Ejemplo n.º 1
0
def connect_users(request):
	payload = {}
	logging.info(request.POST)
	fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
	fb.session_key = request.POST['fb_sig_session_key']
	user_info_response = fb.users.getInfo([request.POST['fb_sig_user']], ['email_hashes', 'first_name', 'last_name'])
	logging.info(user_info_response)
	for hash in user_info_response[0]['email_hashes']:
		user = User.all().filter('email_hash = ', hash).get()
		user.facebook_id = int(request.POST['fb_sig_user'])
		user.put()
	return render("standardpage.html", payload, request)
Ejemplo n.º 2
0
def send_connect_users(request):
	payload = {}
	users = User.all().filter('username > ', request.GET['name']).fetch(100)
	hashes = []
	fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
	for user in users:
		#logging.debug(user)
		user.email_hash = fb.hash_email(user.email)
		hashes.append({"email_hash": user.email_hash})
		username = user.username
		user.put()
	logging.info(hashes)
	logging.info(username)
	user_info_response = fb.connect.registerUsers(hashes)
	logging.info(user_info_response)
	payload['text'] = "<a href='/send_connect?name=%s'>%s</a>" % (username, username)
	return render("standardpage.html", payload, request)
Ejemplo n.º 3
0
def register(request, page):
	payload = {}
	if request.method == 'POST': 
		f = RegisterForm(request.POST) 
		if request.POST.has_key('toc'):
			if f.is_valid(): 
				check_captcha = captcha.submit(request.POST['recaptcha_challenge_field'], request.POST['recaptcha_response_field'], settings.RECAPTCHA_PRIVATE_KEY, request.META['REMOTE_ADDR'])
				if check_captcha.is_valid:
					user = User(key_name="user%s" % f.data['username'], username=f.data['username'], email=f.data['email'])
					user.set_password(f.data['password'])
					user.is_active = True
					fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
					user.email_hash = fb.hash_email(user.email)
					hashes = []
					hashes.append({"email_hash": user.email_hash})			
					user.put()
					user_info_response = fb.connect.registerUsers(hashes)
					#automatically login
					user = authenticate(username=f.data['username'],password=f.data['password'])
					if user is not None:
						if user.is_active:
							login(request, user)
					if request.session.test_cookie_worked():
						request.session.delete_test_cookie()	
					if request.GET.has_key("next"):	
						return HttpResponseRedirect(request.GET["next"]) 
					else:					
						return HttpResponseRedirect('/account/') 
				else:
					payload["captchaerror"] = True
		else:
			payload["tocerror"] = True
	else:
		f = RegisterForm()
	request.session.set_test_cookie()		
	payload["captchahtml"] = captcha.displayhtml(settings.RECAPTCHA_PUB_KEY)
	payload["form"] = f
	if request.GET.has_key("next"):
		payload["next"] = request.GET["next"]
	return render("register.html", payload, request)
Ejemplo n.º 4
0
def connect_users(request):
	#<QueryDict: {u'fb_sig_time': [u'1230351016.3299'], 
	#			u'fb_sig_authorize': [u'1'], 
	#			u'fb_sig_locale': [u'en_US'], 
	#			u'fb_sig_session_key': [u'2.oYf3yaL9PnROgLyp5cBg9A__.86400.1230440400-1144902201'], 
	#			u'fb_sig_in_new_facebook': [u'1'], 
	#			u'fb_sig_profile_update_time': [u'0'], 
	#			u'fb_sig_user': [u'1144902201'], 
	#			u'fb_sig_expires': [u'1230440400'], 
	#			u'fb_sig': [u'807f94cba0b3a26f359cd5a7c16cdcd6'], 
	#			u'fb_sig_api_key': [u'9669d802ca3cdcc15172ccd7b4636646'], 
	#			u'fb_sig_added': [u'1']}>
	payload = {}
	logging.info(request.POST)
	fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
	fb.session_key = request.POST['fb_sig_session_key']
	user_info_response = fb.users.getInfo([request.POST['fb_sig_user']], ['email_hashes', 'first_name', 'last_name'])
	logging.info(user_info_response)
	for hash in user_info_response[0]['email_hashes']:
		user = User.all().filter('email_hash = ', hash).get()
		user.facebook_id = int(request.POST['fb_sig_user'])
		user.put()
	return render("standardpage.html", payload, request)
	def process_request(self, request):
		try:
			 # Set the facebook message to empty. This message can be used to dispaly info from the middleware on a Web page.
			request.facebook_message = None
	
