Refactor the users class into their own files, add a common base class for federated users and add a verify_credentials method which only does the verification, without the linking. We use this in the superuser verification pass

2015-07-20 11:39:59 -04:00 · 2015-07-20 11:39:59 -04:00 · 33b54218cc
commit 33b54218cc
parent 1245385808
13 changed files with 541 additions and 495 deletions
--- a/endpoints/api/user.py
+++ b/endpoints/api/user.py
@ -395,7 +395,7 @@ def conduct_signin(username_or_email, password):

  verified = None
  try:
-    (verified, error_message) = authentication.verify_user(username_or_email, password)
+    (verified, error_message) = authentication.verify_and_link_user(username_or_email, password)
  except model.user.TooManyUsersException as ex:
    raise license_error(exception=ex)

@ -457,7 +457,7 @@ class ConvertToOrganization(ApiResource):
    # Ensure that the sign in credentials work.
    admin_username = convert_data['adminUser']
    admin_password = convert_data['adminPassword']
-    (admin_user, _) = authentication.verify_user(admin_username, admin_password)
+    (admin_user, _) = authentication.verify_and_link_user(admin_username, admin_password)
    if not admin_user:
      raise request_error(reason='invaliduser',
                          message='The admin user credentials are not valid')
--- a/endpoints/v1/index.py
+++ b/endpoints/v1/index.py
@ -105,7 +105,8 @@ def create_user():
      abort(400, 'Invalid robot account or password.',
            issue='robot-login-failure')

-  (verified, error_message) = authentication.verify_user(username, password, basic_auth=True)
+  (verified, error_message) = authentication.verify_and_link_user(username, password,
+                                                                  basic_auth=True)
  if verified:
    # Mark that the user was logged in.
    event = userevents.get_event(username)