Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
Appengine Authentifizierung gegen Google Apps
#!/usr/bin/env python
# encoding: utf-8
"""
do_openid_login.py
Created by Maximillian Dornseif on 2010-09-24.
Copyright (c) 2010 HUDORA. All rights reserved.
"""
from google.appengine.api.users import get_current_user, create_login_url
ALLOWED_DOMAINS = ['example.com', 'company.local']
class OpenIdLoginHandler(webapp.RequestHandler):
def get(self):
continue_url = self.request.GET.get('continue')
openid_url = None
for domain in ALLOWED_DOMAINS:
if self.request.GET.get('%s.x' % domain):
openid_url = 'https://www.google.com/accounts/o8/site-xrds?hd=%s' % domain
logging.info("Openid %s" % openid_url)
if not openid_url:
# Render Template with Login form
path = os.path.join(os.path.dirname(__file__), 'templates', 'login.html')
self.response.out.write(template.render(path, {'continue': continue_url,
'doamins:' ALLOWED_DOMAINS}))
else:
# Hand over Authentication Processing to Google
self.redirect(users.create_login_url(continue_url, None, openid_url))
def main():
application = webapp.WSGIApplication([
('', OpenIdLoginHandler),
], debug=False)
util.run_wsgi_app(application)
if __name__ == '__main__':
main()
<html>
<head>
<title>Log in with Google Apps</title>
</head>
<body style="font-family: 'Helvetica Neue', Helvetica, Arial, sans-serif; color: black; background-color: white; margin:50px 0px; padding:0px; text-align:center;">
<div style="margin-left: 10%; margin-right: 10%;">
<h1 style="font-size: 90px; font-style: normal; font-weight: bold; letter-spacing: -6px; ">Login</h1>
<form method="get" action="/_ah/login_required">
<p>Bitte klicken Sie auf Ihr Unternehmen!</p>
{% if continue %}
<input type="hidden" name="continue" value="{{continue|escape}}" />
{% endif %}
{% for domanin in domains %}
<input type="image" src='/static/gappsauth/{{ domanin }}.png' width='200' style="padding:15px;" name="{{ domanin }}"><br/>
{% endfor %}
</form>
</div>
</body>
</html>
# ...
class Handler(webapp.RequestHandler, OpenIdMixin):
def get(self):
aktueller_nutzer = self.get_user()
if not aktueller_nutzer:
return # login redirect is active, don't display any content
# do something, render template
template_values = {'foo': 'bar'}
path = os.path.join(os.path.dirname(__file__), 'templates/index.html')
self.response.out.write(template.render(path, template_values))
# ...
#!/usr/bin/env python
# encoding: utf-8
"""
openid_mixin.py
Created by Maximillian Dornseif on 2010-09-24.
Copyright (c) 2010 HUDORA. All rights reserved.
"""
from google.appengine.api import users
class OpenIdMixin(object):
def get_user(self):
"""This method forces login via OpenID."""
user = users.get_current_user()
if not user:
self.redirect(self.create_openid_url(self.request.url))
return None
return user
def create_openid_url(self, continue_url):
continue_url = urlparse.urljoin(self.request.url, continue_url)
return "/_ah/login_required?continue=%s" % urllib.quote(continue_url)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment