Show More
| @@ -42,7 +42,7 b' from rhodecode.authentication.base impor' | |||||
| 42 | from rhodecode.lib.base import BaseController, render |
|
42 | from rhodecode.lib.base import BaseController, render | |
| 43 | from rhodecode.lib.exceptions import UserCreationError |
|
43 | from rhodecode.lib.exceptions import UserCreationError | |
| 44 | from rhodecode.lib.utils2 import safe_str |
|
44 | from rhodecode.lib.utils2 import safe_str | |
| 45 |
from rhodecode.model.db import User |
|
45 | from rhodecode.model.db import User | |
| 46 | from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm |
|
46 | from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm | |
| 47 | from rhodecode.model.login_session import LoginSession |
|
47 | from rhodecode.model.login_session import LoginSession | |
| 48 | from rhodecode.model.meta import Session |
|
48 | from rhodecode.model.meta import Session | |
| @@ -122,7 +122,6 b' class LoginController(BaseController):' | |||||
| 122 |
|
122 | |||
| 123 | not_default = c.rhodecode_user.username != User.DEFAULT_USER |
|
123 | not_default = c.rhodecode_user.username != User.DEFAULT_USER | |
| 124 | ip_allowed = c.rhodecode_user.ip_allowed |
|
124 | ip_allowed = c.rhodecode_user.ip_allowed | |
| 125 | c.social_plugins = self._get_active_social_plugins() |
|
|||
| 126 |
|
125 | |||
| 127 | # redirect if already logged in |
|
126 | # redirect if already logged in | |
| 128 | if c.rhodecode_user.is_authenticated and not_default and ip_allowed: |
|
127 | if c.rhodecode_user.is_authenticated and not_default and ip_allowed: | |
| @@ -176,17 +175,6 b' class LoginController(BaseController):' | |||||
| 176 | location=c.came_from, headers=headers) |
|
175 | location=c.came_from, headers=headers) | |
| 177 | return render('/login.html') |
|
176 | return render('/login.html') | |
| 178 |
|
177 | |||
| 179 | # TODO: Move this to a better place. |
|
|||
| 180 | def _get_active_social_plugins(self): |
|
|||
| 181 | from rhodecode.authentication.base import AuthomaticBase |
|
|||
| 182 | activated_plugins = SettingsModel().get_auth_plugins() |
|
|||
| 183 | social_plugins = [] |
|
|||
| 184 | for plugin_id in activated_plugins: |
|
|||
| 185 | plugin = loadplugin(plugin_id) |
|
|||
| 186 | if isinstance(plugin, AuthomaticBase) and plugin.is_active(): |
|
|||
| 187 | social_plugins.append(plugin) |
|
|||
| 188 | return social_plugins |
|
|||
| 189 |
|
||||
| 190 | @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', |
|
178 | @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', | |
| 191 | 'hg.register.manual_activate') |
|
179 | 'hg.register.manual_activate') | |
| 192 | def register(self): |
|
180 | def register(self): | |
| @@ -198,16 +186,7 b' class LoginController(BaseController):' | |||||
| 198 | c.captcha_active = bool(captcha_private_key) |
|
186 | c.captcha_active = bool(captcha_private_key) | |
| 199 | c.captcha_public_key = settings.get('rhodecode_captcha_public_key') |
|
187 | c.captcha_public_key = settings.get('rhodecode_captcha_public_key') | |
| 200 | c.register_message = settings.get('rhodecode_register_message') or '' |
|
188 | c.register_message = settings.get('rhodecode_register_message') or '' | |
| 201 |
|
||||
| 202 | c.social_plugins = self._get_active_social_plugins() |
|
|||
| 203 |
|
||||
| 204 | social_data = session.get('rhodecode.social_auth') |
|
|||
| 205 | c.form_data = {} |
|
189 | c.form_data = {} | |
| 206 | if social_data: |
|
|||
| 207 | c.form_data = {'username': social_data['user'].get('user_name'), |
|
|||
| 208 | 'password': str(uuid.uuid4()), |
|
|||
| 209 | 'email': social_data['user'].get('email') |
|
|||
| 210 | } |
|
|||
| 211 |
|
190 | |||
| 212 | if request.POST: |
|
191 | if request.POST: | |
| 213 | register_form = RegisterForm()() |
|
192 | register_form = RegisterForm()() | |
| @@ -228,15 +207,7 b' class LoginController(BaseController):' | |||||
| 228 | raise formencode.Invalid(_msg, _value, None, |
|
207 | raise formencode.Invalid(_msg, _value, None, | |
| 229 | error_dict=error_dict) |
|
208 | error_dict=error_dict) | |
| 230 |
|
209 | |||
| 231 |
|
|
210 | UserModel().create_registration(form_result) | |
| 232 | if social_data: |
|
|||
| 233 | plugin_name = 'egg:rhodecode-enterprise-ee#{}'.format( |
|
|||
| 234 | social_data['credentials.provider'] |
|
|||
| 235 | ) |
|
|||
| 236 | auth_plugin = loadplugin(plugin_name) |
|
|||
| 237 | if auth_plugin: |
|
|||
| 238 | auth_plugin.handle_social_data( |
|
|||
| 239 | session, new_user.user_id, social_data) |
|
|||
| 240 | h.flash(_('You have successfully registered with RhodeCode'), |
|
211 | h.flash(_('You have successfully registered with RhodeCode'), | |
| 241 | category='success') |
|
