Beispiel #1
0
def oauth_authorized():

    remote_app = current_app.auth['app']

    # ripped off from Flask-OAuth
    # since `remote_app` should be defined in app start time
    if 'oauth_verifier' in request.args:
        data = remote_app.handle_oauth1_response()
    elif 'code' in request.args:
        data = remote_app.handle_oauth2_response()
    else:
        data = remote_app.handle_unknown_response()
    remote_app.free_request_token()
    # ---

    if data is None:
        return 'Access denied: reason=%s error=%s' % (
            request.args['error_reason'],
            request.args['error_description']
        )

    db = NodeIndex(current_app.config)

    session['oauth_token'] = (data['access_token'], '')

    user = current_app.auth['authenticator'].get_user_data()
    identity = current_app.auth['provider'] + ':' + str(user['id'])
    user_id = hashlib.sha1(identity).hexdigest()

    user_db = User.get(db.session, user_id)

    session['user_id'] = user_id
    session['user'] = user

    if not user_db:
        user_db = User(user_id=user_id, identity=identity,
                    secret_key=os.urandom(10).encode('hex'))
        db.add(user_db)

    db.query(User).filter_by(user_id=user_id).update({
        'name': user['name'],
        'picture': user['picture']
    })

    db.session.commit()

    broadcast('login', user_db.dict(private=False))

    next_page = request.args.get('next')

    if next_page:
        return redirect(next_page)
    else:
        return redirect(url_for('index'))
Beispiel #2
0
def user_data(user_id):
    db = NodeIndex(current_app.config)
    user = User.get(db.session, user_id)

    if user:
        return jsonify(user.dict(private=False))
    else:
        return 'user not found', 404
Beispiel #3
0
def user_keys():
    user_id = session.get('user_id')

    if not user_id:
        return 'Not logged in', 403

    db = NodeIndex(current_app.config)
    user_db = User.get(db.session, user_id)

    return jsonify({
        'user_id': user_id,
        'secret_key': user_db.secret_key
    })
Beispiel #4
0
 def get_user(cls, session, user_id):
     return User.get(session, user_id)