add demo mode, enables auto user create at sign-in

api.py

@@ -99,6 +99,7 @@ app.config = {
         'ssl_cert':         None,
         'insecure':         False,
         'log_path':         None,
+        'demo':             False,
         }
 
 
@@ -119,6 +120,7 @@ if __name__ == '__main__':
     arg_parser.add_argument('--site_id', help='InterNIMS site ID')
     arg_parser.add_argument('--site_name', help='InterNIMS site name')
     arg_parser.add_argument('--oauth2_id_endpoint', help='OAuth2 provider ID endpoint')
+    arg_parser.add_argument('--demo', help='demo mode, enables auto user creation')
     args = arg_parser.parse_args()
 
     app.config['here'] = os.path.dirname(os.path.abspath(args.config_file))
@@ -135,6 +137,7 @@ if __name__ == '__main__':
     app.config['oauth2_id_endpoint'] = args.oauth2_id_endpoint or config.get('oauth2', 'id_endpoint')
     app.config['insecure'] = config.getboolean('nims', 'insecure')
     app.config['ssl_cert'] = args.ssl_cert or config.get('nims', 'ssl_cert')     # to give to requests
+    app.config['demo'] = arg.demo or config.getboolean('nims', 'demo')
 
     if not app.config['ssl_cert']:
         log.warning('SSL certificate not specified, interNIMS functionality disabled')

api.wsgi

@@ -37,6 +37,7 @@ application.config['site_id'] = config.get('nims', 'site_id')
 application.config['ssl_cert'] = config.get('nims', 'ssl_cert')
 application.config['oauth2_id_endpoint'] = config.get('oauth2', 'id_endpoint')
 application.config['insecure'] = config.getboolean('nims', 'insecure')
+application.config['demo'] = config.getboolean('nims', 'demo')
 
 if not os.path.exists(application.config['data_path']):
     os.makedirs(application.config['data_path'])

base.py

@@ -6,6 +6,7 @@ logging.getLogger('requests').setLevel(logging.WARNING) # silence Requests libra
 
 import copy
 import json
+import hashlib
 import webapp2
 import datetime
 import requests
@@ -23,6 +24,8 @@ class RequestHandler(webapp2.RequestHandler):
 
         # set uid, source_site, public_request, and superuser
         self.uid = None
+        firstname = None
+        lastname = None
         self.source_site = None
         access_token = self.request.headers.get('Authorization', None)
         if access_token and self.app.config['oauth2_id_endpoint']:
@@ -34,7 +37,10 @@ class RequestHandler(webapp2.RequestHandler):
             else:
                 r = requests.get(self.app.config['oauth2_id_endpoint'], headers={'Authorization': 'Bearer ' + access_token})
                 if r.status_code == 200:
-                    self.uid = json.loads(r.content)['email']
+                    identity = json.loads(r.content)
+                    self.uid = identity['email']
+                    firstname = identity['given_name']
+                    lastname = identity['family_name']
                     self.app.db.tokens.insert({'_id': access_token, 'uid': self.uid, 'timestamp': datetime.datetime.utcnow()})
                     log.debug('looked up remote token in %dms' % ((datetime.datetime.now() - token_request_time).total_seconds() * 1000.))
                 else:
@@ -56,7 +62,19 @@ class RequestHandler(webapp2.RequestHandler):
         else:
             user = self.app.db.users.find_one({'_id': self.uid}, ['root', 'wheel'])
             if not user:
-                self.abort(403, 'user ' + self.uid + ' does not exist')
+                if self.app.config['demo']:
+                    self.app.db.users.insert({
+                        '_id': self.uid,
+                        'email': self.uid,
+                        'email_hash': hashlib.md5(self.uid).hexdigest(),
+                        'firstname': firstname or 'DEMO',
+                        'lastname': lastname or 'DEMO',
+                        'wheel': True,
+                        'root': True,
+                    })
+                    user = self.app.db.users.find_one({'_id': self.uid}, ['root', 'wheel'])
+                else:
+                    self.abort(403, 'user ' + self.uid + ' does not exist')
             self.superuser_request = user.get('root') and user.get('wheel')
 
     def dispatch(self):