diff --git a/login_provider/app.py b/login_provider/app.py
index 8f64f535da46aaa2eae43251dc79b68b39484ff2..0fd85b00a8d9cae7cfaa7815be586641b7f235dd 100644
--- a/login_provider/app.py
+++ b/login_provider/app.py
@@ -1,18 +1,12 @@
from flask import abort, Flask, redirect, request, render_template, url_for
from os import urandom, environ
from hydra_client import HydraAdmin
-from sqlalchemy.ext.hybrid import hybrid_property, hybrid_method
from wtforms import SubmitField, StringField, PasswordField
from flask_wtf import FlaskForm
-from wtforms.validators import required
-from flask_login import UserMixin, login_user, logout_user, LoginManager, login_required, current_user
-from graphqlclient import GraphQLClient
-from json import loads
-
+from flask_login import login_user, logout_user, LoginManager, login_required, current_user
+from db import User
HYDRA_ADMIN_URL = environ['HYDRA_ADMIN_URL']
-GRAPHQL_URL = environ['GRAPHQL_URL']
-graphql_client = GraphQLClient(GRAPHQL_URL)
app = Flask(__name__)
app.config['SECRET_KEY'] = urandom(16)
@@ -21,38 +15,6 @@ login_manager = LoginManager()
login_manager.init_app(app)
login_manager.login_view = "login"
-
-class User(UserMixin):
- def __init__(self, username):
- self.id = username
- self.username = username
- self.active = False
- self._load_remote_user_info()
-
- def _load_remote_user_info(self):
- querystring = '''{{
- getUser(username: "{0}"){{
- email,
- active
- }}}}'''.format(self.username).strip()
- result = loads(graphql_client.execute(querystring))
- if "data" in result:
- self.active = result["data"]["getUser"]["active"]
- self.email = result["data"]["getUser"]["email"]
-
- def authenticate(self, password):
- querystring = '''{{
- verifyPassword(
- username: "{0}",
- password: "{1}")
- }}'''.format(self.username, password).strip()
- result = loads(graphql_client.execute(querystring))
- auth = False
- if "data" in result:
- auth = result["data"]["verifyPassword"]
- return auth
-
-
@login_manager.user_loader
def user_loader(username):
user = User(username)
@@ -87,7 +49,7 @@ def login():
login_form = LoginForm()
if login_form.validate_on_submit():
user = User(login_form.username.data)
- if user.active and user.authenticate(login_form.password.data):
+ if user.active and user.verify_password(login_form.password.data):
login_user(user)
next_url = request.args.get('next')
if not is_safe_url(next):
diff --git a/login_provider/db.py b/login_provider/db.py
new file mode 100644
index 0000000000000000000000000000000000000000..e9b5fa6d0ff14aebd66bff28158b148e0beabb0c
--- /dev/null
+++ b/login_provider/db.py
@@ -0,0 +1,39 @@
+from os import environ
+from hydra_client import HydraAdmin
+from flask_login import UserMixin
+from graphqlclient import GraphQLClient
+from json import loads
+
+GRAPHQL_URL = environ['GRAPHQL_URL']
+graphql_client = GraphQLClient(GRAPHQL_URL)
+
+class User(UserMixin):
+ def __init__(self, username):
+ self.id = username
+ self.username = username
+ self.active = False
+ self._load_remote_user_info()
+
+ def _load_remote_user_info(self):
+ querystring = '''{{
+ getUser(username: "{0}"){{
+ email,
+ active
+ }}}}'''.format(self.username).strip()
+ result = loads(graphql_client.execute(querystring))
+ if "data" in result:
+ self.active = result["data"]["getUser"]["active"]
+ self.email = result["data"]["getUser"]["email"]
+
+ def verify_password(self, password):
+ querystring = '''{{
+ verifyPassword(
+ username: "{0}",
+ password: "{1}")
+ }}'''.format(self.username, password).strip()
+ result = loads(graphql_client.execute(querystring))
+ verified = False
+ if "data" in result:
+ verified = result["data"]["verifyPassword"]
+ return verified
+