How to get the the User ID from an email in GAE - python

I'm working on a small app that will allow the user to login to the App, allow the app OAuth access to a service, then interact with the service using the app via email.
I've successfully enabled Oauth using gdata and gdata.gauth and can store/recover the Oauth token and user_id easily when the user is logged in.
However, when receiving an email, I try to get the user_id by creating a users.User(email="senders.email#gmail.com") but end up getting a None value for the user_id.
ie:
when logged in:
current_user = users.get_current_user()
current_user.user_id() #this is a valid id when the user is logged in
when receiving an email (using the mail handler):
current_user = users.User(email="sender.email#gmail.com")
current_user.user_id() #this returns None
Any hints on how to make this work?

Reading http://code.google.com/appengine/docs/python/users/userclass.html#User
Under the method call user_id, it is noted that if you create the User object yourself, the user_id field will return None.

Related

firebase auth sdk login user with email and passworrd

I'm using firebase auth sdk for an application and I'd like to log the user in. I cannot understand how it works.
To create a new user I run this code:
from firebase_admin import auth
....
def create_user(email, password):
user = auth.create_user(email=email, password=password)
return user
Now I'd like to log the user in. The auth doesn't have a method to log in the user. It has a auth.get_user_by_email(email) or some other methods to get user(s), but it has no method to check user's password. My application (API) gets email and password and I need to return the user if the email and password match.
How do I do this using the firebase sdk?
Thank you.
Logging into Firebase happens on the client, not on the server. So the Firebase Admin SDKs don't have a method to sign the user in, but all client-side SDKs (such as the Web/JavaScript SDK) have methods to sign in the user.
If you want to sign in a specific user from your Python code, you can call the REST API, or use a library like Pyrebase that wraps this REST API: https://github.com/thisbejim/Pyrebase#authentication.

How to implement single sign-on django auth in azure ad?

I have a django-based web application, a client requested that we integrate the login with Azure AD, following the documents I managed to integrate with the following flow.
In django the user types only the email, I identify the user and his company and redirect him to the microsoft ad login screen, after login, the redirect uri is activated and in my view I do some validations and authenticate the user on my system. The problem is that every time the customer is going to log in he needs to enter his credentials in azure, would it be possible with the microsoft user_id or the token acquired the first time the user logs in to login? Or another way to log in faster?
This my callback view, called in redirect_uri:
def callback(request):
user_id = request.session.pop('user_id', '')
user_internal = User.objects.filter(id=user_id).first()
company_azure = CompanyAzureAd.objects.filter(company=user_internal.employee.firm).first()
# Get the state saved in session
expected_state = request.session.pop('auth_state', '')
# Make the token request
url = request.build_absolute_uri(request.get_full_path())
token = get_token_from_code(url, expected_state, company_azure)
# Get the user's profile
user = get_user(token) #in this moment i have user microsoft profile, with token and id
# Save token and user
store_token(request, token)
store_user(request, user)
...
if it is possible to login I could store the token or user id in microsoft in my database, so it would only be necessary to login once
I think this is already answered here
Also try this
ADFS Authentication for Django
Even you can try the library in python
Django Microsoft Authentication Backend

Disable simultaneous login from multiple different places on Flask-Login

I have a Web service written in Flask. User A uses some username to log in to the service. I want it to be impossible for user B to log in using the same username, until user A's session is expired. In other words, I want to disable concurrent, simultaneous logins per user. How do I do that in Flask-Login?
What you need to do is store some sort of session token in your User model in the database.
class User(db.Model):
....
session_token = db.Column(db.String(40), index=True)
When a user logs in, you generate the session token and save it in the database.
Update your User.get_id function to return the session token instead of the user ID.
def get_id(self):
return str(self.session_token)
In your user_loader callback you look up the user based on the token:
#lm.user_loader
def load_user(session_token):
return User.query.filter_by(session_token=session_token).first()
With this setup, the token will be updated on each login, which will automatically invalidate the previous sessions.
Documentation

Get user object using userid in django

Hello i am new to django,
i am creating an authentication system using django.
Once a user is logged in i am storing the value in a session.
user = authenticate(username=username, password=password)
request.session['mid'] = user.id
and when i refresh i can receive the session id
uid = request.session['mid']
But i am not sure how to get the userdatas from the user id. can any one tell me how can get the user object using the user id.
Use simple .get() query.
try:
uid = request.session['mid']
userobj = User.objects.get(id=uid)
except User.DoesNotExist:
#handle case when user with that id does not exist
...
Of course, you can store the user id in request.session, and query the id
with django ORM manually.
But after installing the SessionMiddleware and AuthenticationMiddleware middlewares, on a higher level, Django can hook this authentication framework into its system of request objects. I believe most django projects will use the code below to get authenticated user from web requests.
if request.user.is_authenticated():
user = request.user

GAE: SimpleAuth not able set set_session() using FB ID in PROD

I am using SimpleAuth by Alex (https://github.com/crhym3/simpleauth/) in my GAE application.
When I was using it in localhost, I am login successfully using fb and google id.
After I deployed to PROD, I can still login successfully for google ids but cant login using FB ID.
def _on_signin(self, data, auth_info, provider):
"""Callback whenever a new or existing user is logging in.data is a user info dictionary.auth_info contains access token or oauth token and secret.
"""
auth_id = '%s:%s' % (provider, data['id'])
logging.info('Looking for a user with id %s', auth_id)
user = self.auth.store.user_model.get_by_auth_id(auth_id)
_attrs = self._to_user_model_attrs(data, self.USER_ATTRS[provider])
logging.error(_attrs)
logging.error(user)
if user:
logging.info('Found existing user to log in')
user.populate(**_attrs)
user.put()
logging.error(user.put())
self.auth.set_session(self.auth.store.user_to_dict(user))
For FB login, I can get the values of the users and store it datastore.
When I try to self.auth.set_session() which sets _auth cookie somehow for FB login it fails to create _auth cookie.
self.auth.set_session(self.auth.store.user_to_dict(user))
My authentication type is (Experimental)Federated Login.
I could not able to figure out why self.auth.set_session() doesn't able to create cookie for FB logins.

Categories