def oauth2callback(request):
t = request.session.get(TEMP_USER_SESSION_ID)
if not t:
return redirect_to_login_page()
state = request.REQUEST['state']
if not xsrfutil.validate_token(settings.SECRET_KEY, state, t):
return HttpResponseBadRequest()
try:
credential = _get_flow(request).step2_exchange(request.REQUEST)
except FlowExchangeError:
return HttpResponseRedirect(reverse(login))
if credential.invalid:
return HttpResponseRedirect(reverse(login))
http = httplib2.Http()
http = credential.authorize(http)
_h, c = http.request('https://www.googleapis.com/oauth2/v1/userinfo')
data = simplejson.loads(c)
user, _created = get_model().objects.get_or_create(
email=data['email'],
defaults=dict(
name=data.get('name') or data['email'].split('@')[0],
)
)
user.name = data.get('given_name') or user.name
user.surname = data.get('family_name', '')
try:
user.save()
except ValidationError, e:
return redirect_to_login_page(e.messages[0])
def login(request):
if TEMP_USER_SESSION_ID in request.session:
del request.session[TEMP_USER_SESSION_ID]
if not request.method == 'POST':
return redirect_to_login_page()
t = random.randint(0, sys.maxint)
flow = _get_flow(request)
flow.params['state'] = xsrfutil.generate_token(settings.SECRET_KEY, t)
request.session[TEMP_USER_SESSION_ID] = t
return HttpResponseRedirect(flow.step1_get_authorize_url())
