def authorized(oauth_token):
# Callback from github oauth
next_url = request.args.get('next') or url_for('index')
# Ensure Auth token is present
if oauth_token is None:
flash('Authorization failed.', 'danger')
return redirect(next_url)
# Search for user in DB based on Auth token
user = db_session.query(User).filter_by(access_token=oauth_token).first()
if user is None:
# If user is not found in DB create new user with Auth token
user = User(oauth_token)
# Retrive Users GitHub Data and assign name to user.username as this may
# have changed since last log in
github_params = {'access_token': oauth_token}
github_response = github.raw_request('GET', 'user', params=github_params)
github_user_data = github_response.json()
user.username = str(github_user_data['login'])
# Update DB with new/updated User
db_session.add(user)
db_session.commit()
# store user id and access token in session
session['user_id'] = user.id
session['user_token'] = user.access_token
flash('You are logged in.', 'success')
return redirect(next_url)
def register_user():
email = request.form.get('email')
if not re.match(email_pattern, email):
return jsonify(message="Email is not valid."), 400
password = request.form.get('password')
username = request.form.get('username')
if email == '' or password == '' or username == '':
return jsonify(message='Form fields incomplete.'), 400
if session.query(User).filter_by(email=email).first() is not None:
return jsonify(message='User already registered.'), 400
# initialize user
user = User(email=email)
user.username = username
user.hash_password(password)
user.picture = default_picture_url
session.add(user)
session.commit()
# set login_session data
user = session.query(User).filter_by(email=email).one()
login_session['username'] = user.username
login_session['email'] = user.email
login_session['picture'] = user.picture
login_session['user_id'] = user.id
login_session['provider'] = 'none'
return jsonify(message='You have successfully registered.'), 201
def register():
if request.method == 'GET':
return render_template('register.html')
username = request.form['username']
password = request.form['password']
email = request.form['email']
if username and password and email:
user = User()
user.email = request.form['email']
user.password = request.form['password']
user.username = request.form['username']
db.session.add(user)
db.session.commit()
flash('User successfully registered')
return redirect(url_for('login'))
else:
flash('Please fill all the fields to register')
return redirect(url_for('register'))
def callback():
# Redirect user to home page if already logged in.
if current_user is not None and current_user.is_authenticated:
return redirect(url_for('restaurants'))
if 'error' in request.args:
if request.args.get('error') == 'access_denied':
flash('You denied access.')
return
flash('Error encountered')
return
if 'code' not in request.args and 'state' not in request.args:
return redirect(url_for('login'))
else:
# Execution reaches here when user has
# successfully authenticated our app.
print 'my still session', session
google = get_google_auth(state=session['oauth_state'])
try:
token = google.fetch_token(Auth.TOKEN_URI,
client_secret=Auth.CLIENT_SECRET,
authorization_response=request.url)
except HTTPError:
return 'HTTPError occurred.'
google = get_google_auth(token=token)
resp = google.get(Auth.USER_INFO)
if resp.status_code == 200:
user_data = resp.json()
email = user_data['email']
print 'my email', email
user = db_session.query(User).filter_by(email=email).first()
# print 'my google user', user.fetchall()
if user is None:
user = User()
user.email = email
user.username = user_data['name']
print(token)
user.tokens = json.dumps(token)
user.avatar = user_data['picture']
db_session.add(user)
db_session.commit()
login_user(user)
return redirect(url_for('all_restaurants'))
return 'Could not fetch your information.'
def callback():
if current_user is not None and current_user.is_authenticated:
return redirect(url_for('index'))
if 'error' in request.args:
if request.args.get('error') == 'access_denied':
return 'You denied access.'
return 'Error encountered.'
if 'code' not in request.args and 'state' not in request.args:
return redirect(url_for('login'))
else:
google = get_google_auth(state=session['oauth_state'])
try:
token = google.fetch_token(Auth.TOKEN_URI,
client_secret=Auth.CLIENT_SECRET,
authorization_response=request.url)
except Exception:
return 'HTTPError occurred.'
google = get_google_auth(token=token)
resp = google.get(Auth.USER_INFO)
print(resp)
if resp.status_code == 200:
user_data = resp.json()
email = user_data['email']
user = User.query.filter_by(email=email).first()
print(user)
if user is None:
user = User()
user.email = email
user.username = user_data['email']
print(token)
user.social_auth_token = json.dumps(token)
db.session.add(user)
db.session.commit()
login_user(user)
return redirect(url_for('index'))
return 'Could not fetch your information.'
def do_POST(self):
try:
if self.path.endswith('/logout'):
res = self.check_login()
if res is not 'NotLoggedIn':
id = session.query(User).filter_by(username = res).one().id
session.query(LoginSessions).filter_by(user_id = id).delete()
session.commit()
self.send_response(302)
self.send_header('content-type','text/html')
self.send_header('location','/restaurant')
self.end_headers()
return
if self.path.endswith("/create/menuitem"):
ctype,pdict = cgi.parse_header(self.headers.getheader('content-type'))
if ctype == 'multipart/form-data':
fields = cgi.parse_multipart(self.rfile,pdict)
postcontent = fields.get('name')
postcontent += fields.get('description')
postcontent += fields.get('price')
restid = re.compile('/restaurant/([0-9]+)/').match(self.path).group(1)
rest = session.query(Restaurant).filter_by(id = restid).one()
newitem = MenuItem(name = postcontent[0],description = postcontent[1],price = postcontent[2],restaurant = rest)
session.add(newitem)
session.commit()
self.send_response(301)
self.send_header('Content-type','text/html')
self.send_header('location','/restaurant/%s' %(restid))
self.end_headers()
return
if self.path.endswith("/create/restaurant"):
ctype,pdict = cgi.parse_header(self.headers.getheader('content-type'))
if ctype == 'multipart/form-data':
fields = cgi.parse_multipart(self.rfile,pdict)
postcontent = fields.get('name')
newrest = Restaurant(name = postcontent[0])
session.add(newrest)
session.commit()
self.send_response(301)
self.send_header('content-type','text/html')
self.send_header('location','/restaurant')
self.end_headers()
return
if self.path.endswith("/register"):
ctype,pdict = cgi.parse_header(self.headers.getheader('content-type'))
if ctype == 'multipart/form-data':
fields = cgi.parse_multipart(self.rfile,pdict)
data = fields.get('username')
data += fields.get('password')
indb = session.query(User).filter_by(username = data[0])
if indb.count() == 1:
self.send_response(302)
self.send_header('content-type','text/html')
self.send_header('error','Username already exists')
self.send_header('location','/register')
self.end_headers()
return
obj = User()
obj.username = data[0]
obj.password = data[1]
session.add(obj)
session.commit()
self.send_response(302)
self.send_header('content-type','text/html')
self.send_header('location','/login')
self.end_headers()
return
if self.path.endswith("/login"):
ctype,pdict = cgi.parse_header(self.headers.getheader('content-type'))
if ctype == 'multipart/form-data':
fields = cgi.parse_multipart(self.rfile,pdict)
data = fields.get('username')
data += fields.get('password')
user = session.query(User).filter_by(username = data[0])
if user.count() == 1:
if user.one().password == data[1]:
newsession = LoginSessions(user = user.one())
session.add(newsession)
session.commit()
c = Cookie.SimpleCookie()
c['id'] = user.one().id
self.send_response(301)
self.send_header('content-type','text/html')
self.send_header('Set-Cookie',c.output(header = ''))
self.send_header('location','/restaurant')
self.end_headers()
return
except IOError:
self.send_response(404,"Input Data incorrect")
