Add graphql backend

7f4b5bd0 · Mark · 78cee6b1 · 7f4b5bd0
Verified Commit 7f4b5bd0 authored 5 years ago by Mark
--- a/login_provider/app.py
+++ b/login_provider/app.py
@@ -6,9 +6,13 @@ from wtforms import SubmitField, StringField, PasswordField
 from flask_wtf import FlaskForm
 from wtforms.validators import required
 from flask_login import UserMixin, login_user, logout_user, LoginManager, login_required, current_user
+from graphqlclient import GraphQLClient
+from json import loads


 HYDRA_ADMIN_URL = environ['HYDRA_ADMIN_URL']
+GRAPHQL_URL = environ['GRAPHQL_URL']
+graphql_client = GraphQLClient(GRAPHQL_URL)

 app = Flask(__name__)
 app.config['SECRET_KEY'] = urandom(16)
@@ -26,14 +30,27 @@ class User(UserMixin):
        self._load_remote_user_info()

    def _load_remote_user_info(self):
-        #TODO get user info via api call
-        self.active = True
-        self.email = "test@example.net"
+        querystring = '''{{
+        getUser(username: "{0}"){{
+            email,
+            active
+            }}}}'''.format(self.username).strip()
+        result = loads(graphql_client.execute(querystring))
+        if "data" in result:
+            self.active = result["data"]["getUser"]["active"]
+            self.email = result["data"]["getUser"]["email"]

    def authenticate(self, password):
-        #TODO verify password
-        user.is_authenticated = True
-        return True
+        querystring = '''{{
+        verifyPassword(
+            username: "{0}",
+            password: "{1}")
+            }}'''.format(self.username, password).strip()
+        result = loads(graphql_client.execute(querystring))
+        auth = False
+        if "data" in result:
+            auth = result["data"]["verifyPassword"]
+        return auth


 @login_manager.user_loader
@@ -69,8 +86,8 @@ def home():
 def login():
    login_form = LoginForm()
    if login_form.validate_on_submit():
-        user = User(login_form["username"])
-        if user.active:
+        user = User(login_form.username.data)
+        if user.active and user.authenticate(login_form.password.data):
            login_user(user)
        next_url = request.args.get('next')
        if not is_safe_url(next):