anoopmb
/
frappe
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4870 Commits
1 Branch
314 MiB
 
 
 
 
 
 
Tree: 38f9636e45
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '38f9636e45'
${ noResults }
frappe/frappe/templates/pages/login.py

216 lines
5.8 KiB
Raw Blame History 

  1. # Copyright (c) 2013, Web Notes Technologies Pvt. Ltd. and Contributors

  2. # MIT License. See license.txt

  3. 

  4. from __future__ import unicode_literals

  5. import frappe, os

  6. import httplib2

  7. import json

  8. from werkzeug.utils import redirect

  9. import frappe.utils

  10. 

  11. no_cache = True

  12. 

  13. def get_context(context):

  14. 	# get settings from site config

  15. 	context["title"] = "Login"

  16. 	

  17. 	for provider in ("google", "github", "facebook"):

  18. 		if get_oauth_keys(provider):

  19. 			context["{provider}_login".format(provider=provider)] = get_oauth2_authorize_url(provider)

  20. 			context["social_login"] = True

  21. 			

  22. 	return context

  23. 	

  24. oauth2_providers = {

  25. 	"google": {

  26. 		"flow_params": {

  27. 			"name": "google",

  28. 			"authorize_url": "https://accounts.google.com/o/oauth2/auth",

  29. 			"access_token_url": "https://accounts.google.com/o/oauth2/token",

  30. 			"base_url": "https://www.googleapis.com",

  31. 		},

  32. 		

  33. 		"redirect_uri": "/api/method/frappe.templates.pages.login.login_via_google",

  34. 		

  35. 		"auth_url_data": {

  36. 			"scope": "https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email",

  37. 			"response_type": "code"

  38. 		},

  39. 		

  40. 		# relative to base_url

  41. 		"api_endpoint": "oauth2/v2/userinfo"

  42. 	},

  43. 	

  44. 	"github": {

  45. 		"flow_params": {

  46. 			"name": "github",

  47. 			"authorize_url": "https://github.com/login/oauth/authorize",

  48. 			"access_token_url": "https://github.com/login/oauth/access_token",

  49. 			"base_url": "https://api.github.com/"

  50. 		},

  51. 		

  52. 		"redirect_uri": "/api/method/frappe.templates.pages.login.login_via_github",

  53. 		

  54. 		# relative to base_url

  55. 		"api_endpoint": "user"

  56. 	},

  57. 	

  58. 	"facebook": {

  59. 		"flow_params": {

  60. 			"name": "facebook",

  61. 			"authorize_url": "https://www.facebook.com/dialog/oauth",

  62. 			"access_token_url": "https://graph.facebook.com/oauth/access_token",

  63. 			"base_url": "https://graph.facebook.com"

  64. 		},

  65. 		

  66. 		"redirect_uri": "/api/method/frappe.templates.pages.login.login_via_facebook",

  67. 		

  68. 		"auth_url_data": {

  69. 			"display": "page",

  70. 			"response_type": "code",

  71. 			"scope": "email,user_birthday"

  72. 		},

  73. 		

  74. 		# relative to base_url

  75. 		"api_endpoint": "me"

  76. 	}

  77. }

  78. 

  79. def get_oauth_keys(provider):

  80. 	"""get client_id and client_secret from database or conf"""

  81. 	

  82. 	# try conf

  83. 	keys = frappe.conf.get("{provider}_login".format(provider=provider))

  84. 

  85. 	if not keys:

  86. 		# try database

  87. 		social = frappe.doc("Social Login Keys", "Social Login Keys")

  88. 		keys = {}

  89. 		for fieldname in ("client_id", "client_secret"):

  90. 			value = social.fields.get("{provider}_{fieldname}".format(provider=provider, fieldname=fieldname))

  91. 			if not value:

  92. 				keys = {}

  93. 				break

  94. 			keys[fieldname] = value

  95. 

  96. 	return keys

  97. 

  98. def get_oauth2_authorize_url(provider):

  99. 	flow = get_oauth2_flow(provider)

  100. 	

  101. 	# relative to absolute url

  102. 	data = { "redirect_uri": get_redirect_uri(provider) }

  103. 

  104. 	# additional data if any

  105. 	data.update(oauth2_providers[provider].get("auth_url_data", {}))

  106. 	

  107. 	return flow.get_authorize_url(**data)

  108. 	

