def authorize():
client_id = int(request.form.get('client_id'))
login = request.form.get('login')
password = request.form.get('password')
state = request.form.get('state', None)
if not db.user(login=login):
return redirect(db.client[client_id]['redirect_uri'] + '?error=access_denied' + ('' if state is None else '&state=' + state), code=302)
if db.user(login=login)[0]['password_hash'] != sha256(password.encode('UTF-8')).digest():
return redirect(db.client[client_id]['redirect_uri'] + '?error=access_denied' + ('' if state is None else '&state=' + state), code=302)
code=sha256(str(uuid4()).encode('UTF-8')).hexdigest()
db.authorization_code.insert(user_id=db.user(login=login)[0]['__id__'],
code=code,
expire_time=datetime.now() + timedelta(minutes=10))
db.authorization_code.commit()
return redirect(db.client[client_id]['redirect_uri'] + '?code=' + code + ('' if state is None else '&state=' + state), code=302)
def user_info(username):
existing = db.user(username)
if existing:
return existing, True
u = "http://github.com/api/v2/json/user/show/" + username
data = json.load(urlopen(u))
if "error" in data:
raise Error("GitHub error: " + repr(data["error"]))
data = data["user"]
db.save_user(username, data.get("email", None), data.get("name", None))
return data, False
def register():
login = request.form['login']
if not login:
return render_template('register_fail.html', reason='Empty login not allowed.')
password = request.form['password']
if len(password) < 6:
return render_template('register_fail.html', reason='Password is too short')
name = request.form['name'] or None
email = request.form['email'] or None
if db.user(login=login):
return render_template('register_fail.html', reason='User already exists.'.format(login))
db.user.insert(login=login,
password_hash=sha256(password.encode('UTF-8')).digest(),
name=name,
email=email)
db.user.commit()
return render_template('register_ok.html', login=request.form['login'])
def _load_user(self): assert(self._user_id > 0) info = db.user(self._user_id) if not info: return failure.Failure((gateway_pb2.EC_DATABASE, 'Database failed')) self._info = info
