support showing user's specified contents after signin

Change-Id: Ia8897860757a2395873ff6972a508c38d7139854
Signed-off-by: SerenaFeng <feng.xiaowei@zte.com.cn>

6 files changed, 68 insertions, 13 deletions

diff --git a/testapi/opnfv_testapi/cmd/server.py b/testapi/opnfv_testapi/cmd/server.py
index 2696bb3..545d5e3 100644
--- a/testapi/opnfv_testapi/cmd/server.py
+++ b/testapi/opnfv_testapi/cmd/server.py
@@ -64,7 +64,8 @@ def make_app():
         url_mappings.mappings,
         db=get_db(),
         debug=CONF.api_debug,
-        auth=CONF.api_authenticate
+        auth=CONF.api_authenticate,
+        cookie_secret='opnfv-testapi',
     )
 
 
diff --git a/testapi/opnfv_testapi/resources/handlers.py b/testapi/opnfv_testapi/resources/handlers.py
index dbf94eb..2426805 100644
--- a/testapi/opnfv_testapi/resources/handlers.py
+++ b/testapi/opnfv_testapi/resources/handlers.py
@@ -188,6 +188,14 @@ class GenericApiHandler(web.RequestHandler):
             table = self.table
         return self._eval_db(table, 'find_one', query)
 
+    def db_save(self, collection, data):
+        self._eval_db(collection, 'insert', data, check_keys=False)
+
+    def db_find_one(self, query, collection=None):
+        if not collection:
+            collection = self.table
+        return self._eval_db(collection, 'find_one', query)
+
 
 class VersionHandler(GenericApiHandler):
     @swagger.operation(nickname='listAllVersions')
diff --git a/testapi/opnfv_testapi/router/url_mappings.py b/testapi/opnfv_testapi/router/url_mappings.py
index 7bd3430..d686701 100644
--- a/testapi/opnfv_testapi/router/url_mappings.py
+++ b/testapi/opnfv_testapi/router/url_mappings.py
@@ -16,7 +16,8 @@ from opnfv_testapi.resources import result_handlers
 from opnfv_testapi.resources import scenario_handlers
 from opnfv_testapi.resources import testcase_handlers
 from opnfv_testapi.ui import root
-from opnfv_testapi.ui.auth import handlers as auth_handlers
+from opnfv_testapi.ui.auth import sign
+from opnfv_testapi.ui.auth import user
 
 mappings = [
     # GET /versions => GET API version
@@ -59,6 +60,7 @@ mappings = [
      {'path': config.Config().static_path}),
 
     (r'/', root.RootHandler),
-    (r'/api/v1/auth/signin', auth_handlers.SigninHandler),
-    (r'/api/v1/auth/signin_return', auth_handlers.SigninReturnHandler),
+    (r'/api/v1/auth/signin', sign.SigninHandler),
+    (r'/api/v1/auth/signin_return', sign.SigninReturnHandler),
+    (r'/api/v1/profile', user.ProfileHandler),
 ]
diff --git a/testapi/opnfv_testapi/ui/auth/utils.py b/testapi/opnfv_testapi/ui/auth/base.py
index c3912ad..bea87c4 100644
--- a/testapi/opnfv_testapi/ui/auth/utils.py
+++ b/testapi/opnfv_testapi/ui/auth/base.py
@@ -3,6 +3,18 @@ import string
 
 from six.moves.urllib import parse
 
+from opnfv_testapi.resources import handlers
+
+
+class BaseHandler(handlers.GenericApiHandler):
+    def __init__(self, application, request, **kwargs):
+        super(BaseHandler, self).__init__(application, request, **kwargs)
+        self.table = 'users'
+
+    def set_cookies(self, cookies):
+        for cookie_n, cookie_v in cookies:
+            self.set_secure_cookie(cookie_n, cookie_v)
+
 
 def get_token(length=30):
     """Get random token."""
diff --git a/testapi/opnfv_testapi/ui/auth/handlers.py b/testapi/opnfv_testapi/ui/auth/sign.py
index 511952d..c92196a 100644
--- a/testapi/opnfv_testapi/ui/auth/handlers.py
+++ b/testapi/opnfv_testapi/ui/auth/sign.py
@@ -1,21 +1,19 @@
 from six.moves.urllib import parse
 
 from opnfv_testapi.common import config
-from opnfv_testapi.resources import handlers
+from opnfv_testapi.ui.auth import base
 from opnfv_testapi.ui.auth import constants as const
-from opnfv_testapi.ui.auth import utils
-
 
 CONF = config.Config()
 
 
-class SigninHandler(handlers.GenericApiHandler):
+class SigninHandler(base.BaseHandler):
     def get(self):
-        csrf_token = utils.get_token()
+        csrf_token = base.get_token()
         return_endpoint = parse.urljoin(CONF.api_url,
                                         CONF.osid_openid_return_to)
-        return_to = utils.set_query_params(return_endpoint,
-                                           {const.CSRF_TOKEN: csrf_token})
+        return_to = base.set_query_params(return_endpoint,
+                                          {const.CSRF_TOKEN: csrf_token})
 
         params = {
             const.OPENID_MODE: CONF.osid_openid_mode,
@@ -28,10 +26,20 @@ class SigninHandler(handlers.GenericApiHandler):
             const.OPENID_NS_SREG_REQUIRED: CONF.osid_openid_sreg_required,
         }
         url = CONF.osid_openstack_openid_endpoint
-        url = utils.set_query_params(url, params)
+        url = base.set_query_params(url, params)
         self.redirect(url=url, permanent=False)
 
 
-class SigninReturnHandler(handlers.GenericApiHandler):
+class SigninReturnHandler(base.BaseHandler):
     def get(self):
+        openid = self.get_query_argument(const.OPENID_CLAIMED_ID)
+        user_info = {
+            'openid': openid,
+            'email': self.get_query_argument(const.OPENID_NS_SREG_EMAIL),
+            'fullname': self.get_query_argument(const.OPENID_NS_SREG_FULLNAME)
+        }
+
+        self.db_save(self.table, user_info)
+        if not self.get_secure_cookie('openid'):
+            self.set_secure_cookie('openid', openid)
         self.redirect(url=CONF.ui_url)
diff --git a/testapi/opnfv_testapi/ui/auth/user.py b/testapi/opnfv_testapi/ui/auth/user.py
new file mode 100644
index 0000000..140bca5
--- /dev/null
+++ b/testapi/opnfv_testapi/ui/auth/user.py
@@ -0,0 +1,24 @@
+from tornado import gen
+from tornado import web
+
+from opnfv_testapi.common import raises
+from opnfv_testapi.ui.auth import base
+
+
+class ProfileHandler(base.BaseHandler):
+    @web.asynchronous
+    @gen.coroutine
+    def get(self):
+        openid = self.get_secure_cookie('openid')
+        if openid:
+            try:
+                user = yield self.db_find_one({'openid': openid})
+                self.finish_request({
+                    "openid": user.get('openid'),
+                    "email": user.get('email'),
+                    "fullname": user.get('fullname'),
+                    "is_admin": False
+                })
+            except Exception:
+                pass
+        raises.Unauthorized('Unauthorized')