Support login and invitations using email rather than just username.

2021-01-27 09:35:36 +02:00 · 2021-01-27 09:35:36 +02:00 · 233aeab98b
commit 233aeab98b
parent 240469342b
3 changed files with 11 additions and 6 deletions
--- a/etebase_fastapi/routers/authentication.py
+++ b/etebase_fastapi/routers/authentication.py
@ -22,7 +22,7 @@ from django_etebase.utils import create_user, get_user_queryset, CallbackContext
 from myauth.models import UserType, get_typed_user_model
 from ..exceptions import AuthenticationFailed, transform_validation_error, HttpError
 from ..msgpack import MsgpackRoute
-from ..utils import BaseModel, permission_responses, msgpack_encode, msgpack_decode
+from ..utils import BaseModel, permission_responses, msgpack_encode, msgpack_decode, get_user_username_email_kwargs
 from ..dependencies import AuthData, get_auth_data, get_authenticated_user

 User = get_typed_user_model()
@ -114,7 +114,7 @@ class SignupIn(BaseModel):
 def get_login_user(request: Request, challenge: LoginChallengeIn) -> UserType:
    username = challenge.username

-    kwargs = {User.USERNAME_FIELD + "__iexact": username.lower()}
+    kwargs = get_user_username_email_kwargs(username)
    try:
        user_queryset = get_user_queryset(User.objects.all(), CallbackContext(request.path_params))
        user = user_queryset.get(**kwargs)
--- a/etebase_fastapi/routers/invitation.py
+++ b/etebase_fastapi/routers/invitation.py
@ -12,6 +12,7 @@ from ..exceptions import HttpError, PermissionDenied
 from ..msgpack import MsgpackRoute
 from ..utils import (
    get_object_or_404,
+    get_user_username_email_kwargs,
    Context,
    is_collection_admin,
    BaseModel,
@ -191,9 +192,8 @@ def outgoing_create(
    user: UserType = Depends(get_authenticated_user),
 ):
    collection = get_object_or_404(models.Collection.objects, uid=data.collection)
-    to_user = get_object_or_404(
-        get_user_queryset(User.objects.all(), CallbackContext(request.path_params)), username=data.username
-    )
+    kwargs = get_user_username_email_kwargs(data.username)
+    to_user = get_object_or_404(get_user_queryset(User.objects.all(), CallbackContext(request.path_params)), **kwargs)

    context = Context(user, None)
    data.validate_db(context)
@ -238,7 +238,7 @@ def outgoing_fetch_user_profile(
    request: Request,
    user: UserType = Depends(get_authenticated_user),
 ):
-    kwargs = {User.USERNAME_FIELD: username.lower()}
+    kwargs = get_user_username_email_kwargs(username)
    user = get_object_or_404(get_user_queryset(User.objects.all(), CallbackContext(request.path_params)), **kwargs)
    user_info = get_object_or_404(models.UserInfo.objects.all(), owner=user)
    return UserInfoOut.from_orm(user_info)
--- a/etebase_fastapi/utils.py
+++ b/etebase_fastapi/utils.py
@ -69,6 +69,11 @@ def b64decode(data: str):
    return base64.urlsafe_b64decode(data)


+def get_user_username_email_kwargs(username: str):
+    field_name = User.EMAIL_FIELD if "@" in username else User.USERNAME_FIELD
+    return {field_name + "__iexact": username.lower()}
+
+
 PERMISSIONS_READ = [Depends(x) for x in app_settings.API_PERMISSIONS_READ]
 PERMISSIONS_READWRITE = PERMISSIONS_READ + [Depends(x) for x in app_settings.API_PERMISSIONS_WRITE]