from database_setup import Base, User, Phylum, Class, Order, Family, Genus, Species, PhylumClass, ClassOrder, OrderFamily, FamilyGenus, GenusSpecies
engine = create_engine('sqlite:///fungusamongus.db')
Base.metadata.bind = engine
DBSession = sessionmaker(bind=engine)
session = DBSession()
# Load Admin User
session.query(User).delete()
session.commit()
admin = User()
admin.user_id = 1
admin.user_name = 'admin'
admin.user_email = '*****@*****.**'
session.add(admin)
session.commit()
# Load Phylum
session.query(Phylum).delete()
session.commit()
phylums = open('phylum.json')
phylum_data = json.load(phylums)
for phylum in phylum_data:
phylum_entry = Phylum()
phylum_entry.phylum_name = phylum['PhylumName']
phylum_entry.phylum_image = phylum['PhylumImage']
phylum_entry.phylum_description = phylum['PhylumSummary']
def gconnect():
""" Validate token """
if request.args.get('state') != login_session['state']:
response = make_response(json.dumps('Invalid state parameter.'), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Obtain authorization code
code = request.data
try:
# Upgrade the authorization code into a credentials object
oauth_flow = flow_from_clientsecrets('client_secret.json', scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(code)
except FlowExchangeError:
response = make_response(
json.dumps('Failed to upgrade the authorization code.'), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Check that the access token is valid.
access_token = credentials.access_token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' %
access_token)
http_var = httplib2.Http()
result = json.loads(http_var.request(url, 'GET')[1])
# If there was an error in the access token info, abort.
if result.get('error') is not None:
response = make_response(json.dumps(result.get('error')), 500)
response.headers['Content-Type'] = 'application/json'
return response
# Verify that the access token is used for the intended user.
gplus_id = credentials.id_token['sub']
if result['user_id'] != gplus_id:
response = make_response(
json.dumps("Token's user ID doesn't match given user ID."), 401)
response.headers['Content-Type'] = 'application/json'
return response
# Verify that the access token is valid for this app.
if result['issued_to'] != CLIENT_ID:
response = make_response(
json.dumps("Token's client ID does not match app's."), 401)
print "Token's client ID does not match app's."
response.headers['Content-Type'] = 'application/json'
return response
stored_credentials = login_session.get('credentials')
stored_gplus_id = login_session.get('gplus_id')
if stored_credentials is not None and gplus_id == stored_gplus_id:
response = make_response(
json.dumps('Current user is already connected.'), 200)
response.headers['Content-Type'] = 'application/json'
return response
# Store the access token in the session for later use.
login_session['access_token'] = credentials.access_token
login_session['gplus_id'] = gplus_id
# Get user info
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': credentials.access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
login_session['username'] = data['name']
login_session['picture'] = data['picture']
login_session['email'] = data['email']
# see if user exists, if it doesn't make a new one
email = data['email']
if email:
user = get_user_by_email_provider(email, "Google")
if user is None:
user = User()
user.user_name = data['name']
user.user_email = email
user.user_picture = data['picture']
user.user_provider = "Google"
user.user_id = insert_user(user)
login_session['user_id'] = user.user_id
else:
login_session['user_id'] = user.user_id
output = 'Successful'
return output
