def get_credentials(self, social_network, token_id):
cookie_value = self.request.cookies.get("session")
# Obtains info related to the user authenticated in the system
if not cookie_value == None:
logged_user = self.getUserInfo(cookie_value)
# Searchs for user"s credentials
if not logged_user == None:
# Obtains user info
logged_user_id = ndb_pb.getUserId(logged_user)
# Obtains user credentials
user_credentials = ndb_pb.getToken(token_id, social_network)
if not user_credentials == None:
if user_credentials["user_id"] == logged_user_id:
response = \
{"user_id": user_credentials["user_id"],
"access_token": user_credentials["token"]}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
else:
response = {"user_id": user_credentials["user_id"]}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
else:
response = \
{"error": "The active user does not have a pair of token_id" \
+ " and access_token in " + social_network + " stored in the system"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(404)
else:
response = \
{"error": "The cookie session provided does not belongs to any active user"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
# If we don't provide a cookie in the request, we search for the token in the system
# and return a 200 o 404 status. It is a request included in the login flow of the system
else:
user_credentials = ndb_pb.getToken(token_id,social_network)
if not user_credentials == None:
response = {"user_id": user_credentials["user_id"]}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
else:
response = {"error": "Token not found in the system"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(404)
def post_credentials(self, social_network):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
user = self.getUserInfo(cookie_value)
if not user == None:
try:
# Gets the data from the request form
access_token = self.request.POST["access_token"]
token_id = self.request.POST["token_id"]
# Checks if the username was stored previously
stored_credentials = ndb_pb.getToken(token_id,
social_network)
if stored_credentials == None:
# Adds the token to the user credentials list
ndb_pb.insertToken(user, social_network, access_token, token_id)
#Builds the response
user_id = ndb_pb.getUserId(user)
response = {"user_id": user_id}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(201)
else:
# We update the user credentials
user_id = ndb_pb.modifyToken(token_id, access_token,
social_network)
# Builds the response
response = {"user_id": stored_credentials["user_id"]}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(200)
except KeyError:
response = \
{"error": "You must provide a valid pair of access_token and token_id in the request"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
else:
response = \
{"error": "The cookie session provided does not belongs to any active user"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
else:
response = \
{"error": "You must provide a session cookie"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(401)
def delete_credentials(self, social_network, token_id):
cookie_value = self.request.cookies.get("session")
if not cookie_value == None:
# Searchs for user"s credentials
logged_user_key = self.getUserInfo(cookie_value)
if not logged_user_key == None:
logged_user_id = ndb_pb.getUserId(logged_user_key)
token = ndb_pb.getToken(token_id, social_network)
if not token == None:
token_owner_id = token['user_id']
if logged_user_id == token_owner_id:
# Deletes the token from the user
token_deleted = ndb_pb.deleteCredentials(logged_user_key, social_network, token_id)
if token_deleted:
response = \
{"status": "Credentials deleted successfully"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(204)
else:
response = \
{"error": "This token cannot be deleted, because it is being used as the only token " + \
"to perform the login action in the system"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(403)
else:
response = \
{"error": "You do not have permissions to perform this request"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(401)
else:
response = \
{"error": "Token not found in the system"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(404)
else:
response = \
{"error": "The cookie session provided does not belongs to any active user"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(400)
else:
response = {"error": "You must provide a session cookie"}
self.response.content_type = "application/json"
self.response.write(json.dumps(response))
self.response.set_status(401)
