| |
@@ -20,41 +20,50 @@
|
| |
|
| |
import flask
|
| |
|
| |
- from flask_login import UserMixin, login_user, logout_user, current_user
|
| |
+ from flask_login import login_user, logout_user, current_user
|
| |
from flask import request, jsonify, redirect
|
| |
|
| |
- from oraculum import app, login_manager, oidc
|
| |
-
|
| |
-
|
| |
- class User(UserMixin):
|
| |
- def __init__(self, email):
|
| |
- self.id = email
|
| |
- self.email = email
|
| |
+ from oraculum import app, db, login_manager, oidc
|
| |
+ from oraculum.models.dashboard_users import DashboardUserData
|
| |
|
| |
|
| |
@login_manager.user_loader
|
| |
def load_user(userid):
|
| |
- return User(userid)
|
| |
-
|
| |
+ return DashboardUserData.query.get(userid) or None
|
| |
|
| |
@app.route('/api/v1/oidc_login')
|
| |
@oidc.require_login
|
| |
def api_v1_oidc_login():
|
| |
- email = oidc.user_getfield('email')
|
| |
- user = User(email)
|
| |
+ username = oidc.user_getfield('nickname')
|
| |
+ groups = oidc.user_getfield('groups')
|
| |
+
|
| |
+ user = DashboardUserData.query.filter_by(username=username).first()
|
| |
+
|
| |
+ if not user:
|
| |
+ user = DashboardUserData(username, groups)
|
| |
+ db.session.add(user)
|
| |
+ db.session.commit()
|
| |
+ user = DashboardUserData.query.filter_by(username=username).first()
|
| |
+ else:
|
| |
+ user.fas_groups = groups
|
| |
+ db.session.add(user)
|
| |
+ db.session.commit()
|
| |
+
|
| |
login_user(user)
|
| |
|
| |
token = oidc.get_access_token()
|
| |
|
| |
- resp = {
|
| |
- 'msg': 'login successful',
|
| |
- 'email': email
|
| |
- }
|
| |
- print("*"*100)
|
| |
- print(flask.request.args.get('redirect'))
|
| |
- print(token)
|
| |
- # return redirect(flask.request.args.get('redirect'))
|
| |
- return redirect(flask.request.args.get('redirect') + '/%s' % token)
|
| |
+ if not flask.request.args.get('redirect'):
|
| |
+ return jsonify({
|
| |
+ 'msg': 'login successful',
|
| |
+ 'username': username,
|
| |
+ 'token': token
|
| |
+ })
|
| |
+
|
| |
+ url = flask.request.args.get('redirect')
|
| |
+ if "?" in url:
|
| |
+ return redirect(url + '&oidc_token=%s' % token)
|
| |
+ return redirect(url + '?oidc_token=%s' % token)
|
| |
|
| |
|
| |
@app.route('/api/v1/oidc_logout')
|
| |
@@ -66,8 +75,10 @@
|
| |
resp = {
|
| |
'msg': 'logout successful'
|
| |
}
|
| |
- print("*"*100)
|
| |
- print(flask.request.args.get('redirect'))
|
| |
+
|
| |
+ if not flask.request.args.get('redirect'):
|
| |
+ return jsonify(resp)
|
| |
+
|
| |
return redirect(flask.request.args.get('redirect'))
|
| |
|
| |
|
| |
@@ -75,12 +86,14 @@
|
| |
def api_v1_get_current_user():
|
| |
resp = {
|
| |
'is_authenticated': False,
|
| |
+ 'fas_groups': [],
|
| |
'user': ''
|
| |
}
|
| |
if not current_user.is_authenticated:
|
| |
return jsonify(resp)
|
| |
|
| |
- resp['user'] = current_user.email
|
| |
+ resp['user'] = current_user.username
|
| |
+ resp['fas_groups'] = current_user.fas_groups
|
| |
resp['is_authenticated'] = True
|
| |
return jsonify(resp)
|
| |
|
| |