Refactor the users class into their own files, add a common base class for federated users and add a verify_credentials method which only does the verification, without the linking. We use this in the superuser verification pass

This commit is contained in:
Joseph Schorr 2015-07-20 11:39:59 -04:00
parent 1245385808
commit 33b54218cc
13 changed files with 541 additions and 495 deletions

View file

@ -395,7 +395,7 @@ def conduct_signin(username_or_email, password):
verified = None
try:
(verified, error_message) = authentication.verify_user(username_or_email, password)
(verified, error_message) = authentication.verify_and_link_user(username_or_email, password)
except model.user.TooManyUsersException as ex:
raise license_error(exception=ex)
@ -457,7 +457,7 @@ class ConvertToOrganization(ApiResource):
# Ensure that the sign in credentials work.
admin_username = convert_data['adminUser']
admin_password = convert_data['adminPassword']
(admin_user, _) = authentication.verify_user(admin_username, admin_password)
(admin_user, _) = authentication.verify_and_link_user(admin_username, admin_password)
if not admin_user:
raise request_error(reason='invaliduser',
message='The admin user credentials are not valid')

View file

@ -105,7 +105,8 @@ def create_user():
abort(400, 'Invalid robot account or password.',
issue='robot-login-failure')
(verified, error_message) = authentication.verify_user(username, password, basic_auth=True)
(verified, error_message) = authentication.verify_and_link_user(username, password,
basic_auth=True)
if verified:
# Mark that the user was logged in.
event = userevents.get_event(username)