Skip to content
Snippets Groups Projects
Normal view Permalink
login.py 2.57 KiB
Newer Older
  • Learn to ignore specific revisions
    • Jeremy M Fee's avatar
    Implement login using flask extensions and authlib
    Jeremy M Fee committed
    1 
    from __future__ import absolute_import, unicode_literals, print_function
    Jeremy M Fee's avatar
    Add type to login.py method, update version to 1.0.x, breaking change to drop python2  
    Jeremy M Fee committed
    2 
    from builtins import str
    Jeremy M Fee's avatar
    Implement login using flask extensions and authlib
    Jeremy M Fee committed
    3 4 5 6 7 8 
    
import flask
import flask_login
import os
from authlib.integrations.flask_client import OAuth
    Jeremy M Fee's avatar
    Move User class to login module  
    Jeremy M Fee committed
    9 
    from .database import db
    Jeremy M Fee's avatar
    Implement login using flask extensions and authlib
    Jeremy M Fee committed
    10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 
    

# Blueprint for auth routes
blueprint = flask.Blueprint('login', __name__)
login_manager = flask_login.LoginManager()
oauth = OAuth()


def init_app(app: flask.Flask):
    """Flask app configuration method.
    """
    global blueprint
    global login_manager
    global oauth
    # LoginManager
    login_manager.init_app(app)
    login_manager.login_view = 'login.login'
    # OpenID client
    oauth.init_app(app)
    # register oauth client (needs to happen after init_app)
    # creates property "oauth.openid"
    oauth.register(
        name='openid',
        client_id=os.getenv('OPENID_CLIENT_ID'),
        client_secret=os.getenv('OPENID_CLIENT_SECRET'),
        server_metadata_url=os.getenv('OPENID_METADATA_URL'),
        client_kwargs={"scope": "openid email"}
    )
    # register blueprint routes
    app.register_blueprint(blueprint)
    Jeremy M Fee's avatar
    Move User class to login module  
    Jeremy M Fee committed
    42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 
    class User(db.Model, flask_login.UserMixin):
    """User database model.
    """
    __tablename__ = 'user'
    id = db.Column(db.Integer, primary_key=True)
    openid = db.Column(db.Text, unique=True, nullable=False)
    email = db.Column(db.Text, unique=True, nullable=False)
    groups = db.Column(db.Text)

    def get_id(self) -> str:
        return str(self.openid)

    def to_dict(self):
        return {
            'id': self.id,
            'openid': self.openid,
            'email': self.email,
            'groups': self.groups
        }
    Jeremy M Fee's avatar
    Implement login using flask extensions and authlib
    Jeremy M Fee committed
    63 
    @login_manager.user_loader
    Jeremy M Fee's avatar
    Add type to login.py method, update version to 1.0.x, breaking change to drop python2  
    Jeremy M Fee committed
    64 
    def _load_user(user_id: str):
    Jeremy M Fee's avatar
    Implement login using flask extensions and authlib
    Jeremy M Fee committed
    65 66 
        return User.query.filter_by(openid=user_id).first()
    Jeremy M Fee's avatar
    Linting fixes  
    Jeremy M Fee committed
    67
    Jeremy M Fee's avatar
    Implement login using flask extensions and authlib
    Jeremy M Fee committed
    68 69 70 71 72 73 74 75 76 77 78 79 80 81 
    @blueprint.route('/hello')
@flask_login.login_required
def hello():
    return flask.render_template('hello.html')


@blueprint.route('/login')
def login():
    redirect_uri = flask.url_for('login.authorize', _external=True)
    return oauth.openid.authorize_redirect(redirect_uri)


@blueprint.route('/login/callback')
def authorize():
    Jeremy M Fee's avatar
    Linting fixes  
    Jeremy M Fee committed
    82 
        oauth.openid.authorize_access_token()
    Jeremy M Fee's avatar
    Implement login using flask extensions and authlib
    Jeremy M Fee committed
    83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 
        userinfo = oauth.openid.userinfo()
    # check if existing user
    user = User.query.filter_by(openid=userinfo.sub).first()
    if not user:
        user = User(openid=userinfo.sub, email=userinfo.email)
        db.session.add(user)
        db.session.commit()
    flask_login.login_user(user)
    return flask.redirect(flask.url_for('login.hello'))


@blueprint.route('/logout')
@flask_login.login_required
def logout():
    flask_login.logout_user()
    return flask.redirect(flask.url_for('index'))