN_AUTH_METHOD'] is None:
from doorman.users.mixins import NoAuthUserMixin
return NoAuthUserMixin()
return User.get_by_id(int(user_id))
def fetch_user(self):
code = request.args.get('code')
state = session.pop('_oauth_state')
provider = OAuth2Session(
self.client_id,
redirect_uri=self.redirect_uri,
state=state
)
token = provider.fetch_token(
self.token_url,
client_secret=self.client_secret,
code=code,
authorization_response=request.url,
)
response = provider.get('https://www.googleapis.com/oauth2/v1/userinfo')
userinfo = response.json()
if not userinfo:
current_app.logger.error("No userinfo object returned!")
abort(500)
current_app.logger.debug("Got userinfo: %s", userinfo)
if self.allowed_users and userinfo['email'] not in self.allowed_users:
current_app.logger.error("%s is not authorized for this application",
userinfo['email'])
flash(u"{0} is not authorized for this application.".format(
userinfo['email']), 'danger')
abort(401)
if self.allowed_domains and userinfo['hd'] not in self.allowed_domains:
current_app.logger.error("%s domain and %s not authorized",
userinfo['hd'], userinfo['email'])
flash(u"{0} is not authorized for this application.".format(
userinfo['email']), 'danger')
abort(401)
if not userinfo['verified_email']:
flash(u"You must verify your email before using this application.",
'danger')
abort(401)
user = User.query.filter_by(
email=userinfo['email'],
social_id=userinfo['id'],
).first()
if not user:
user = User.create(
username=userinfo['email'],
email=userinfo['email'],
social_id=userinfo['id'],
first_name=userinfo['given_name'],
last_name=userinfo['family_name'],
)
else:
user.update(
username=userinfo['email'],
email=userinfo['email'],
social_id=userinfo['id'],
first_name=userinfo['given_name'],
last_name=userinfo['family_name'],
)
session['_oauth_token'] = token
return user