			# Don't bother trying FB Connect login if the user is already logged in
			if not request.user.is_authenticated():
				# FB Connect will set a cookie with a key == FB App API Key if the user has been authenticated
				if API_KEY in request.COOKIES:
					fb = Facebook(API_KEY, API_SECRET)

					if(fb.validate_cookie_signature(request.COOKIES)):
				
						# If session hasn't expired
						if(datetime.fromtimestamp(float(request.COOKIES[API_KEY+'_expires'])) > datetime.now()):
			
							# Try to get Django account corresponding to friend
							# Authenticate then login (or display disabled error message)
							user = authenticate(facebook_id=request.COOKIES[API_KEY + '_user'])
							logging.info(user)
							if user is not None:
								if user.is_active:
									login(request, user)
									self.facebook_user_is_authenticated = True
								else:
									request.facebook_message = ACCOUNT_DISABLED_ERROR
									self.delete_fb_cookies = True
							else:
								django_user = User.get_by_key_name("userfb%s" % request.COOKIES[API_KEY + '_user'])
								if not django_user:
									# There is no Django account for this Facebook user.
									# Create one, then log the user in.
									fb.session_key = request.COOKIES[API_KEY + '_session_key']
									user_info_response = fb.users.getInfo([request.COOKIES[API_KEY + '_user']], ['first_name', 'last_name'])
							
									# Create user
									user = User(key_name="userfb%s" % request.COOKIES[API_KEY + '_user'], username = "******" % (user_info_response[0]['first_name'], user_info_response[0]['last_name']), 
												email= '*****@*****.**' % request.COOKIES[API_KEY + '_user'])
									user.set_password(md5.new(request.COOKIES[API_KEY + '_user'] + settings.SECRET_KEY).hexdigest())
									user.is_active = True
									user.facebook_id = int(request.COOKIES[API_KEY + '_user'])
									user.put()
							
									# Authenticate and log in (or display disabled error message)
									user = authenticate(username='******' % request.COOKIES[API_KEY + '_user'], 
											password=md5.new(request.COOKIES[API_KEY + '_user'] + settings.SECRET_KEY).hexdigest())
									logging.info("ROUND2")
									if user is not None:
										if user.is_active:
											login(request, user)
											self.facebook_user_is_authenticated = True
										else:
											request.facebook_message = ACCOUNT_DISABLED_ERROR
											self.delete_fb_cookies = True
									else:
										request.facebook_message = ACCOUNT_PROBLEM_ERROR
										self.delete_fb_cookies = True
								else:								
									request.facebook_message = ACCOUNT_PROBLEM_ERROR
									self.delete_fb_cookies = True
								
						# Cookie session expired
						else:
							logout(request)
							self.delete_fb_cookies = True
						
				   # Cookie values don't match hash
					else:
						logout(request)
						self.delete_fb_cookies = True
					
			# Logged in
			else:
				# If FB Connect user
				if API_KEY in request.COOKIES:
					# IP hash cookie set
					if 'fb_ip' in request.COOKIES:
					
						try:
							real_ip = request.META['HTTP_X_FORWARDED_FOR']
						except KeyError:
							real_ip = request.META['REMOTE_ADDR']
					
						# If IP hash cookie is NOT correct
						if request.COOKIES['fb_ip'] != md5.new(real_ip + API_SECRET + settings.SECRET_KEY).hexdigest():
							 logout(request)
							 self.delete_fb_cookies = True
					# FB Connect user without hash cookie set
					else:
						logout(request)
						self.delete_fb_cookies = True
				
		# Something else happened. Make sure user doesn't have site access until problem is fixed.
		except:
			request.facebook_message = PROBLEM_ERROR
			logout(request)
			self.delete_fb_cookies = True