mygpo/web/auth.py

   1 #
   2 # This file is part of my.gpodder.org.
   3 #
   4 # my.gpodder.org is free software: you can redistribute it and/or modify it
   5 # under the terms of the GNU Affero General Public License as published by
   6 # the Free Software Foundation, either version 3 of the License, or (at your
   7 # option) any later version.
   8 #
   9 # my.gpodder.org is distributed in the hope that it will be useful, but
  10 # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
  11 # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
  12 # License for more details.
  13 #
  14 # You should have received a copy of the GNU Affero General Public License
  15 # along with my.gpodder.org. If not, see <http://www.gnu.org/licenses/>.
  16 #
  17
  18 from django.contrib.auth.backends import ModelBackend
  19 from django.core.validators import validate_email
  20 from django.core.exceptions import ValidationError
  21 from django.conf import settings
  22 from django.contrib.sites.models import RequestSite
  23 from django.contrib.auth import get_user_model
  24 from django.core.urlresolvers import reverse
  25
  26
  27 class EmailAuthenticationBackend(ModelBackend):
  28     def authenticate(self, username=None, password=None):
  29         try:
  30             validate_email(username)
  31
  32             User = get_user_model()
  33             try:
  34                 user = User.objects.get(email=username)
  35             except User.DoesNotExist:
  36                 return None
  37
  38             return user if user.check_password(password) else None
  39
  40         except ValidationError:
  41             return None
  42
  43     def get_user(self, username):
  44         User = get_user_model()
  45         try:
  46             return User.objects.get(username=username)
  47         except User.DoesNotExist:
  48             return None
  49
  50
  51 def get_google_oauth_flow(request):
  52     """ Prepare an OAuth 2.0 flow
  53
  54     https://developers.google.com/api-client-library/python/guide/aaa_oauth """
  55
  56     from oauth2client.client import OAuth2WebServerFlow
  57
  58     site = RequestSite(request)
  59
  60     callback = 'http{s}://{domain}{callback}'.format(
  61         s='s' if request.is_secure() else '',
  62         domain=site.domain,
  63         callback=reverse('login-google-callback'))
  64
  65     flow = OAuth2WebServerFlow(
  66         client_id=settings.GOOGLE_CLIENT_ID,
  67         client_secret=settings.GOOGLE_CLIENT_SECRET,
  68         scope='https://www.googleapis.com/auth/userinfo.email',
  69         redirect_uri=callback)
  70
  71     return flow