212 | category='success') | |
| 242 | Session().commit() |
|
213 | Session().commit() | |
| @@ -317,93 +288,3 b' class LoginController(BaseController):' | |||||
| 317 | def logout(self): |
|
288 | def logout(self): | |
| 318 | LoginSession().destroy_user_session() |
|
289 | LoginSession().destroy_user_session() | |
| 319 | return redirect(url('home')) |
|
290 | return redirect(url('home')) | |
| 320 |
|
||||
| 321 | def social_auth(self, provider_name): |
|
|||
| 322 | plugin_name = 'egg:rhodecode-enterprise-ee#{}'.format( |
|
|||
| 323 | provider_name |
|
|||
| 324 | ) |
|
|||
| 325 | auth_plugin = loadplugin(plugin_name) |
|
|||
| 326 | if not auth_plugin: |
|
|||
| 327 | return self._handle_social_auth_error(request, 'No auth plugin') |
|
|||
| 328 |
|
||||
| 329 | result, response = auth_plugin.get_provider_result(request) |
|
|||
| 330 | if result: |
|
|||
| 331 | if result.error: |
|
|||
| 332 | return self._handle_social_auth_error(request, result.error) |
|
|||
| 333 | elif result.user: |
|
|||
| 334 | return self._handle_social_auth_success(request, result) |
|
|||
| 335 | return response |
|
|||
| 336 |
|
||||
| 337 | def _handle_social_auth_error(self, request, result): |
|
|||
| 338 | log.error(result) |
|
|||
| 339 | h.flash(_('There was an error during OAuth processing.'), |
|
|||
| 340 | category='error') |
|
|||
| 341 | return redirect(url('home')) |
|
|||
| 342 |
|
||||
| 343 | def _normalize_social_data(self, result): |
|
|||
| 344 | social_data = { |
|
|||
| 345 | 'user': {'data': result.user.data}, |
|
|||
| 346 | 'credentials.provider': result.user.credentials.provider_name, |
|
|||
| 347 | 'credentials.token': result.user.credentials.token, |
|
|||
| 348 | 'credentials.token_secret': result.user.credentials.token_secret, |
|
|||
| 349 | 'credentials.refresh_token': result.user.credentials.refresh_token |
|
|||
| 350 | } |
|
|||
| 351 | # normalize data |
|
|||
| 352 | social_data['user']['id'] = result.user.id |
|
|||
| 353 | user_name = result.user.username or '' |
|
|||
| 354 | # use email name as username for google |
|
|||
| 355 | if (social_data['credentials.provider'] == 'google' and |
|
|||
| 356 | result.user.email): |
|
|||
| 357 | user_name = result.user.email |
|
|||
| 358 |
|
||||
| 359 | social_data['user']['user_name'] = user_name |
|
|||
| 360 | social_data['user']['email'] = result.user.email or '' |
|
|||
| 361 | return social_data |
|
|||
| 362 |
|
||||
| 363 | def _handle_social_auth_success(self, request, result): |
|
|||
| 364 | self._set_came_from() |
|
|||
| 365 |
|
||||
| 366 | # Hooray, we have the user! |
|
|||
| 367 | # OAuth 2.0 and OAuth 1.0a provide only limited user data on login, |
|
|||
| 368 | # We need to update the user to get more info. |
|
|||
| 369 | if result.user: |
|
|||
| 370 | result.user.update() |
|
|||
| 371 |
|
||||
| 372 | social_data = self._normalize_social_data(result) |
|
|||
| 373 |
|
||||
| 374 | session['rhodecode.social_auth'] = social_data |
|
|||
| 375 |
|
||||
| 376 | plugin_name = 'egg:rhodecode-enterprise-ee#{}'.format( |
|
|||
| 377 | social_data['credentials.provider'] |
|
|||
| 378 | ) |
|
|||
| 379 | auth_plugin = loadplugin(plugin_name) |
|
|||
| 380 |
|
||||
| 381 | # user is logged so bind his external identity with account |
|
|||
| 382 | if request.user and request.user.username != User.DEFAULT_USER: |
|
|||
| 383 | if auth_plugin: |
|
|||
| 384 | auth_plugin.handle_social_data( |
|
|||
| 385 | session, request.user.user_id, social_data) |
|
|||
| 386 | session.pop('rhodecode.social_auth', None) |
|
|||
| 387 | Session().commit() |
|
|||
| 388 | return redirect(url('my_account_oauth')) |
|
|||
| 389 | else: |
|
|||
| 390 | user = ExternalIdentity.user_by_external_id_and_provider( |
|
|||
| 391 | social_data['user']['id'], |
|
|||
| 392 | social_data['credentials.provider'] |
|
|||
| 393 | ) |
|
|||
| 394 |
|
||||
| 395 | # user tokens are already found in our db |
|
|||
| 396 | if user: |
|
|||
| 397 | if auth_plugin: |
|
|||
| 398 | auth_plugin.handle_social_data( |
|
|||
| 399 | session, user.user_id, social_data) |
|
|||
| 400 | session.pop('rhodecode.social_auth', None) |
|
|||
| 401 | headers = self._store_user_in_session(user.username) |
|
|||
| 402 | raise self._redirect_to_origin( |
|
|||
| 403 | location=c.came_from, headers=headers) |
|
|||
| 404 | else: |
|
|||
| 405 | msg = _('You need to finish registration ' |
|
|||
| 406 | 'process to bind your external identity to your ' |
|
|||
| 407 | 'account or sign in to existing account') |
|
|||
| 408 | h.flash(msg, category='success') |
|
|||
| 409 | return redirect(url('register')) |
|
|||
General Comments 0
You need to be logged in to leave comments.
Login now