def authenticate_access_token(self, token): session_key, secret = parse_bearer(token, SESSION_KEY_BYTES) session = get_django_session(session_key) session.load() stored_secret = session.get('_fulmine_secret', None) if stored_secret != secret: # token does not exist return None, None client_id = session.get('_fulmine_client_id', None) deploy_id = session.get('_fulmine_deploy_id', None) return client_id, session
def build_access_token(scope, expires_in, client_id, deploy_id='', user_id=None, auth_backend=None, grant_id=None): access_token = new_access_token() session_key, secret = parse_bearer(access_token, SESSION_KEY_BYTES) session = get_django_session(session_key) session.clear() # otherwise Django would overwrite the session_hey session['_fulmine_secret'] = secret session['_fulmine_client_id'] = client_id session['_fulmine_deploy_id'] = deploy_id if user_id: session[CONTRIB_AUTH_SESSION_KEY] = user_id session[CONTRIB_AUTH_BACKEND_SESSION_KEY] = auth_backend session['_fulmine_scope'] = scope session['_fulmine_revoked'] = False session['_fulmine_grant'] = grant_id session.set_expiry(timedelta(seconds=expires_in)) session.save(must_create=True) return unicode(access_token)