2012-10-25 06:23:55 +02:00
|
|
|
from django.contrib.auth.models import User
|
2013-01-09 22:45:23 +01:00
|
|
|
from django.conf import settings
|
2013-02-20 22:26:06 +01:00
|
|
|
|
|
|
|
from openid.consumer.consumer import SUCCESS
|
|
|
|
|
2013-01-09 22:45:23 +01:00
|
|
|
from zephyr.lib.cache import cache_with_key
|
2013-03-13 18:49:29 +01:00
|
|
|
from zephyr.lib.cache import user_by_id_cache_key
|
2013-01-09 22:45:23 +01:00
|
|
|
|
2013-03-13 18:49:29 +01:00
|
|
|
@cache_with_key(user_by_id_cache_key)
|
2013-01-09 22:45:23 +01:00
|
|
|
def get_tornado_user(user_id):
|
|
|
|
try:
|
|
|
|
return User.objects.select_related().get(id=user_id)
|
|
|
|
except User.DoesNotExist:
|
|
|
|
return None
|
2012-09-21 16:10:36 +02:00
|
|
|
|
|
|
|
class EmailAuthBackend(object):
|
|
|
|
"""
|
|
|
|
Email Authentication Backend
|
|
|
|
|
|
|
|
Allows a user to sign in using an email/password pair rather than
|
|
|
|
a username/password pair.
|
|
|
|
"""
|
|
|
|
|
|
|
|
def authenticate(self, username=None, password=None):
|
|
|
|
""" Authenticate a user based on email address as the user name. """
|
2012-10-29 19:17:03 +01:00
|
|
|
if username is None or password is None:
|
|
|
|
# Return immediately. Otherwise we will look for a SQL row with
|
|
|
|
# NULL username. While that's probably harmless, it's needless
|
|
|
|
# exposure.
|
|
|
|
return None
|
|
|
|
|
2012-09-21 16:10:36 +02:00
|
|
|
try:
|
2012-12-04 20:15:02 +01:00
|
|
|
user = User.objects.get(email__iexact=username)
|
2012-09-21 16:10:36 +02:00
|
|
|
if user.check_password(password):
|
|
|
|
return user
|
|
|
|
except User.DoesNotExist:
|
|
|
|
return None
|
|
|
|
|
|
|
|
def get_user(self, user_id):
|
|
|
|
""" Get a User object from the user_id. """
|
2013-01-09 22:45:23 +01:00
|
|
|
if settings.RUNNING_INSIDE_TORNADO:
|
|
|
|
# Get the User from a cache because we aren't accessing
|
|
|
|
# any mutable fields from Tornado (just the id)
|
|
|
|
return get_tornado_user(user_id)
|
2012-09-21 16:10:36 +02:00
|
|
|
try:
|
2013-02-20 22:26:06 +01:00
|
|
|
return User.objects.get(id=user_id)
|
|
|
|
except User.DoesNotExist:
|
|
|
|
return None
|
|
|
|
|
|
|
|
# Adapted from http://djangosnippets.org/snippets/2183/ by user Hangya (September 1, 2010)
|
|
|
|
|
|
|
|
class GoogleBackend:
|
|
|
|
def authenticate(self, openid_response):
|
|
|
|
if openid_response is None:
|
|
|
|
return None
|
|
|
|
if openid_response.status != SUCCESS:
|
|
|
|
return None
|
|
|
|
|
|
|
|
google_email = openid_response.getSigned('http://openid.net/srv/ax/1.0', 'value.email')
|
|
|
|
|
|
|
|
try:
|
|
|
|
user = User.objects.get(email__iexact=google_email)
|
|
|
|
except User.DoesNotExist:
|
|
|
|
# create a new user, or send a message to admins, etc.
|
|
|
|
return None
|
|
|
|
|
|
|
|
return user
|
|
|
|
|
|
|
|
def get_user(self, user_id):
|
|
|
|
try:
|
|
|
|
return User.objects.get(id=user_id)
|
2012-09-21 16:10:36 +02:00
|
|
|
except User.DoesNotExist:
|
|
|
|
return None
|