hiccup/allauth_adapters.py - tools/hiccup/hiccup-server - Gitiles

 """Allauth adapter for authenticating requests using Google OAuth."""

 from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
 from allauth.account.adapter import DefaultAccountAdapter
 from allauth.socialaccount.forms import SignupForm
 from allauth.socialaccount.models import SocialLogin
 from django.core.exceptions import PermissionDenied
 from django.contrib.auth.models import Group
 from django.http import HttpRequest

 FP_STAFF_GROUP_NAME = "FairphoneSoftwareTeam"


 class FairphoneAccountAdapter(DefaultSocialAccountAdapter):
     """Account adapter for existing Google accounts."""

     def is_open_for_signup(self, request, sociallogin):
         """Allow signup."""
         return True

     def save_user(
         self,
         request: HttpRequest,
         sociallogin: SocialLogin,
         form: SignupForm = None,
     ):
         """Save a user to the database.

         Additionally add the user to the FairphoneSoftwareTeam group if his
         or her account was issued by Fairphone, i.e. ends with "@fairphone.com".

         Args:
             request: The HTTP request.
             sociallogin:
                 SocialLogin instance representing a Google user that is in
                 the process of being logged in.
             form: Request form (not used).

         Returns: The newly created user from the local database.

         """
         user = DefaultSocialAccountAdapter.save_user(
             self, request, sociallogin, form=None
         )
         if user.email.split("@")[1] == "fairphone.com":
             group = Group.objects.get(name=FP_STAFF_GROUP_NAME)
             group.user_set.add(user)
         return user

     def populate_user(
         self, request: HttpRequest, sociallogin: SocialLogin, data: dict
     ):
         """Populate an already existing user instance.

         The permission is denied if the Google account was not issued by
         Fairphone, i.e. does not end with "@fairphone.com".

         Args:
             request: The HTTP request.
             sociallogin:
                 SocialLogin instance representing a Google user that is in
                 the process of being logged in.
             data: Common user data fields.

         Returns: The user from the database.

         """
         user = DefaultSocialAccountAdapter.populate_user(
             self, request, sociallogin, data
         )
         if not user.email.split("@")[1] == "fairphone.com":
             raise PermissionDenied()
         return user


 class FormAccountAdapter(DefaultAccountAdapter):
     """Account adapter for signing up using a form.

     Signup is not allowed using Hiccup, only existing Fairphone Google accounts
     can be used.
     """

     def is_open_for_signup(self, request):
         """Do not allow signup."""
         return False
	"""Allauth adapter for authenticating requests using Google OAuth."""

	from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
	from allauth.account.adapter import DefaultAccountAdapter
	from allauth.socialaccount.forms import SignupForm
	from allauth.socialaccount.models import SocialLogin
	from django.core.exceptions import PermissionDenied
	from django.contrib.auth.models import Group
	from django.http import HttpRequest

	FP_STAFF_GROUP_NAME = "FairphoneSoftwareTeam"


	class FairphoneAccountAdapter(DefaultSocialAccountAdapter):
	"""Account adapter for existing Google accounts."""

	def is_open_for_signup(self, request, sociallogin):
	"""Allow signup."""
	return True

	def save_user(
	self,
	request: HttpRequest,
	sociallogin: SocialLogin,
	form: SignupForm = None,
	):
	"""Save a user to the database.

	Additionally add the user to the FairphoneSoftwareTeam group if his
	or her account was issued by Fairphone, i.e. ends with "@fairphone.com".

	Args:
	request: The HTTP request.
	sociallogin:
	SocialLogin instance representing a Google user that is in
	the process of being logged in.
	form: Request form (not used).

	Returns: The newly created user from the local database.

	"""
	user = DefaultSocialAccountAdapter.save_user(
	self, request, sociallogin, form=None
	)
	if user.email.split("@")[1] == "fairphone.com":
	group = Group.objects.get(name=FP_STAFF_GROUP_NAME)
	group.user_set.add(user)
	return user

	def populate_user(
	self, request: HttpRequest, sociallogin: SocialLogin, data: dict
	):
	"""Populate an already existing user instance.

	The permission is denied if the Google account was not issued by
	Fairphone, i.e. does not end with "@fairphone.com".

	Args:
	request: The HTTP request.
	sociallogin:
	SocialLogin instance representing a Google user that is in
	the process of being logged in.
	data: Common user data fields.

	Returns: The user from the database.

	"""
	user = DefaultSocialAccountAdapter.populate_user(
	self, request, sociallogin, data
	)
	if not user.email.split("@")[1] == "fairphone.com":
	raise PermissionDenied()
	return user


	class FormAccountAdapter(DefaultAccountAdapter):
	"""Account adapter for signing up using a form.

	Signup is not allowed using Hiccup, only existing Fairphone Google accounts
	can be used.
	"""

	def is_open_for_signup(self, request):
	"""Do not allow signup."""
	return False