Show More
| @@ -42,7 +42,7 b' from rhodecode.authentication.base impor' | |||
|
|
42 | 42 | from rhodecode.lib.base import BaseController, render |
|
|
43 | 43 | from rhodecode.lib.exceptions import UserCreationError |
|
|
44 | 44 | from rhodecode.lib.utils2 import safe_str |
|
|
45 |
from rhodecode.model.db import User |
|
|
|
45 | from rhodecode.model.db import User | |
|
|
46 | 46 | from rhodecode.model.forms import LoginForm, RegisterForm, PasswordResetForm |
|
|
47 | 47 | from rhodecode.model.login_session import LoginSession |
|
|
48 | 48 | from rhodecode.model.meta import Session |
| @@ -122,7 +122,6 b' class LoginController(BaseController):' | |||
|
|
122 | 122 | |
|
|
123 | 123 | not_default = c.rhodecode_user.username != User.DEFAULT_USER |
|
|
124 | 124 | ip_allowed = c.rhodecode_user.ip_allowed |
|
|
125 | c.social_plugins = self._get_active_social_plugins() | |
|
|
126 | 125 | |
|
|
127 | 126 | # redirect if already logged in |
|
|
128 | 127 | if c.rhodecode_user.is_authenticated and not_default and ip_allowed: |
| @@ -176,17 +175,6 b' class LoginController(BaseController):' | |||
|
|
176 | 175 | location=c.came_from, headers=headers) |
|
|
177 | 176 | return render('/login.html') |
|
|
178 | 177 | |
|
|
179 | # TODO: Move this to a better place. | |
|
|
180 | def _get_active_social_plugins(self): | |
|
|
181 | from rhodecode.authentication.base import AuthomaticBase | |
|
|
182 | activated_plugins = SettingsModel().get_auth_plugins() | |
|
|
183 | social_plugins = [] | |
|
|
184 | for plugin_id in activated_plugins: | |
|
|
185 | plugin = loadplugin(plugin_id) | |
|
|
186 | if isinstance(plugin, AuthomaticBase) and plugin.is_active(): | |
|
|
187 | social_plugins.append(plugin) | |
|
|
188 | return social_plugins | |
|
|
189 | ||
|
|
190 | 178 | @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate', |
|
|
191 | 179 | 'hg.register.manual_activate') |
|
|
192 | 180 | def register(self): |
| @@ -198,16 +186,7 b' class LoginController(BaseController):' | |||
|
|
198 | 186 | c.captcha_active = bool(captcha_private_key) |
|
|
199 | 187 | c.captcha_public_key = settings.get('rhodecode_captcha_public_key') |
|
|
200 | 188 | c.register_message = settings.get('rhodecode_register_message') or '' |
|
|
201 | ||
|
|
202 | c.social_plugins = self._get_active_social_plugins() | |
|
|
203 | ||
|
|
204 | social_data = session.get('rhodecode.social_auth') | |
|
|
205 | 189 | c.form_data = {} |
|
|
206 | if social_data: | |
|
|
207 | c.form_data = {'username': social_data['user'].get('user_name'), | |
|
|
208 | 'password': str(uuid.uuid4()), | |
|
|
209 | 'email': social_data['user'].get('email') | |
|
|
210 | } | |
|
|
211 | 190 | |
|
|
212 | 191 | if request.POST: |
|
|
213 | 192 | register_form = RegisterForm()() |
| @@ -228,15 +207,7 b' class LoginController(BaseController):' | |||
|
|
228 | 207 | raise formencode.Invalid(_msg, _value, None, |
|
|
229 | 208 | error_dict=error_dict) |
|
|
230 | 209 | |
|
|
231 |
|
|
|
|
232 | if social_data: | |
|
|
233 | plugin_name = 'egg:rhodecode-enterprise-ee#{}'.format( | |
|
|
234 | social_data['credentials.provider'] | |
|
|
235 | ) | |
|
|
236 | auth_plugin = loadplugin(plugin_name) | |
|
|
237 | if auth_plugin: | |
|
|
238 | auth_plugin.handle_social_data( | |
|
|
239 | session, new_user.user_id, social_data) | |
|
|
210 | UserModel().create_registration(form_result) | |
|
|
240 | 211 | h.flash(_('You have successfully registered with RhodeCode'), |
|
|
241 | 212 | category='success') |
|
|
242 | 213 | Session().commit() |
| @@ -317,93 +288,3 b' class LoginController(BaseController):' | |||
|
|
317 | 288 | def logout(self): |
|
|
318 | 289 | LoginSession().destroy_user_session() |
|
|
319 | 290 | return redirect(url('home')) |
|
|
320 | ||
|
|
321 | def social_auth(self, provider_name): | |
|
|
322 | plugin_name = 'egg:rhodecode-enterprise-ee#{}'.format( | |
|
|
323 | provider_name | |
|
|
324 | ) | |
|
|
