import datetime
import ldap
import tornado.web
-import urllib.parse
from .. import countries
self.redirect("/users/%s" % account.uid)
-class SSODiscourse(auth.CacheMixin, base.BaseHandler):
- @base.ratelimit(minutes=24*60, requests=100)
- @tornado.web.authenticated
- def get(self):
- # Fetch Discourse's parameters
- sso = self.get_argument("sso")
- sig = self.get_argument("sig")
-
- # Decode payload
- try:
- params = self.accounts.decode_discourse_payload(sso, sig)
-
- # Raise bad request if the signature is invalid
- except ValueError:
- raise tornado.web.HTTPError(400)
-
- # Redirect back if user is already logged in
- args = {
- "nonce" : params.get("nonce"),
- "external_id" : self.current_user.uid,
-
- # Pass email address
- "email" : self.current_user.email,
- "require_activation" : "false",
-
- # More details about the user
- "username" : self.current_user.uid,
- "name" : "%s" % self.current_user,
- "bio" : self.current_user.description or "",
-
- # Avatar
- "avatar_url" : self.current_user.avatar_url(absolute=True),
- "avatar_force_update" : "true",
-
- # Send a welcome message
- "suppress_welcome_message" : "false",
-
- # Group memberships
- "admin" : "true" if self.current_user.is_admin() else "false",
- "moderator" : "true" if self.current_user.is_moderator() else "false",
- }
-
- # Format payload and sign it
- payload = self.accounts.encode_discourse_payload(**args)
- signature = self.accounts.sign_discourse_payload(payload)
-
- qs = urllib.parse.urlencode({
- "sso" : payload,
- "sig" : signature,
- })
-
- # Redirect user
- self.redirect("%s?%s" % (params.get("return_sso_url"), qs))
-
-
class AgentModule(ui_modules.UIModule):
def render(self, account):
return self.render_string("people/modules/agent.html", account=account)
projects / ipfire.org.git / blobdiff