Fully implement OpenID-based authentication.

author: Matthias Andreas Benkard <code@mail.matthias.benkard.de> 2011-11-15 12:44:37 +0100
committer: Matthias Andreas Benkard <code@mail.matthias.benkard.de> 2011-11-15 12:44:37 +0100
commit: 6c46672cd3598994aef749dc69f85c1c5918593d (patch)
tree: d505565f92b8ad3ea5def775698e834366cbbcee /src/mulk/benki/auth.clj
parent: baf56c989de31fb0de7db7b45ac162ddb2ef471b (diff)
1 files changed, 22 insertions, 11 deletions
diff --git a/src/mulk/benki/auth.clj b/src/mulk/benki/auth.clj
index 9105a21..6dbce8d 100644
--- a/src/mulk/benki/auth.clj
+++ b/src/mulk/benki/auth.clj
@@ -3,13 +3,15 @@
   (:use [clojure         core repl pprint]
         [clojure.contrib repl-utils]
         [hiccup core     page-helpers]
-        [mulk.benki      util]
+        [mulk.benki      util db]
         [clojure.core.match.core
          :only [match]]
-        [noir            core])
-  (:require [noir.session  :as session]
-            [noir.response :as response]
-            [noir.request  :as request])
+        [noir            core]
+        [clojure.java.jdbc :only [transaction do-commands]])
+  (:require [noir.session      :as session]
+            [noir.response     :as response]
+            [noir.request      :as request]
+            [clojure.java.jdbc :as sql])
   (:import [org.openid4java.consumer ConsumerManager]
            [org.openid4java.message ParameterList]))
 
@@ -30,10 +32,21 @@
         verification (.verify manager request-uri parlist discovered)
         id           (.getVerifiedId verification)]
     (if id
-      (layout "Authenticated!"
-              [:p "Authentication result: " [:strong [:code (escape-html (fmt nil "~S" (bean id)))]]
-               " (identifier: " [:strong [:code (escape-html (.getIdentifier id))]] ")"])
-      (layout "Authentication Failed"))))
+      (with-dbt
+        (let [openid  (first (query "SELECT * FROM openids WHERE openid = ?"
+                                    (.getIdentifier id)))
+              user-id (if openid
+                        (:user openid)
+                        nil)
+              user    (first (if user-id
+                               (query "SELECT * FROM users WHERE id = ?" user-id)
+                               nil))]
+          (if user-id
+            (do (session/put! :user user-id)
+                (layout "Authenticated!" [:p "Welcome back, " (:first_name user) "!"]))
+            (layout "Authentication Failed" [:p "Did not recognize OpenID."]))))
+      (layout "Authentication Failed" [:p "OpenID authentication failed."]))))
+
 
 (defpage [:post "/login/return"] []
   (return-from-openid-provider))
@@ -41,7 +54,6 @@
 (defpage "/login/return" []
   (return-from-openid-provider))
 
-
 (defpage "/login/authenticate" {openid :openid}
   (let [discoveries (.discover     manager openid)
         discovered  (.associate    manager discoveries)
@@ -51,7 +63,6 @@
     (session/put! :discovered discovered)
     (response/redirect (.getDestinationUrl authreq true))))
 
-
 (defpage "/login" []
   (layout "Benki Login"
     [:p "Please enter your OpenID:"]
author	Matthias Andreas Benkard <code@mail.matthias.benkard.de>	2011-11-15 12:44:37 +0100
committer	Matthias Andreas Benkard <code@mail.matthias.benkard.de>	2011-11-15 12:44:37 +0100
commit	6c46672cd3598994aef749dc69f85c1c5918593d (patch)
tree	d505565f92b8ad3ea5def775698e834366cbbcee /src/mulk/benki/auth.clj
parent	baf56c989de31fb0de7db7b45ac162ddb2ef471b (diff)