def login() -> Response:
oauth = cube.make_oauth(name)
authorization_url, state = oauth.authorization_url(
cube.CONFIG[cube.make_key(name, "url")] + "oauth/authorize")
# State is used to prevent CSRF, keep this for later.
flask.session[cube.make_key(name, "state")] = state
return flask.redirect(authorization_url)
def make_callback(name: str):
""" Makes a callback route for an Oauth API. """
def callback() -> Response:
key = cube.make_key(name, "state")
if key not in flask.session:
return alert("You shouldn't be here...", "danger")
assert flask.request.args.get("state", None) == flask.session[key]
code = flask.request.args.get("code", None)
if flask.request.args.get("error", None) is not None or code is None:
return alert("You must allow OAuth access for site functions!",
"danger")
cube.fetch_token(name, cube.make_oauth(name, state=flask.session[key]),
code)
if "action" in flask.session:
action = flask.session["action"]
del flask.session["action"]
else:
action = "profile"
action = URL() + action
return flask.redirect(action)
callback.__name__ = cube.make_key(name, "callback")
return callback
def make_login(name: str):
""" Makes a login route for an Oauth API. """
def login() -> Response:
oauth = cube.make_oauth(name)
authorization_url, state = oauth.authorization_url(
cube.CONFIG[cube.make_key(name, "url")] + "oauth/authorize")
# State is used to prevent CSRF, keep this for later.
flask.session[cube.make_key(name, "state")] = state
return flask.redirect(authorization_url)
login.__name__ = cube.make_key(name, "login")
return login
def make_api(names: list) -> None:
""" Makes login and corresponding callback pages for each API. """
for name in names:
app.route("/" + cube.make_key(name, "login"))(make_login(name))
app.route("/" + cube.make_key(name, "callback"))(make_callback(name))