Exemple #1
0
    def get(self, *args, **kwargs):
        config = Config()
        code = self.get_argument("code", None)
        redirect_uri = "%s://%s" % (self.request.protocol, "python-regex.com/auth/linkedin/")

        if not code:
            # Generate a random state
            state = binascii.b2a_hex(os.urandom(15))

            self.set_secure_cookie("linkedin_state", state)

            yield self.authorize_redirect(
                redirect_uri=redirect_uri,
                client_id=config.get("linkedin_api_key"),
                extra_params={"response_type": "code", "state": state, "scope": "r_basicprofile r_emailaddress"},
            )

            return

        # Validate the state
        if self.get_argument("state", None) != self.get_secure_cookie("linkedin_state"):
            raise HTTPError(400, "Invalid state")

        user_data = yield self.get_authenticated_user(
            redirect_uri=redirect_uri,
            client_id=config.get("linkedin_consumer_key"),
            client_secret=config("linkedin_consumer_secret"),
            code=code,
            extra_fields=["formatted-name", "email-address"],
        )

        if not user_data:
            raise HTTPError(400, "LinkedIn authentication failed")

        print(user_data)
Exemple #2
0
def run_app():
    """
    Run the application.
    """
    config = Config()

    application = tornado.web.Application(
        URLS,
        debug=settings.DEBUG,
        template_path=settings.ROOT_TEMPLATE_PATH,
        cookie_secret=config.get('secret_key'),

        # Set keys for OAuth transaction
        twitter_consumer_key=config.get('twitter_consumer_key'),
        twitter_consumer_secret=config.get('twitter_consumer_secret'),
        linkedin_consumer_secret=config.get('linkedin_consumer_secret'),
        linkedin_consumer_key=config.get('linkedin_consumer_key'),

        ui_modules={'simple_date': filters.SimpleDate},
        login_url="/auth/login/",
        xsrf_cookies=True,
    )

    # The watcher
    if settings.DEBUG:
        for (path, dirs, files) in os.walk(settings.ROOT_TEMPLATE_PATH):
            for item in files:
                tornado.autoreload.watch(os.path.join(path, item))

    # Start application
    application.listen(8888)
    print("Start listening on 8888")
    io = tornado.ioloop.IOLoop.instance()
    tornado.autoreload.start(io)
    io.start()
Exemple #3
0
    def get_template_namespace(self):
        """
        Make some variables global for all templates
        """
        ns = super(RequestHandler, self).get_template_namespace()
        # pref = PreferenceModel().get_codes()
        cookie = self.get_secure_cookie("messages")
        user = self.get_current_user() or False
        if user:
            self.current_user = UserModel().find_by_username(user)

        config = Config()

        ns.update({
            'question': Question(),
            'analytics': config.get("google_analytics_id"),
            'msvalidate': config.get('msvalidate'),
            'messages': pickle.loads(cookie) if cookie else None,
            'connected': bool(self.current_user)
        })

        if self.current_user:
            ns.update({
                'username': self.current_user['username'],
                'email': self.current_user.get('email', '')
            })

        # Remove messages
        self.clear_cookie("messages")
        return ns
Exemple #4
0
    def get(self, *args, **kwargs):
        redirect_uri = "/auth/github/"
        config = Config()
        client_id = config.get("github_consumer_key")
        client_secret = config.get("github_consumer_secret")

        if self.get_argument("code", False):
            self.get_authenticated_user(
                redirect_uri=redirect_uri,
                client_id=client_id,
                client_secret=client_secret,
                code=self.get_argument("code"),
                callback=self._on_login,
            )
            return

        self.authorize_redirect(
            redirect_uri=redirect_uri, client_id=client_id, extra_params={"scope": "user", "foo": 1}
        )
Exemple #5
0
    def get(self):
        config = Config()
        client_id = config.get("facebook_api_key")
        client_secret = config.get("facebook_secret")

