diff --git a/cps.py b/cps.py index e216e149..21c9c7af 100755 --- a/cps.py +++ b/cps.py @@ -36,6 +36,7 @@ from cps.shelf import shelf from cps.admin import admi from cps.gdrive import gdrive from cps.editbooks import editbook +from cps.oauth_bb import oauth if __name__ == '__main__': @@ -48,6 +49,7 @@ if __name__ == '__main__': app.register_blueprint(admi) app.register_blueprint(gdrive) app.register_blueprint(editbook) + app.register_blueprint(oauth) Server.startServer() diff --git a/cps/admin.py b/cps/admin.py index 6abd5675..32b60e55 100644 --- a/cps/admin.py +++ b/cps/admin.py @@ -432,28 +432,28 @@ def configuration_helper(origin): content.config_updatechannel = int(to_save["config_updater"]) # GitHub OAuth configuration - content.config_use_github_oauth = ("config_use_github_oauth" in to_save and - to_save["config_use_github_oauth"] == "on") - if "config_github_oauth_client_id" in to_save: - content.config_github_oauth_client_id = to_save["config_github_oauth_client_id"] - if "config_github_oauth_client_secret" in to_save: - content.config_github_oauth_client_secret = to_save["config_github_oauth_client_secret"] + if "config_login_type" in to_save and to_save["config_login_type"] == "2": + if "config_github_oauth_client_id" in to_save: + content.config_github_oauth_client_id = to_save["config_github_oauth_client_id"] + if "config_github_oauth_client_secret" in to_save: + content.config_github_oauth_client_secret = to_save["config_github_oauth_client_secret"] - if content.config_github_oauth_client_id != config.config_github_oauth_client_id or \ - content.config_github_oauth_client_secret != config.config_github_oauth_client_secret: - reboot_required = True + if content.config_github_oauth_client_id != config.config_github_oauth_client_id or \ + content.config_github_oauth_client_secret != config.config_github_oauth_client_secret: + reboot_required = True + content.config_login_type = ub.LOGIN_OAUTH_GITHUB # Google OAuth configuration - content.config_use_google_oauth = ("config_use_google_oauth" in to_save and - to_save["config_use_google_oauth"] == "on") - if "config_google_oauth_client_id" in to_save: - content.config_google_oauth_client_id = to_save["config_google_oauth_client_id"] - if "config_google_oauth_client_secret" in to_save: - content.config_google_oauth_client_secret = to_save["config_google_oauth_client_secret"] + if "config_login_type" in to_save and to_save["config_login_type"] == "3": + if "config_google_oauth_client_id" in to_save: + content.config_google_oauth_client_id = to_save["config_google_oauth_client_id"] + if "config_google_oauth_client_secret" in to_save: + content.config_google_oauth_client_secret = to_save["config_google_oauth_client_secret"] - if content.config_google_oauth_client_id != config.config_google_oauth_client_id or \ - content.config_google_oauth_client_secret != config.config_google_oauth_client_secret: - reboot_required = True + if content.config_google_oauth_client_id != config.config_google_oauth_client_id or \ + content.config_google_oauth_client_secret != config.config_google_oauth_client_secret: + reboot_required = True + content.config_login_type = ub.LOGIN_OAUTH_GOOGLE if "config_log_level" in to_save: content.config_log_level = int(to_save["config_log_level"]) diff --git a/cps/oauth_bb.py b/cps/oauth_bb.py index 33e64a39..cbe04c02 100644 --- a/cps/oauth_bb.py +++ b/cps/oauth_bb.py @@ -26,22 +26,40 @@ from flask_dance.contrib.google import make_google_blueprint, google from flask_dance.consumer import oauth_authorized, oauth_error from oauth import OAuthBackend from sqlalchemy.orm.exc import NoResultFound -from flask import flash, session, redirect, url_for, request, make_response, abort +from flask import session, request, make_response, abort import json from cps import config, app import ub -from flask_login import login_user, login_required, current_user +from flask_login import login_user, current_user +from flask import Blueprint, flash, redirect, url_for