def authenticate_access_token(self, token):
session_key, secret = parse_bearer(token,
SESSION_KEY_BYTES)
session = get_django_session(session_key)
session.load()
stored_secret = session.get('_fulmine_secret', None)
if stored_secret != secret:
# token does not exist
return None, None
client_id = session.get('_fulmine_client_id', None)
deploy_id = session.get('_fulmine_deploy_id', None)
return client_id, session
def build_access_token(scope, expires_in, client_id, deploy_id='',
user_id=None, auth_backend=None, grant_id=None):
access_token = new_access_token()
session_key, secret = parse_bearer(access_token,
SESSION_KEY_BYTES)
session = get_django_session(session_key)
session.clear() # otherwise Django would overwrite the session_hey
session['_fulmine_secret'] = secret
session['_fulmine_client_id'] = client_id
session['_fulmine_deploy_id'] = deploy_id
if user_id:
session[CONTRIB_AUTH_SESSION_KEY] = user_id
session[CONTRIB_AUTH_BACKEND_SESSION_KEY] = auth_backend
session['_fulmine_scope'] = scope
session['_fulmine_revoked'] = False
session['_fulmine_grant'] = grant_id
session.set_expiry(timedelta(seconds=expires_in))
session.save(must_create=True)
return unicode(access_token)