325 | auth_plugin = loadplugin(plugin_name) | |
|
|
326 | if not auth_plugin: | |
|
|
327 | return self._handle_social_auth_error(request, 'No auth plugin') | |
|
|
328 | ||
|
|
329 | result, response = auth_plugin.get_provider_result(request) | |
|
|
330 | if result: | |
|
|
331 | if result.error: | |
|
|
332 | return self._handle_social_auth_error(request, result.error) | |
|
|
333 | elif result.user: | |
|
|
334 | return self._handle_social_auth_success(request, result) | |
|
|
335 | return response | |
|
|
336 | ||
|
|
337 | def _handle_social_auth_error(self, request, result): | |
|
|
338 | log.error(result) | |
|
|
339 | h.flash(_('There was an error during OAuth processing.'), | |
|
|
340 | category='error') | |
|
|
341 | return redirect(url('home')) | |
|
|
342 | ||
|
|
343 | def _normalize_social_data(self, result): | |
|
|
344 | social_data = { | |
|
|
345 | 'user': {'data': result.user.data}, | |
|
|
346 | 'credentials.provider': result.user.credentials.provider_name, | |
|
|
347 | 'credentials.token': result.user.credentials.token, | |
|
|
348 | 'credentials.token_secret': result.user.credentials.token_secret, | |
|
|
349 | 'credentials.refresh_token': result.user.credentials.refresh_token | |
|
|
350 | } | |
|
|
351 | # normalize data | |
|
|
352 | social_data['user']['id'] = result.user.id | |
|
|
353 | user_name = result.user.username or '' | |
|
|
354 | # use email name as username for google | |
|
|
355 | if (social_data['credentials.provider'] == 'google' and | |
|
|
356 | result.user.email): | |
|
|
357 | user_name = result.user.email | |
|
|
358 | ||
|
|
359 | social_data['user']['user_name'] = user_name | |
|
|
360 | social_data['user']['email'] = result.user.email or '' | |
|
|
361 | return social_data | |
|
|
362 | ||
|
|
363 | def _handle_social_auth_success(self, request, result): | |
|
|
364 | self._set_came_from() | |
|
|
365 | ||
|
|
366 | # Hooray, we have the user! | |
|
|
367 | # OAuth 2.0 and OAuth 1.0a provide only limited user data on login, | |
|
|
368 | # We need to update the user to get more info. | |
|
|
369 | if result.user: | |
|
|
370 | result.user.update() | |
|
|
371 | ||
|
|
372 | social_data = self._normalize_social_data(result) | |
|
|
373 | ||
|
|
374 | session['rhodecode.social_auth'] = social_data | |
|
|
375 | ||
|
|
376 | plugin_name = 'egg:rhodecode-enterprise-ee#{}'.format( | |
|
|
377 | social_data['credentials.provider'] | |
|
|
378 | ) | |
|
|
379 | auth_plugin = loadplugin(plugin_name) | |
|
|
380 | ||
|
|
381 | # user is logged so bind his external identity with account | |
|
|
382 | if request.user and request.user.username != User.DEFAULT_USER: | |
|
|
383 | if auth_plugin: | |
|
|
384 | auth_plugin.handle_social_data( | |
|
|
385 | session, request.user.user_id, social_data) | |
|
|
386 | session.pop('rhodecode.social_auth', None) | |
|
|
387 | Session().commit() | |
|
|
388 | return redirect(url('my_account_oauth')) | |
|
|
389 | else: | |
|
|
390 | user = ExternalIdentity.user_by_external_id_and_provider( | |
|
|
391 | social_data['user']['id'], | |
|
|
392 | social_data['credentials.provider'] | |
|
|
393 | ) | |
|
|
394 | ||
|
|
395 | # user tokens are already found in our db | |
|
|
396 | if user: | |
|
|
397 | if auth_plugin: | |
|
|
398 | auth_plugin.handle_social_data( | |
|
|
399 | session, user.user_id, social_data) | |
|
|
400 | session.pop('rhodecode.social_auth', None) | |
|
|
401 | headers = self._store_user_in_session(user.username) | |
|
|
402 | raise self._redirect_to_origin( | |
|
|
403 | location=c.came_from, headers=headers) | |
|
|
404 | else: | |
|
|
405 | msg = _('You need to finish registration ' | |
|
|
406 | 'process to bind your external identity to your ' | |
|
|
407 | 'account or sign in to existing account') | |
|
|
408 | h.flash(msg, category='success') | |
|
|
409 | return redirect(url('register')) | |
General Comments 0
You need to be logged in to leave comments.
Login now