Created
October 4, 2014 21:51
-
-
Save jbolda/b7d344f1f0d1a68f7be8 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @app.route('/login/<provider_name>', methods=['GET', 'POST']) | |
| @authomatic.login('g') | |
| @requires_ssl | |
| def login(provider_name): | |
| if g.user is not None and g.user.is_authenticated(): | |
| return redirect(url_for('index')) | |
| if authomatic.result: | |
| if authomatic.result.error: | |
| return 'Something went wrong: {0}'.format(authomatic.result.error.message) | |
| if authomatic.result.user: | |
| if not (authomatic.result.user.name and authomatic.result.user.id): | |
| authomatic.result.user.update() | |
| # while update_response.status/100 not in [4, 5]: | |
| # update_response = authomatic.result.user.update() | |
| # if update_response.status/100 in [4, 5]: | |
| # return 'Response status: {}'.format(authomatic.response.status) | |
| user = User.query.filter_by(email=authomatic.result.user.email).first() | |
| if user is None: | |
| nickname = authomatic.result.user.name | |
| if nickname is None or nickname == "": | |
| nickname = authomatic.result.user.email.split('@')[0] | |
| nickname = User.make_valid_nickname(nickname) | |
| nickname = User.make_unique_nickname(nickname) | |
| role = ROLE_USER | |
| if authomatic.result.user.email in PRESET_ADMINS: | |
| role = ROLE_SUPERADMIN | |
| user = User(nickname=authomatic.result.user.name, | |
| email=authomatic.result.user.email, | |
| about_me=authomatic.result.user.id, | |
| role=role, | |
| join=datetime.utcnow(), | |
| last_seen=datetime.utcnow()) | |
| db.session.add(user) | |
| db.session.commit() | |
| g.user = user | |
| login_user(g.user, remember=True) | |
| flash('You are now logged in!') | |
| return render_template('result.html', result=authomatic.result) | |
| return authomatic.response |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Just came back to this while looking around to see why result.user.id was coming up None from a new machine. It was coming up as a unique id for each user from google at least, but I'm not sure how private/secure that id is. I just saw it as a unique identifier for each google account and went with that instead of the email, but not consciously.
On the matter of security, due to the method that is used with the authentication I think it would be difficult to get in the middle of or inject anything as long as you're using ssl - it would likely be easier to pretend to be google than attempt to exploit the flask app's route at that point.
So at that point in the authentication process, checking against email would be just fine, and probably makes more sense than the google id for account lookup. The usages of the google id for the authentication process are probably few.