def login_callback(user_info):
"""Login user base on SSO context (create one if necessary).
Function should not raise an exception if `user_info` is not valid
or `User` was not found in database.
"""
from invenio.modules.accounts.models import User
from invenio.ext.login import (authenticate, login_redirect,
current_user)
from invenio.ext.sqlalchemy import db
user_info['group'] = fetch_groups(user_info['group']).values()
user_info['external'] = fetch_external(user_info.get('external'))
try:
auth = authenticate(user_info['email'], login_method='SSO')
if auth is None:
user = User()
user.nickname = user_info['nickname']
user.email = user_info['email']
user.password = ''
user.settings = {'login_method': 'SSO'}
db.session.add(user)
db.session.commit()
auth = authenticate(user_info['email'], login_method='SSO')
if auth is None:
return redirect('/')
current_user.info['group'] = current_user.get('group', []) + \
user_info['group']
current_user.save()
except:
flash('Problem with login (%s)' % (str(user_info)), 'error')
return redirect('/')
return login_redirect()
def login_callback(user_info):
"""Login user base on SSO context (create one if necessary).
Function should not raise an exception if `user_info` is not valid
or `User` was not found in database.
"""
from invenio.modules.accounts.models import User
from invenio.ext.login import (authenticate, login_redirect,
current_user)
from invenio.ext.sqlalchemy import db
user_info['group'] = fetch_groups(user_info['group']).values()
user_info['external'] = fetch_external(user_info.get('external'))
try:
auth = authenticate(user_info['email'], login_method='SSO')
if auth is None:
user = User()
user.nickname = user_info['nickname']
user.email = user_info['email']
user.password = ''
user.settings = {'login_method': 'SSO'}
db.session.add(user)
db.session.commit()
auth = authenticate(user_info['email'], login_method='SSO')
if auth is None:
return redirect('/')
current_user.info['group'] = current_user.get('group', []) + \
user_info['group']
current_user.save()
except:
flash('Problem with login (%s)' % (str(user_info)), 'error')
return redirect('/')
return login_redirect()
def oauth_authenticate(client_id, userinfo, require_existing_link=False,
remember=False):
"""Authenticate an oauth authorized callback."""
# Authenticate via the access token (access token used to get user_id)
if userinfo and authenticate(userinfo['email'], remember=remember):
if require_existing_link:
account = RemoteAccount.get(userinfo.get_id(), client_id)
if account is None:
logout_user()
return False
return True
return False
def oauth_authenticate(client_id,
userinfo,
require_existing_link=False,
remember=False):
"""Authenticate an oauth authorized callback."""
# Authenticate via the access token (access token used to get user_id)
if userinfo and authenticate(userinfo['email'], remember=remember):
if require_existing_link:
account = RemoteAccount.get(userinfo.get_id(), client_id)
if account is None:
logout_user()
return False
return True
return False
def oauth_authenticate(client_id, email=None, access_token=None,
require_existing_link=True, auto_register=False):
"""
Authenticate an oauth authorized callback
"""
if email is None and access_token is None:
return False
# Authenticate via the access token
if access_token:
token = RemoteToken.get_by_token(client_id, access_token)
if token:
u = UserInfo(token.remote_account.user_id)
if login_user(u):
return True
if email:
if authenticate(email):
if not require_existing_link:
return True
# Pre-existing link required so check
account = RemoteAccount.get(current_user.get_id(), client_id)
if account:
return True
# Account doesn't exists, and thus the user haven't linked
# the accounts
logout_user()
return None
elif auto_register:
from invenio.modules.accounts.models import User
if not User.query.filter_by(email=email).first():
# Email doesn't exists so we can proceed to register user.
u = User(
nickname="",
email=email,
password=generate_secret_key(),
note='1', # Activated
)
try:
db.session.add(u)
db.session.commit()
login_user(UserInfo(u.id))
return True
except Exception:
pass
return False
def login(nickname=None,
password=None,
login_method=None,
action='',
remember=False,
referer=None):
"""Login."""
if cfg.get('CFG_ACCESS_CONTROL_LEVEL_SITE') > 0:
return abort(401) # page is not authorized
if action:
from invenio.modules.access.mailcookie import \
InvenioWebAccessMailCookieError, \
mail_cookie_check_authorize_action
try:
action, arguments = mail_cookie_check_authorize_action(action)
except InvenioWebAccessMailCookieError:
pass
form = LoginForm(CombinedMultiDict([
ImmutableMultiDict({
'referer': referer,
'login_method': 'Local'
} if referer else {'login_method': 'Local'}), request.values
]),
csrf_enabled=False)
if request.method == "POST":
try:
if login_method == 'Local' and form.validate_on_submit() and \
authenticate(nickname, password, login_method=login_method,
remember=remember):
flash(_("You are logged in as %(nick)s.", nick=nickname),
"success")
return login_redirect(referer)
else:
flash(_("Invalid credentials."), "error")
except Exception as e:
current_app.logger.error('Exception during login process: %s',
str(e))
flash(_("Problem with login."), "error")
return render_template('accounts/login.html', form=form), 401
def login(nickname=None, password=None, login_method=None, action='',
remember=False, referer=None):
if cfg.get('CFG_ACCESS_CONTROL_LEVEL_SITE') > 0:
return abort(401) # page is not authorized
if action:
from invenio.modules.access.mailcookie import \
InvenioWebAccessMailCookieError, \
mail_cookie_check_authorize_action
try:
action, arguments = mail_cookie_check_authorize_action(action)
except InvenioWebAccessMailCookieError:
pass
form = LoginForm(CombinedMultiDict(
[ImmutableMultiDict({'referer': referer, 'login_method': 'Local'}
if referer else {'login_method': 'Local'}),
request.values]), csrf_enabled=False)
collection = Collection.query.get_or_404(1)
from invenio.b2share.modules.b2deposit.latest_deposits import get_latest_deposits
latest_deposits = get_latest_deposits()
if request.method == "POST":
try:
if login_method == 'Local' and form.validate_on_submit() and \
authenticate(nickname, password, login_method=login_method,
remember=remember):
flash(
_("You are logged in as %(nick)s.", nick=nickname),
"success"
)
return login_redirect(referer)
else:
flash(_("Invalid credentials."), "error")
except Exception as e:
current_app.logger.error(
'Exception during login process: %s', str(e)
)
flash(_("Problem with login."), "error")
return render_template('accounts/login.html', collection=collection, form=form, latest_deposits=latest_deposits)
def validate_current_password(self, field):
"""Validate current password."""
from invenio.ext.login import authenticate
if not authenticate(current_user['nickname'], field.data):
raise validators.ValidationError(
_("Password mismatch."))
def validate_current_password(self, field):
"""Validate current password."""
from invenio.ext.login import authenticate
if not authenticate(current_user['nickname'], field.data):
raise validators.ValidationError(_("Password mismatch."))
