Beispiel #1
0
def token_require(request):
    client_id = request.GET.get('client_id', '')
    state = request.GET.get('state', '')

    if len(state) < 8:
        raise SuspiciousOperation()

    service = Service.objects.filter(name=client_id).first()
    if not service:
        raise SuspiciousOperation()

    user = request.user
    profile = user.profile
    flags = user.profile.flags

    reason = 0
    if flags['sysop']:
        reason = 1
    elif service.scope == 'SPARCS' and not flags['sparcs']:
        reason = 2
    elif service.scope == 'TEST' and not flags['test']:
        reason = 3
    elif service.scope != 'TEST' and flags['test-only']:
        reason = 4
    elif not (profile.email_authed or profile.facebook_id
              or profile.twitter_id or profile.kaist_id):
        reason = 5

    if reason:
        return render(request, 'api/denied.html',
                      {'reason': reason, 'alias': service.alias})

    token = AccessToken.objects.filter(user=user, service=service).first()
    if token:
        logger.info('token.delete', {'r': request, 'hide': True})
        token.delete()

    m = ServiceMap.objects.filter(user=user, service=service).first()
    if not m or m.unregister_time:
        result = reg_service(user, service)
        if result:
            profile_logger.info('register.success: app=%s' % service.name, {'r': request})
        else:
            d = service.cooltime - (timezone.now() - m.unregister_time).days
            profile_logger.warning('register.fail: app=%s' % service.name, {'r': request})
            return render(request, 'api/cooltime.html', {'service': service, 'left': d})

    while True:
        tokenid = os.urandom(10).encode('hex')
        if not AccessToken.objects.filter(tokenid=tokenid, service=service).count():
            break

    token = AccessToken(tokenid=tokenid, user=user, service=service,
                        expire_time=timezone.now() + timedelta(seconds=10))
    token.save()
    logger.info('token.create: app=%s' % client_id, {'r': request})

    args = {'code': token.tokenid, 'state': state}
    return redirect(service.login_callback_url + '?' + urllib.urlencode(args))
def token_require(request):
    name = request.GET.get('app', '')
    service = Service.objects.filter(name=name).first()

    url = request.GET.get('url', '')
    dest = get_callback(request.user, service, url)

    alias = service.alias if service else url

    reason = 0
    if request.user.is_superuser:
        reason = 1
    elif name.startswith('sparcs') and not request.user.profile.sparcs_id:
        reason = 2
    elif not dest:
        reason = 3

    if reason:
        return render(request, 'api/denied.html',
                      {'reason': reason, 'alias': alias, 'dest': dest})

    token = AccessToken.objects.filter(user=request.user, service=service).first()
    if token:
        logger.info('token.delete', {'r': request, 'hide': True})
        token.delete()

    m = ServiceMap.objects.filter(user=request.user, service=service).first()

    if (not m or m.unregister_time) and service:
        result = reg_service(request.user, service)
        if result:
            profile_logger.info('register.success: app=%s' % service.name, {'r': request})
        else:
            d = service.cooltime - (timezone.now() - m.unregister_time).days
            profile_logger.warning('register.fail: app=%s' % service.name, {'r': request})
            return render(request, 'api/cooltime.html', {'service': service, 'left': d})

    while True:
        tokenid = os.urandom(10).encode('hex')
        if not AccessToken.objects.filter(tokenid=tokenid, service=service).count():
            break

    token = AccessToken(tokenid=tokenid, user=request.user, service=service,
                        expire_time=timezone.now() + timedelta(seconds=5))
    token.save()
    logger.info('token.create: app=%s,url=%s' % (name, url), {'r': request})
    args = {'tokenid': token.tokenid}
    return redirect(dest + '?' + urllib.urlencode(args))