from flask_babel import gettext as _ # from web import github_oauth_required from functools import wraps - +from web import login_required oauth_check = {} +oauth = Blueprint('oauth', __name__) + def github_oauth_required(f): @wraps(f) def inner(*args, **kwargs): - if config.config_use_github_oauth: + if config.config_login_type == ub.LOGIN_OAUTH_GITHUB: + return f(*args, **kwargs) + if request.is_xhr: + data = {'status': 'error', 'message': 'Not Found'} + response = make_response(json.dumps(data, ensure_ascii=False)) + response.headers["Content-Type"] = "application/json; charset=utf-8" + return response, 404 + abort(404) + + return inner + + +def google_oauth_required(f): + @wraps(f) + def inner(*args, **kwargs): + if config.config_use_google_oauth == ub.LOGIN_OAUTH_GOOGLE: return f(*args, **kwargs) if request.is_xhr: data = {'status': 'error', 'message': 'Not Found'} @@ -96,12 +114,12 @@ if ub.oauth_support: github_blueprint = make_github_blueprint( client_id=config.config_github_oauth_client_id, client_secret=config.config_github_oauth_client_secret, - redirect_to="github_login",) + redirect_to="oauth.github_login",) google_blueprint = make_google_blueprint( client_id=config.config_google_oauth_client_id, client_secret=config.config_google_oauth_client_secret, - redirect_to="google_login", + redirect_to="oauth.google_login", scope=[ "https://www.googleapis.com/auth/plus.me", "https://www.googleapis.com/auth/userinfo.email", @@ -115,9 +133,9 @@ if ub.oauth_support: google_blueprint.backend = OAuthBackend(ub.OAuth, ub.session, user=current_user, user_required=True) - if config.config_use_github_oauth: + if config.config_login_type == ub.LOGIN_OAUTH_GITHUB: register_oauth_blueprint(github_blueprint, 'GitHub') - if config.config_use_google_oauth: + if config.config_login_type == ub.LOGIN_OAUTH_GOOGLE: register_oauth_blueprint(google_blueprint, 'Google') @@ -264,7 +282,7 @@ if ub.oauth_support: ) flash(msg, category="error") - ''' + @oauth.route('/github') @github_oauth_required def github_login(): @@ -276,14 +294,14 @@ if ub.oauth_support: return bind_oauth_or_register(github_blueprint.name, account_info_json['id'], 'github.login') flash(_(u"GitHub Oauth error, please retry later."), category="error") return redirect(url_for('web.login')) - - + + @oauth.route('/unlink/github', methods=["GET"]) @login_required def github_login_unlink(): return unlink_oauth(github_blueprint.name) - - + + @oauth.route('/google') @google_oauth_required def google_login(): @@ -295,7 +313,7 @@ if ub.oauth_support: return bind_oauth_or_register(google_blueprint.name, account_info_json['id'], 'google.login') flash(_(u"Google Oauth error, please retry later."), category="error") return redirect(url_for('web.login')) - ''' + @oauth_error.connect_via(google_blueprint) def google_error(blueprint, error, error_description=None, error_uri=None): @@ -310,8 +328,8 @@ if ub.oauth_support: ) flash(msg, category="error") - ''' + @oauth.route('/unlink/google', methods=["GET"]) @login_required def google_login_unlink(): - return unlink_oauth(google_blueprint.name)''' + return unlink_oauth(google_blueprint.name) diff --git a/cps/templates/config_edit.html b/cps/templates/config_edit.html index af8412fb..19303cbe 100644 --- a/cps/templates/config_edit.html +++ b/cps/templates/config_edit.html @@ -182,11 +182,11 @@ @@ -194,16 +194,19 @@
- +
- +
{% endif %} {% if feature_support['oauth'] %}
+
+ {{_('Obtain GitHub OAuth Credential')}} +
@@ -214,6 +217,9 @@
+
+ {{_('Obtain Google OAuth Credential')}} +
diff --git a/cps/templates/login.html b/cps/templates/login.html index fcb6f269..4f01157b 100644 --- a/cps/templates/login.html +++ b/cps/templates/login.html @@ -21,14 +21,14 @@ {% if config.config_remote_login %} {{_('Log in with magic link')}} {% endif %} - {% if config.config_use_github_oauth %} + {% if config.config_login_type == 2 %} {% endif %} - {% if config.config_use_google_oauth %} + {% if config.config_login_type == 3 %}