From 8b7c598407a5fea9a3d78473e72df87606998cd4 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Fri, 4 Aug 2023 10:10:28 +0300
Subject: Copy over files from GN3 repository.

---
 .../authentication/oauth2/grants/password_grant.py | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 gn_auth/auth/authentication/oauth2/grants/password_grant.py

(limited to 'gn_auth/auth/authentication/oauth2/grants/password_grant.py')

diff --git a/gn_auth/auth/authentication/oauth2/grants/password_grant.py b/gn_auth/auth/authentication/oauth2/grants/password_grant.py
new file mode 100644
index 0000000..3233877
--- /dev/null
+++ b/gn_auth/auth/authentication/oauth2/grants/password_grant.py
@@ -0,0 +1,22 @@
+"""Allows users to authenticate directly."""
+
+from flask import current_app as app
+from authlib.oauth2.rfc6749 import grants
+
+from gn3.auth import db
+from gn3.auth.authentication.users import valid_login, user_by_email
+
+from gn3.auth.authorisation.errors import NotFoundError
+
+class PasswordGrant(grants.ResourceOwnerPasswordCredentialsGrant):
+    """Implement the 'Password' grant."""
+    TOKEN_ENDPOINT_AUTH_METHODS = ["client_secret_basic", "client_secret_post"]
+
+    def authenticate_user(self, username, password):
+        "Authenticate the user with their username and password."
+        with db.connection(app.config["AUTH_DB"]) as conn:
+            try:
+                user = user_by_email(conn, username)
+                return user if valid_login(conn, user, password) else None
+            except NotFoundError as _nfe:
+                return None
-- 
cgit v1.2.3