def get(self):
username = request.args.get('username', None)
password = request.args.get('password', None)
token = request.args.get('token', None)
app_key = request.args.get('app_key', None)
if not (username and (password or token) and app_key):
return {'message' : 'Missing username, password, token, and/or app_key.'}, 400
if app_key != current_app.config['JIRA_APP_KEY']:
return {'message' : 'Incorrect app_key.'}, 400
user = None
if token:
user = get_user_from_token(token, username)
if user and user.token.active:
return {'token' : token}
elif not password:
return {'message' : 'Invalid token.'}, 400
if password:
user = PocketChangeUser(None, username, password)
if user.is_authenticated():
User = sqlalchemy_db.models['User']
try:
db_user = (sqlalchemy_db.session.query(User)
.filter(User.name==user.name).one())
except:
db_user = User(name=user.name)
sqlalchemy_db.session.add(db_user)
sqlalchemy_db.session.commit()
user.token = db_user.get_new_token(current_app.secret_key[:16],
expires=timedelta(hours=6),
max_uses=1)
sqlalchemy_db.session.commit()
return {'token' : user.token.value}
else:
return {'message' : 'Bad username and/or password.'}, 400
def get(self):
app_key = request.args.get('app_key', None)
username = request.args.get('username', None)
password = request.args.get('password', None)
token = request.args.get('token', None)
user = None
if app_key and app_key == current_app.config['JIRA_APP_KEY']:
if username:
if token:
print token, username
user = get_user_from_token(token, username)
used = False
if user:
used = user.token.use()
if used:
sqlalchemy_db.session.merge(user.token)
sqlalchemy_db.session.commit()
elif not password and not used:
print 'inv'
return {'message' : 'Invalid token.'}, 400
if password:
user = PocketChangeUser(None, username, password)
if user.is_authenticated():
User = sqlalchemy_db.models['User']
try:
db_user = (sqlalchemy_db.session.query(User)
.filter(User.name==user.name).one())
except:
db_user = User(name=user.name, password=password)
sqlalchemy_db.session.add(db_user)
sqlalchemy_db.session.commit()
user.token = db_user.get_new_token(current_app.secret_key[:16],
expires=timedelta(hours=6),
max_uses=1)
user.token.use()
sqlalchemy_db.session.commit()
else:
return {'message' : 'Invalid username/password.'}, 400
if not user:
return {'message' : 'Must provide password or token.'}, 400
else:
return {'message' : 'Must provide username.'}, 400
else:
return {'message' : 'app_key missing or invalid.'}, 400
with open(current_app.config['JIRA_RSA_KEY_FILE'], 'r') as rsa_file:
rsa_data = rsa_file.read()
if hasattr(user.user, 'jira') and user.user.jira and user.user.jira.active:
return {'rsa_key' : rsa_data,
'oauth_secret' : user.user.jira.oauth_secret,
'oauth_token' : user.user.jira.oauth_token}
else:
return {'message' : "User's token is expired or revoked."}, 400
