auth email/password

app/services/oauth_providers/base.py

@@ -0,0 +1,68 @@
+from abc import ABC, abstractmethod
+from typing import Dict, Any, Optional
+from authlib.integrations.flask_client import OAuth
+
+
+class OAuthProvider(ABC):
+    """Abstract base class for OAuth providers."""
+    
+    def __init__(self, oauth: OAuth, client_id: str, client_secret: str):
+        self.oauth = oauth
+        self.client_id = client_id
+        self.client_secret = client_secret
+        self._client = None
+        
+    @property
+    @abstractmethod
+    def name(self) -> str:
+        """Provider name (e.g., 'google', 'github')."""
+        pass
+        
+    @property
+    @abstractmethod
+    def display_name(self) -> str:
+        """Human-readable provider name (e.g., 'Google', 'GitHub')."""
+        pass
+        
+    @abstractmethod
+    def get_client_config(self) -> Dict[str, Any]:
+        """Return OAuth client configuration."""
+        pass
+        
+    @abstractmethod
+    def get_user_info(self, token: Dict[str, Any]) -> Dict[str, Any]:
+        """Extract user information from OAuth token response."""
+        pass
+        
+    def get_client(self):
+        """Get or create OAuth client."""
+        if self._client is None:
+            config = self.get_client_config()
+            self._client = self.oauth.register(
+                name=self.name,
+                client_id=self.client_id,
+                client_secret=self.client_secret,
+                **config
+            )
+        return self._client
+        
+    def get_authorization_url(self, redirect_uri: str) -> str:
+        """Generate authorization URL for OAuth flow."""
+        client = self.get_client()
+        return client.authorize_redirect(redirect_uri).location
+        
+    def exchange_code_for_token(self, code: str = None, redirect_uri: str = None) -> Dict[str, Any]:
+        """Exchange authorization code for access token."""
+        client = self.get_client()
+        token = client.authorize_access_token()
+        return token
+        
+    def normalize_user_data(self, user_info: Dict[str, Any]) -> Dict[str, Any]:
+        """Normalize user data to common format."""
+        return {
+            'id': user_info.get('id'),
+            'email': user_info.get('email'),
+            'name': user_info.get('name'),
+            'picture': user_info.get('picture'),
+            'provider': self.name
+        }

app/services/oauth_providers/github.py

@@ -0,0 +1,52 @@
+from typing import Dict, Any
+from .base import OAuthProvider
+
+
+class GitHubOAuthProvider(OAuthProvider):
+    """GitHub OAuth provider implementation."""
+    
+    @property
+    def name(self) -> str:
+        return 'github'
+        
+    @property
+    def display_name(self) -> str:
+        return 'GitHub'
+        
+    def get_client_config(self) -> Dict[str, Any]:
+        """Return GitHub OAuth client configuration."""
+        return {
+            'access_token_url': 'https://github.com/login/oauth/access_token',
+            'authorize_url': 'https://github.com/login/oauth/authorize',
+            'api_base_url': 'https://api.github.com/',
+            'client_kwargs': {
+                'scope': 'user:email'
+            }
+        }
+        
+    def get_user_info(self, token: Dict[str, Any]) -> Dict[str, Any]:
+        """Extract user information from GitHub OAuth token response."""
+        client = self.get_client()
+        
+        # Get user profile
+        user_resp = client.get('user', token=token)
+        user_data = user_resp.json()
+        
+        # Get user email (may be private)
+        email = user_data.get('email')
+        if not email:
+            # If email is private, get from emails endpoint
+            emails_resp = client.get('user/emails', token=token)
+            emails = emails_resp.json()
+            # Find primary email
+            for email_obj in emails:
+                if email_obj.get('primary', False):
+                    email = email_obj.get('email')
+                    break
+        
+        return {
+            'id': str(user_data.get('id')),
+            'email': email,
+            'name': user_data.get('name') or user_data.get('login'),
+            'picture': user_data.get('avatar_url')
+        }

app/services/oauth_providers/google.py

@@ -0,0 +1,34 @@
+from typing import Any, Dict
+
+from .base import OAuthProvider
+
+
+class GoogleOAuthProvider(OAuthProvider):
+    """Google OAuth provider implementation."""
+
+    @property
+    def name(self) -> str:
+        return "google"
+
+    @property
+    def display_name(self) -> str:
+        return "Google"
+
+    def get_client_config(self) -> Dict[str, Any]:
+        """Return Google OAuth client configuration."""
+        return {
+            "server_metadata_url": "https://accounts.google.com/.well-known/openid-configuration",
+            "client_kwargs": {"scope": "openid email profile"},
+        }
+
+    def get_user_info(self, token: Dict[str, Any]) -> Dict[str, Any]:
+        """Extract user information from Google OAuth token response."""
+        client = self.get_client()
+        user_info = client.userinfo(token=token)
+
+        return {
+            "id": user_info.get("sub"),
+            "email": user_info.get("email"),
+            "name": user_info.get("name"),
+            "picture": user_info.get("picture"),
+        }

app/services/oauth_providers/registry.py

@@ -0,0 +1,45 @@
+import os
+from typing import Dict, Optional
+from authlib.integrations.flask_client import OAuth
+from .base import OAuthProvider
+from .google import GoogleOAuthProvider
+from .github import GitHubOAuthProvider
+
+
+class OAuthProviderRegistry:
+    """Registry for OAuth providers."""
+    
+    def __init__(self, oauth: OAuth):
+        self.oauth = oauth
+        self._providers: Dict[str, OAuthProvider] = {}
+        self._initialize_providers()
+        
+    def _initialize_providers(self):
+        """Initialize available providers based on environment variables."""
+        # Google OAuth
+        google_client_id = os.getenv('GOOGLE_CLIENT_ID')
+        google_client_secret = os.getenv('GOOGLE_CLIENT_SECRET')
+        if google_client_id and google_client_secret:
+            self._providers['google'] = GoogleOAuthProvider(
+                self.oauth, google_client_id, google_client_secret
+            )
+            
+        # GitHub OAuth
+        github_client_id = os.getenv('GITHUB_CLIENT_ID')
+        github_client_secret = os.getenv('GITHUB_CLIENT_SECRET')
+        if github_client_id and github_client_secret:
+            self._providers['github'] = GitHubOAuthProvider(
+                self.oauth, github_client_id, github_client_secret
+            )
+            
+    def get_provider(self, name: str) -> Optional[OAuthProvider]:
+        """Get OAuth provider by name."""
+        return self._providers.get(name)
+        
+    def get_available_providers(self) -> Dict[str, OAuthProvider]:
+        """Get all available providers."""
+        return self._providers.copy()
+        
+    def is_provider_available(self, name: str) -> bool:
+        """Check if provider is available."""
+        return name in self._providers