  109. def get_oauth2_flow(provider):

  110. 	from rauth import OAuth2Service

  111. 	

  112. 	# get client_id and client_secret

  113. 	params = get_oauth_keys(provider)

  114. 	

  115. 	# additional params for getting the flow

  116. 	params.update(oauth2_providers[provider]["flow_params"])

  117. 	

  118. 	# and we have setup the communication lines

  119. 	return OAuth2Service(**params)

  120. 	

  121. def get_redirect_uri(provider):

  122. 	redirect_uri = oauth2_providers[provider]["redirect_uri"]

  123. 	return frappe.utils.get_url(redirect_uri)

  124. 	

  125. @frappe.whitelist(allow_guest=True)

  126. def login_via_google(code):

  127. 	login_via_oauth2("google", code, decoder=json.loads)

  128. 	

  129. @frappe.whitelist(allow_guest=True)

  130. def login_via_github(code):

  131. 	login_via_oauth2("github", code)

  132. 

  133. @frappe.whitelist(allow_guest=True)

  134. def login_via_facebook(code):

  135. 	login_via_oauth2("facebook", code)

  136. 	

  137. def login_via_oauth2(provider, code, decoder=None):

  138. 	flow = get_oauth2_flow(provider)

  139. 	

  140. 	args = {

  141. 		"data": {

  142. 			"code": code,

  143. 			"redirect_uri": get_redirect_uri(provider),

  144. 			"grant_type": "authorization_code"

  145. 		}

  146. 	}

  147. 	if decoder:

  148. 		args["decoder"] = decoder

  149. 	

  150. 	session = flow.get_auth_session(**args)

  151. 	

  152. 	api_endpoint = oauth2_providers[provider].get("api_endpoint")

  153. 	info = session.get(api_endpoint).json()

  154. 	

  155. 	if "verified_email" in info and not info.get("verified_email"):

  156. 		frappe.throw("{verify}: {provider}".format(

  157. 			verify=_("Error. Please verify your email with"),

  158. 			provider=provider.title()))

  159. 	

  160. 	login_oauth_user(info, provider=provider)

  161. 	

  162. def login_oauth_user(data, provider=None):

  163. 	user = data["email"]

  164. 	

  165. 	if not frappe.db.exists("User", user):

  166. 		create_oauth_user(data, provider)

  167. 	

  168. 	frappe.local.login_manager.user = user

  169. 	frappe.local.login_manager.post_login()

  170. 	

  171. 	# redirect!

  172. 	frappe.local.response["type"] = "redirect"

  173. 	frappe.local.response["location"] = "/app" if frappe.local.response.get('message') == 'Logged In' else "/"

  174. 

  175. 	# because of a GET request!

  176. 	frappe.db.commit()

  177. 	

  178. def create_oauth_user(data, provider):

  179. 	if data.get("birthday"):

  180. 		from frappe.utils.dateutils import parse_date

  181. 		data["birthday"] = parse_date(data["birthday"])

  182. 		

  183. 	if isinstance(data.get("location"), dict):

  184. 		data["location"] = data.get("location").get("name")

  185. 	

  186. 	user = frappe.bean({

  187. 		"doctype":"User",

  188. 		"first_name": data.get("first_name") or data.get("given_name") or data.get("name"),

  189. 		"last_name": data.get("last_name") or data.get("family_name"),

  190. 		"email": data["email"],

  191. 		"gender": data.get("gender"),

  192. 		"enabled": 1,

  193. 		"new_password": frappe.generate_hash(data["email"]),

  194. 		"location": data.get("location"),

  195. 		"birth_date":  data.get("birthday"),

  196. 		"user_type": "Website User",

  197. 		"user_image": data.get("picture") or data.get("avatar_url")

  198. 	})

  199. 	

  200. 	if provider=="facebook":

  201. 		user.doc.fields.update({

  202. 			"fb_username": data["username"],

  203. 			"fb_userid": data["id"],

  204. 			"user_image": "https://graph.facebook.com/{username}/picture".format(username=data["username"])

  205. 		})

  206. 	elif provider=="google":

  207. 		user.doc.google_userid = data["id"]

  208. 	

  209. 	elif provider=="github":

  210. 		user.doc.github_userid = data["id"]

  211. 		user.doc.github_username = data["login"]

  212. 	

  213. 	user.ignore_permissions = True

  214. 	user.get_controller().no_welcome_mail = True

  215. 	user.insert()