def createToken(request):
if request.method == 'POST':
if 'createtoken' in request.POST:
form = TokenForm(request.POST)
# restrict projects to user visible fields
form.fields['project'].queryset = Project.objects.filter(user_id=request.user.id) | Project.objects.filter(public=1)
if form.is_valid():
new_token=form.save(commit=False)
new_token.user_id=request.user.id
new_token.save()
return HttpResponseRedirect(get_script_prefix()+'ocpuser/projects')
else:
context = {'form': form}
print form.errors
return render_to_response('createtoken.html',context,context_instance=RequestContext(request))
elif 'backtotokens' in request.POST:
return redirect(getTokens)
else:
messages.error(request,"Unrecognized Post")
redirect(getTokens)
else:
'''Show the Create datasets form'''
form = TokenForm()
# restrict projects to user visible fields
form.fields['project'].queryset = Project.objects.filter(user_id=request.user.id) | Project.objects.filter(public=1)
context = {'form': form}
return render_to_response('createtoken.html',context,context_instance=RequestContext(request))
def token(request):
# 验证应用端合法性
client = oauth_server.authorize(request.META.get('HTTP_AUTHORIZATION'))
if not client:
response = HttpResponse('401 Unauthorized', status=401)
response['WWW-Authenticate'] = 'Basic realm="Please provide your client_id and client_secret."'
return response
# 验证是否为令牌表单
form = TokenForm(request.POST)
if not form.is_valid():
return error_response('invalid_request')
grant_type = form.cleaned_data['grant_type']
code = form.cleaned_data['code']
redirect_uri = form.cleaned_data['redirect_uri']
# 处理authorization_code请求
if grant_type == 'authorization_code':
try:
code = AuthorizationCode.objects.filter(expire_time__gte=datetime.datetime.now()).get(client=client, code=UUID(bytes=urlsafe_base64_decode(code)), redirect_uri=redirect_uri)
except AuthorizationCode.DoesNotExist:
return error_response('invalid_grant')
try:
token = AccessToken(client=client, user=code.user, code=code.code, expire_time=datetime.datetime.now() + datetime.timedelta(hours=1))
token.save()
except IntegrityError:
AccessToken.objects.get(code=code.code).delete()
code.delete()
return error_response('invalid_grant')
return success_response(urlsafe_base64_encode(token.token.bytes))
else:
return error_response('unsupported_grant_type')
def post(self, request):
student = Student.objects.get(user=request.user)
filled_slot_list = Slot.objects.filter(stud_count=F('max_limit'))
form = TokenForm(request.POST)
if form.is_valid():
appointment = form.save(commit=False)
appointment.student = Student.objects.get(user=request.user)
try:
appointment = form.save(commit=True)
# If appointment is saved assign form = None. Otherwise form
# will be rendered again in template.
# Template has a {% if form %} tag to check if form is present.
form = None
except ValidationError as e:
# if appointment is not saved, then assign appointment = None.
# Otheriwse **unsaved** appointment will be rendered in the
# template.
appointment = None
form.add_error('slot', e)
context = dict(student=student,
appointment=appointment,
form=form,
filled_slot_list=filled_slot_list)
return render(request, self.template_name, context)
else:
context = dict(student=student,
form=form,
filled_slot_list=filled_slot_list)
return render(request, self.template_name, context)
def sign_in(request):
if request.method == 'POST':
form = TokenForm(request.POST)
if form.is_valid():
tok=form.cleaned_data['token_id']
# us =form.cleaned_data['user']
return HttpResponseRedirect('/notes/'+tok)
else:
form = TokenForm()
return render(request, 'sign_in.html', {'form': form})
def updateToken(request):
# Get the dataset to update
token = request.session["token_name"]
if request.method == 'POST':
if 'updatetoken' in request.POST:
token_update = get_object_or_404(Token,token_name=token)
form = TokenForm(data=request.POST or None, instance=token_update)
if form.is_valid():
newtoken = form.save( commit=False )
if newtoken.user_id == request.user.id or request.user.is_superuser:
# if you changed the token name, delete old token
newtoken.save()
if newtoken.token_name != token:
deltoken = Token.objects.filter(token_name=token)
deltoken.delete()
messages.success(request, 'Sucessfully updated Token')
del request.session["token_name"]
else:
messages.error(request,"Cannot update. You are not owner of this token or not superuser.")
return HttpResponseRedirect(get_script_prefix()+'ocpuser/token')
else:
#Invalid form
context = {'form': form}
print form.errors
return render_to_response('updatetoken.html',context,context_instance=RequestContext(request))
elif 'backtotokens' in request.POST:
#unrecognized option
return HttpResponseRedirect(get_script_prefix()+'ocpuser/token')
else:
#unrecognized option
return HttpResponseRedirect(get_script_prefix()+'ocpuser/token')
else:
print "Getting the update form"
if "token_name" in request.session:
token = request.session["token_name"]
else:
token = ""
token_to_update = Token.objects.filter(token_name=token)
data = {
'token_name': token_to_update[0].token_name,
'token_description':token_to_update[0].token_description,
'project':token_to_update[0].project_id,
'public':token_to_update[0].public,
}
form = TokenForm(initial=data)
context = {'form': form}
return render_to_response('updatetoken.html',context,context_instance=RequestContext(request))
def token(request):
# 验证应用端合法性
client = oauth_server.authorize(request.META.get('HTTP_AUTHORIZATION'))
if not client:
response = HttpResponse('401 Unauthorized', status=401)
response[
'WWW-Authenticate'] = 'Basic realm="Please provide your client_id and client_secret."'
return response
# 验证是否为令牌表单
form = TokenForm(request.POST)
if not form.is_valid():
return error_response('invalid_request')
grant_type = form.cleaned_data['grant_type']
code = form.cleaned_data['code']
redirect_uri = form.cleaned_data['redirect_uri']
# 处理authorization_code请求
if grant_type == 'authorization_code':
try:
code = AuthorizationCode.objects.filter(
expire_time__gte=datetime.datetime.now()).get(
client=client,
code=UUID(bytes=urlsafe_base64_decode(code)),
redirect_uri=redirect_uri)
except AuthorizationCode.DoesNotExist:
return error_response('invalid_grant')
try:
token = AccessToken(client=client,
user=code.user,
code=code.code,
expire_time=datetime.datetime.now() +
datetime.timedelta(hours=1))
token.save()
except IntegrityError:
AccessToken.objects.get(code=code.code).delete()
code.delete()
return error_response('invalid_grant')
return success_response(urlsafe_base64_encode(token.token.bytes))
else:
return error_response('unsupported_grant_type')
