def google_tokensignin():
"""Post request to save user to database if not existent."""
try:
client_id = current_app.config['CLIENT_ID']
idinfo = id_token.verify_oauth2_token(request.get_json(),
requests.Request(), client_id)
if idinfo['iss'] not in [
'accounts.google.com', 'https://accounts.google.com'
]:
raise ValueError('Wrong issuer.')
except ValueError:
# Invalid token
print "error Token"
user = getUserByMail(idinfo['email'])
if (user is None):
user = User(username=idinfo['given_name'] + " " +
idinfo['family_name'],
email=idinfo['email'],
picture=idinfo['picture'])
db_session.add(user)
db_session.commit()
login_session['auth'] = True
login_session['picture'] = user.picture
login_session['user_id'] = user.id
login_session['username'] = user.username
flash("Now logged in as %s" % user.username)
return redirect(url_for('main.index'))
def chat():
"""Chat room. The user's name and room must be stored in
the session."""
name = session.get('name', '')
room = session.get('room', '')
chatroom = ChatSession.query.filter(ChatSession.name == room)
# initialize the chat session if it doesn't already exist
if chatroom.first() is None:
chatsession = ChatSession(name=room, admin=name)
db_session.add(chatsession)
db_session.commit()
# get the chat session data
chatroom = ChatSession.query.filter(ChatSession.name == room).first()
timer = TimerForm()
session['timer'] = timer.data
session['num'] = -1
form_data = dict(admin=chatroom.admin,
name=name,
room=chatroom.name,
timer=session['timer'],
num=session['num'])
if name == '' or room == '':
return redirect(url_for('.index'))
return render_template('chat.html', form=form_data)
def destory(list_id):
"""Delete list."""
list = db_session.query(List).filter(List.id == list_id).first()
if (list.user_id != login_session['user_id']):
flash("This list does not belong to your account")
return redirect(url_for('list.index'))
db_session.delete(list)
db_session.commit()
flash("List %s destroyed" % list.name)
return redirect(url_for('list.index'))
def destory(list_id, item_id):
"""Delete item."""
list = db_session.query(List).filter(List.id == list_id).first()
if (list.user_id != login_session['user_id']):
flash("This list does not belong to your account")
return redirect(url_for('list.show', list_id=list_id))
item = db_session.query(Item).filter(Item.id == item_id).first()
db_session.delete(item)
db_session.commit()
flash("Item %s destroyed" % item.name)
return redirect(url_for('list.show', list_id=list_id))
def create():
"""Store new list."""
name = request.form.get("name")
if not name:
flash("Please provide a name")
return redirect(url_for('list.index'))
list = List(name=name, user_id=login_session['user_id'])
db_session.add(list)
db_session.commit()
flash("New list %s created" % name)
return redirect(url_for('list.index'))
def update(list_id):
"""Update list."""
list = db_session.query(List).filter(List.id == list_id).first()
if (list.user_id != login_session['user_id']):
flash("This list does not belong to your account")
return redirect(url_for('list.show', list_id=list_id))
name = request.form.get("name")
if not name:
flash("Please provide a name")
return redirect(url_for('list.show', list_id=list_id))
list.name = name
db_session.add(list)
db_session.commit()
flash("List %s was updated" % list.name)
return redirect(url_for('list.show', list_id=list_id))
def create(list_id):
"""Store new item."""
list = db_session.query(List).filter(List.id == list_id).first()
if (list.user_id != login_session['user_id']):
flash("This list does not belong to your account")
return redirect(url_for('list.show', list_id=list_id))
name = request.form.get("name")
if not name:
flash("Please provide a name")
return redirect(url_for('list.show', list_id=list_id))
description = request.form.get("description")
if not description:
flash("Please provide a description")
return redirect(url_for('list.show', list_id=list_id))
item = Item(name=name, description=description, list_id=list_id)
db_session.add(item)
db_session.commit()
flash("New item %s created" % name)
return redirect(url_for('list.show', list_id=list_id))
def update(list_id, item_id):
"""Update item."""
list = db_session.query(List).filter(List.id == list_id).first()
if (list.user_id != login_session['user_id']):
flash("This list does not belong to your account")
return redirect(url_for('list.show', list_id=list_id))
item = db_session.query(Item).filter(Item.id == item_id).first()
name = request.form.get("name")
if not name:
flash("Please provide a name")
return redirect(url_for('item.show', list_id=list_id, item_id=item.id))
description = request.form.get("description")
if not description:
flash("Please provide a description")
return redirect(url_for('item.show', list_id=list_id, item_id=item.id))
item.name = name
item.description = description
item.list_id = list_id
db_session.add(item)
db_session.commit()
flash("Item %s was updated" % item.name)
return redirect(url_for('item.show', list_id=list_id, item_id=item.id))