def google_auth(self):
client_id = self.request.get('client_id')
redirect_uri = self.request.get('redirect_uri')
state = self.request.get('state')
id_token = self.request.get('id_token')
redir_url = user = None
if client_id == 'google':
# Part of Google Home / API.AI auth flow
if redirect_uri == "https://oauth-redirect.googleusercontent.com/r/%s" % secrets.GOOGLE_PROJECT_ID:
if not user:
ok, _email, name = self.validate_google_id_token(id_token)
if ok:
user = User.GetByEmail(_email, create_if_missing=True, name=name)
if user:
access_token = user.aes_access_token(client_id='google')
redir_url = 'https://oauth-redirect.googleusercontent.com/r/%s#' % secrets.GOOGLE_PROJECT_ID
redir_url += urllib.urlencode({
'access_token': access_token,
'token_type': 'bearer',
'state': state
})
self.success = True
else:
self.message = "Malformed"
else:
self.message = "Malformed"
self.set_response({'redirect': redir_url}, debug=True)
def GET(self):
web.header('Access-Control-Allow-Origin', '*')
web.header('Access-Control-Allow-Credentials', 'true')
inputs = web.input()
# look for existing user by email
existingUser = User.GetByEmail(inputs.user_email)
if (existingUser):
return "User Exists"
else: # not existing, create new database record
newUser = User(user_name=inputs.user_name,
user_email=inputs.user_email,
user_phone=inputs.user_phone,
address_street=inputs.address_street,
address_street2=inputs.address_street2,
address_city=inputs.address_city,
address_state=inputs.address_state,
address_zipcode=inputs.address_zipcode)
newUser.put()
return "Success"
def check_login(self, *args, **kwargs):
d = {
'SITENAME': SITENAME,
'TAGLINE': TAGLINE,
'AUTHOR_NAME': AUTHOR_NAME,
'YEAR': datetime.now().year,
'CURTIME': datetime.now()
}
allow = False
handled = False
user = None
session = self.session
if 'user' in session:
user = session['user']
if not user and role:
headers = self.request.headers
if headers:
authorization = headers.get('authorization')
if authorization and authorization.startswith("Basic "):
auth_b64 = authorization.replace('Basic ', '')
user_pass = base64.b64decode(auth_b64)
if user_pass:
_user_id, _pass = user_pass.split(':')
if _user_id and _pass:
if _user_id.isdigit():
# Interpret as User ID
user = User.get_by_id(int(_user_id))
elif '@' in _user_id:
# Interpret as user amil
user = User.GetByEmail(_user_id)
if user and not user.checkPass(_pass):
user = None
if not role:
allow = True
elif role == "user":
if user:
allow = True
elif role == "admin":
if user and user.admin():
allow = True
if not handled:
if allow:
self.user = d['user'] = user
d['logout_url'] = "/logout"
kwargs['d'] = d
handler_method(self, *args, **kwargs)
else:
# Unauthorized
self.set_response(success=False,
message="Unauthorized",
status=401)
def google_login(self):
from constants import ADMIN_EMAIL
token = self.request.get('token')
ok, _email, name = self.validate_google_id_token(token)
u = None
if ok:
u = User.GetByEmail(_email)
if not u:
u = User.Create(email=_email, name=name)
u.put()
if u:
self.update_session_user(u)
self.login_dt = datetime.now()
self.success = True
self.message = "Signed in"
else:
self.message = "Failed to validate"
self.set_response({'user': u.json() if u else None})
def fbook_auth(self):
id_token = self.request.get('id_token')
account_linking_token = self.request.get('account_linking_token')
redirect_uri = self.request.get('redirect_uri')
res = {}
user = None
ok, _email, name = self.validate_google_id_token(id_token)
if ok:
user = User.GetByEmail(_email, create_if_missing=True, name=name)
if user:
auth_code = user.key.id()
if redirect_uri:
redirect_uri += '&authorization_code=%s' % auth_code
self.success = True
else:
self.message = "No redirect URI?"
else:
self.message = "User not found"
res['redirect'] = redirect_uri
self.set_response(res, debug=True)
def POST(self):
web.header('Access-Control-Allow-Origin', '*')
web.header('Access-Control-Allow-Credentials', 'true')
userItem = simplejson.loads(web.data())
existingUser = User.GetByEmail(userItem['user_email'])
if (existingUser):
return "{ status: 'Error - User Exists'}"
else: # not existing, create new database record
newUser = User(user_name=userItem['user_name'],
user_email=userItem['user_email'],
user_phone=userItem['user_phone'],
address_street=userItem['address_street'],
address_street2=userItem['address_street2'],
address_city=userItem['address_city'],
address_state=userItem['address_state'],
address_zipcode=userItem['address_zipcode'])
newUser.put()
return "{ status: 'Success'}"
