Beispiel #1
0
def authorized(resp):
    if resp is None:
        flash( 'Access denied: reason=%s error=%s' % (
            request.args['error_reason'],
            request.args['error_description']), 'error')
        return redirect(url_for('login'))
    flash('Logged In.', 'welcome')
    app.logger.info( str(resp) )
    session['google_token'] = (resp['access_token'], '')
    session['id_token'] = resp['id_token']
    future = datetime.datetime.now() + datetime.timedelta(seconds=int(resp['expires_in']))
    session['expires'] = future.strftime("%s")
    if 'refresh_token' in resp:
        session['refresh_token'] = resp['refresh_token']
    me = google.get('userinfo')
    me.data['google_token'] = session['google_token']
    app.logger.info(me.data)
    app.logger.info(me.data['id'])
    session['user_data'] = { 'name': me.data['name'],
                            'id':  u_man.hash_id( me.data['id'] ),
                            'email':me.data['email'],
                            'picture':me.data['picture']}
    session['user_data']['registered'] = u_man.user_registered(session['user_data']['id'])
    session['user_data']['active'] = u_man.user_active(session['user_data']['id'])
    if session['user_data']['registered'] and not session['user_data']['active']:
        flash("You are registered but not active.", 'info')
    app.logger.debug(str(me.data))
    return redirect(url_for('index'))
Beispiel #2
0
def refresh_token():
    from tcdiracweb.views import google
    expires = 0
    if 'expires' in session:
        expires = int(session['expires']) - int(datetime.datetime.now().strftime("%s")) 
        app.logger.info( 'session expires %i sec' % expires )
    if expires < 10*60 and 'refresh_token' in session:#expires within 10 minutes
        url = 'https://accounts.google.com/o/oauth2/token'
        request = {'refresh_token': session['refresh_token'],
                   'client_id' :app.config.get('GOOGLE_ID'),
                   'client_secret': app.config.get('GOOGLE_SECRET'),
                   'grant_type':'refresh_token'}
        data = urllib.urlencode(request)
        app.logger.info(data)
        req = urllib2.Request(url, data)
        response = urllib2.urlopen(req)
        app.logger.info( response )
        the_page = response.read()
        resp = json.loads(the_page)
        app.logger.info(the_page)
        session.pop('google_token', None)
        session.pop('id_token', None)
        session.pop('user_data', None)
        session['google_token'] = (resp['access_token'], '')
        session['id_token'] = resp['id_token']
        future = datetime.datetime.now() + datetime.timedelta(seconds=int(resp['expires_in']))
        session['expires'] = future.strftime("%s")
        me = google.get('userinfo')
        session['user_data'] = { 'name': me.data['name'],
                                'id':  u_man.hash_id( me.data['id'] ),
                                'email':me.data['email'],
                                'picture':me.data['picture']}
        session['user_data']['registered'] = u_man.user_registered(session['user_data']['id'])
        session['user_data']['active'] = u_man.user_active(session['user_data']['id'])
Beispiel #3
0
def check_id():
    from tcdiracweb.views import google
    if 'user_data' in session and 'id' in session['user_data']:
        me = google.get('userinfo')
        if 'id' in me.data:#server reboot fubars this, just log user out
            return u_man.hash_id( me.data['id'] ) == session['user_data']['id']
        else:
            app.logger.warning("id not in me.data")
            app.logger.warning("me.data %r" % me.data)
            app.logger.warning("me.data: %r" % me )
    else:
        app.logger.warning('session missing user_date or if')
        app.logger.warning('%r' % session)
    return False