        if self.get_argument("code", False):
            user = yield self.get_authenticated_user(
                redirect_uri="/auth/facebook/",
                client_id=client_id,
                client_secret=client_secret,
                code=self.get_argument("code"),
            )
            # Save the user with e.g. set_secure_cookie

        else:
            yield self.authorize_redirect(
                redirect_uri="/auth/facebook/",
                client_id=client_secret,
                extra_params={"scope": "read_stream,offline_access"},
            )
Exemple #6
0
    def post(self):
        """
        Save the codes
        """
        config = Config()
        config.set('google_analytics_id', self.get_argument('analytics'))
        config.set('msvalidate', self.get_argument('msvalidate'))
        config.set('twitter_consumer_key', self.get_argument('twitter_consumer_key'))
        config.set('twitter_consumer_secret', self.get_argument('twitter_consumer_secret'))
        config.set('linkedin_api_key', self.get_argument('linkedin_api_key'))
        config.set('linkedin_consumer_key', self.get_argument('linkedin_consumer_key'))
        config.set('linkedin_consumer_secret', self.get_argument('linkedin_consumer_secret'))
        config.set('github_consumer_key', self.get_argument('github_consumer_key'))
        config.set('github_consumer_secret', self.get_argument('github_consumer_secret'))
        config.set('google_consumer_key', self.get_argument('google_consumer_key'))
        config.set('google_secret_key', self.get_argument('google_secret_key'))

        # Reset settings
        self.settings['twitter_consumer_key'] = config.get('twitter_consumer_key')
        self.settings['twitter_consumer_secret'] = config.get('twitter_consumer_secret')

        self.redirect('/admin/codes/')
Exemple #7
0
    def get(self, *args, **kwargs):
        redirect_uri = "%s://%s" % (self.request.protocol, "python-regex.com/auth/google/")
        if self.get_argument("code", False):
            config = Config()
            if self._OAUTH_SETTINGS_KEY not in self.settings:
                self.settings[self._OAUTH_SETTINGS_KEY] = {
                    "key": config.get("google_consumer_key"),
                    "secret": config.get("google_secret_key"),
                }
            user = yield self.get_authenticated_user(redirect_uri=redirect_uri, code=self.get_argument("code"))

            access_token = str(user["access_token"])
            http_client = self.get_auth_http_client()
            response = yield http_client.fetch(
                "https://www.googleapis.com/oauth2/v1/userinfo?access_token={}".format(access_token)
            )

            if not response:
                HTTPError(500, "Google authentication error")
                return

            user_json = json.loads(response.body.decode())
            user = UserModel().create_social_user(
                user_json.get("name"), "google", user_json.get("email", ""), user_json.get("picture", "")
            )
            self.login(user)
            self.redirect("/")
            return

        else:
            yield self.authorize_redirect(
                redirect_uri=redirect_uri,
                client_id=Config().get("google_consumer_key"),
                scope=["profile", "email"],
                response_type="code",
                extra_params={"approval_prompt": "auto"},
            )
Exemple #8
0
 def get(self):
     config = Config()
     self.render(
         "admin/codes/list.html",
         facebook=config.get('facebook', ''),
         twitter_consumer_key=config.get('twitter_consumer_key', ''),
         twitter_consumer_secret=config.get('twitter_consumer_secret', ''),
         google_consumer_key=config.get('google_consumer_key', ''),
         google_secret_key=config.get('google_secret_key', ''),
         linkedin_api_key=config.get('linkedin_api_key', ''),
         linkedin_consumer_key=config.get('linkedin_consumer_key', ''),
         linkedin_consumer_secret=config.get('linkedin_consumer_secret', ''),
         github_consumer_key=config.get('github_consumer_key', ''),
         github_consumer_secret=config.get('github_consumer_secret', ''),
         analytics=config.get('google_analytics_id', ''),
         msvalidate=config.get('msvalidate', '')
     )