mygpo/web/auth.py

   1 #
   2 # This file is part of my.gpodder.org.
   3 #
   4 # my.gpodder.org is free software: you can redistribute it and/or modify it
   5 # under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or (at your
   7 # option) any later version.
   8 #
   9 # my.gpodder.org is distributed in the hope that it will be useful, but
  10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
  12 # License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
  16 #
  17
  18 from django.contrib.auth.backends import ModelBackend
  19 from django.core.validators import email_re
  20 from django.conf import settings
  21 from django.contrib.sites.models import RequestSite
  22 from django.core.urlresolvers import reverse
  23
  24 from mygpo.users.models import User
  25
  26
  27 class EmailAuthenticationBackend(ModelBackend):
  28     def authenticate(self, username=None, password=None):
  29         if email_re.search(username):
  30             user = User.get_user_by_email(username)
  31             if not user:
  32                 return None
  33
  34             return user if user.check_password(password) else None
  35         return None
  36
  37     def get_user(self, username):
  38         return User.get_user(username)
  39
  40
  41 def get_google_oauth_flow(request):
  42     """ Prepare an OAuth 2.0 flow
  43
  44     https://developers.google.com/api-client-library/python/guide/aaa_oauth """
  45
  46     from oauth2client.client import OAuth2WebServerFlow
  47
  48     site = RequestSite(request)
  49
  50     callback = 'http{s}://{domain}{callback}'.format(
  51         s='s' if request.is_secure() else '',
  52         domain = site.domain,
  53         callback = reverse('login-google-callback'))
  54
  55     flow = OAuth2WebServerFlow(client_id=settings.GOOGLE_CLIENT_ID,
  56             client_secret=settings.GOOGLE_CLIENT_SECRET,
  57             scope='https://www.googleapis.com/auth/userinfo.email',
  58             redirect_uri=callback)
  59
  60     return flow