api: update user based on oauth token

Keep the user details (name and email) in sync with the values from the oauth.
Igalia · Feb 9, 2024 · 6aa15b5 · 6aa15b5
1 parent 4491829
commit 6aa15b5
Showing 1 changed file with 14 additions and 1 deletion.
diff --git a/api/dependencies.py b/api/dependencies.py
@@ -26,7 +26,20 @@ async def get_current_user(token: Annotated[str, Depends(oauth2_scheme)], db: Se
             status_code=status.HTTP_401_UNAUTHORIZED,
             detail="You are not an authorized user.",
         )
-
+    update_user = False
+    if not user.first_name or user.first_name != decoded["given_name"]:
+        update_user = True
+        user.first_name = decoded["given_name"]
+    if not user.last_name or user.last_name != decoded["family_name"]:
+        update_user = True
+        user.last_name = decoded["family_name"]
+    if not user.email or user.email != decoded["email"]:
+        update_user = True
+        user.email = decoded["email"]
+    if update_user:
+        UserService(db).update_user(
+            username=user.username, email=user.email, first_name=user.first_name, last_name=user.last_name
+        )
     if USE_OIDC_ROLES:
         user.roles = decoded[OIDC_ROLES_PROPERTY].copy()
         user.authorized_scopes = decoded["scopes"].copy()