def account_verify(request):
access_token = request.GET.get('access_token', '')
if not access_token:
auth = request.META.get('HTTP_AUTHORIZATION', b'')
if type(auth) == type(''):
# Work around django test client oddness
auth = auth.encode('iso-8859-1')
auth = auth.split()
if auth and auth[0].lower() == 'bearer':
access_token = auth[1]
try:
token = AccessToken.objects.select_related('user')
token = token.get(token=access_token, expires__gt=provider_now())
except AccessToken.DoesNotExist:
msg = 'No access token'
return HttpResponseForbidden(msg)
user = token.user
if not user.is_active:
msg = 'User inactive or deleted: %s' % user.username
return HttpResponseForbidden(msg)
return HttpResponse('{"id":"%s","first_name":"%s","last_name":"%s","username":"******","email":"%s"}'
% (user.id, user.first_name, user.last_name, user.username, user.email), mimetype='application/json')
def account_verify(request):
access_token = request.GET.get('access_token', '')
if not access_token:
auth = request.META.get('HTTP_AUTHORIZATION', b'')
if type(auth) == type(''):
# Work around django test client oddness
auth = auth.encode('iso-8859-1')
auth = auth.split()
if auth and auth[0].lower() == 'bearer':
access_token = auth[1]
try:
token = AccessToken.objects.select_related('user')
token = token.get(token=access_token, expires__gt=provider_now())
except AccessToken.DoesNotExist:
msg = 'No access token'
return HttpResponseForbidden(msg)
user = token.user
if not user.is_active:
msg = 'User inactive or deleted: %s' % user.username
return HttpResponseForbidden(msg)
return HttpResponse('{"id":"%s","first_name":"%s","last_name":"%s","username":"******","email":"%s"}'
% (user.id, user.first_name, user.last_name, user.username, user.email), mimetype='application/json')
def authenticate_credentials(self, request, access_token):
"""
Authenticate the request, given the access token.
"""
try:
token = oauth2_provider.oauth2.models.AccessToken.objects.select_related('user')
# provider_now switches to timezone aware datetime when
# the oauth2_provider version supports to it.
token = token.get(token=access_token, expires__gt=provider_now())
except oauth2_provider.oauth2.models.AccessToken.DoesNotExist:
raise exceptions.AuthenticationFailed('Invalid token')
user = token.user
if not user.is_active:
msg = 'User inactive or deleted: %s' % user.username
raise exceptions.AuthenticationFailed(msg)
return (user, token)
def authenticate_credentials(self, request, access_token):
"""
Authenticate the request, given the access token.
"""
try:
token = oauth2_provider.oauth2.models.AccessToken.objects.select_related(
'user')
# provider_now switches to timezone aware datetime when
# the oauth2_provider version supports to it.
token = token.get(token=access_token, expires__gt=provider_now())
except oauth2_provider.oauth2.models.AccessToken.DoesNotExist:
raise exceptions.AuthenticationFailed('Invalid token')
user = token.user
if not user.is_active:
msg = 'User inactive or deleted: %s' % user.username
raise exceptions.AuthenticationFailed(msg)
return (user, token)
