def g_callback(self): # parse the original url from the google+ redirect state param original_url = self.request.args.get('state', '') code = self.request.args['code'] conf_ = conf['g'] # authenticate the passed code q = requests.post(conf_['access_url'], data = {'code': code, 'client_id': conf_['client_id'], 'client_secret': conf_['client_secret'], 'redirect_uri': oauth_base + '/callback/g', 'grant_type': 'authorization_code'}) if q.status_code != 200: stderr.write("Login error:\n %s\n" % q.content) return self.redirect('/?msg=AUTH_ERROR') content = loads(q.content) access_token = content['access_token'] del content # get userinfo q = requests.get('https://www.googleapis.com/oauth2/v1/userinfo?access_token=' + access_token) content = loads(q.content) profile_id = content['id'] # save userinfo by id User.save_g_data(self.session, profile_id, fullname=content['name'], email=content['email']) # set redirect with cookie self.redirect('/' + original_url) cookie_val = prepare_cookie('gmail', str(profile_id)) self._response.set_cookie('logged', cookie_val)
def index(self): self.template = 'index.phtml' # top rated top_rated = Rating.top_rated(self.session, limit=6) self.view['top_rated'] = top_rated # last rated last_rated = self.view['last_rated'] shuffle(last_rated) last_rated[5:] = [] ids = map(itemgetter1, self.view['last_rated']) movies = self.session.query(Movie).filter(Movie.id.in_(ids)).all() movies = dict((m.id, m) for m in movies) self.view['movies'] = movies # recent users self.view['recent_users'] = User.recent(self.session, limit=8) # recent ratings already_shown = set(ids) already_shown.update((m.id for m, _ in top_rated)) recent = self.session.query(Rating)\ .options(joinedload(Rating.movie))\ .options(joinedload(Rating.user))\ .filter(not_(Rating.movie_id.in_(already_shown)))\ .order_by(Rating.rated.desc()).limit(15).all() shuffle(recent) recent[10:] = [] self.view['recent_ratings'] = recent
def show(self, user_id, dummy): if self.user: if self.user.id == user_id: pass # TODO :remove this #return self.home() try: user_ = User.load(self.session, id=user_id) except NoResultFound: return self.not_found('error/404.phtml') ratings = self.session.query(Movie, Rating.rating)\ .join((Rating, and_(Rating.movie_id==Movie.id, Rating.user_id==user_.id)))\ .order_by(Rating.rated.desc()).all() watchlist = sorted(user_.watchlist, key=getter_title) self.view.update({ 'user_': user_, 'ratings1': ratings, 'ratings2': sorted(ratings, key=key1, reverse=True), 'watchlist': watchlist }) self.template = 'user.phtml'
def fb_callback(self, original_url): if 'code' not in self.request.args: return self.redirect('/?msg=2') conf_ = conf['fb'] code = self.request.args['code'] callback_uri = oauth_base + conf_['callback_base'] + url_quote(original_url) callback = '/' + original_url q = requests.get('https://graph.facebook.com/oauth/access_token?' + \ url_encode({'client_id': conf_['consumer_key'], 'redirect_uri': url_quote(callback_uri), 'client_secret': conf_['consumer_secret'], 'code': code})) if q.status_code != 200: return self.redirect('/?msg=2') content = url_decode(q.content) access_token = content['access_token'] q = requests.get("https://graph.facebook.com/me?access_token=" + access_token) if q.status_code != 200: return self.redirect('/?msg=2') userdata = q.content userdata = loads(userdata) profile_id = userdata['id'] # save userinfo by id User.save_fb_data(self.session, profile_id, userdata['name'], '') # set redirect with cookie self.redirect(callback) cookie_val = prepare_cookie('fb', str(profile_id)) self._response.set_cookie('logged', cookie_val)
def index(self): self.template = 'index.phtml' # top rated self.view['top_rated'] = Rating.top_rated(self.session, limit=6) # last rated ids = map(itemgetter1, self.view['last_rated']) movies = self.session.query(Movie).filter(Movie.id.in_(ids)).all() movies = dict((m.id, m) for m in movies) self.view['movies'] = movies # recent users self.view['recent_users'] = User.recent(self.session, limit=5)
def __init__(self, request, tpl_env, appspace, action_name, **kwargs): self._request = request self.appspace = appspace self.action_name = action_name self.tpl_env = tpl_env # set blank template and empty view obj self.template = None self.view = { 'path': request.path, 'get': request.args, 'cdn': environ['CDN_PREFIX'] } # set the controller log self._log = "" # init response obj self._response = Response('', content_type="text/html; charset=UTF-8") self._response.status_code = 200 # rest of the initializers (db, session, etc) for key, value in kwargs.iteritems(): setattr(self, key, value) self.view['last_rated'] = Rating.last_rated(self.session, limit=17) # check user data self.user = None if 'logged' in self.request.cookies: parsed_cookie = parse_cookie(self.request.cookies['logged']) if parsed_cookie is None: self.response.delete_cookie('logged') else: service, service_user_id = parsed_cookie try: user = User.load(self.session, service=service, nickname=service_user_id) self.user = user except NoResultFound: self.response.delete_cookie('logged') self.view['user'] = self.user
def show(self, user_id, dummy): if self.user: if self.user.id==user_id: pass # TODO :remove this #return self.home() try: user_ = User.load(self.session, id=user_id) except NoResultFound: return self.not_found('error/404.phtml') ratings = self.session.query(Movie, Rating.rating)\ .join((Rating, and_(Rating.movie_id==Movie.id, Rating.user_id==user_.id)))\ .order_by(Rating.rated.desc()).all() self.view.update({'user_': user_, 'ratings1': ratings, 'ratings2': sorted(ratings, key=key1, reverse=True)}) self.template = 'user.phtml'
def __init__(self, request, tpl_env, appspace, action_name, **kwargs): self._request = request self.appspace = appspace self.action_name = action_name self.tpl_env = tpl_env # set blank template and empty view obj self.template = None self.view = {'path': request.path, 'get': request.args, 'cdn': environ['CDN_PREFIX']} # set the controller log self._log = "" # init response obj self._response = Response('', content_type = "text/html; charset=UTF-8") self._response.status_code = 200 # rest of the initializers (db, session, etc) for key, value in kwargs.iteritems(): setattr(self, key, value) self.view['last_rated'] = Rating.last_rated(self.session, limit=17) # check user data self.user = None if 'logged' in self.request.cookies: parsed_cookie = parse_cookie(self.request.cookies['logged']) if parsed_cookie is None: self.response.delete_cookie('logged') else: service, service_user_id = parsed_cookie try: user = User.load(self.session, service = service, nickname = service_user_id) self.user = user except NoResultFound: self.response.delete_cookie('logged') self.view['user'] = self.user
class Controller(BaseController): def g_request(self, original_url): conf_ = conf['g'] query_string = url_encode({'client_id': conf_['client_id'], 'response_type': 'code', 'scope': 'openid email profile', 'redirect_uri': oauth_base + '/callback/g', 'state': original_url, 'access_type': 'online'}) # redirects to 'login with google+' page self.redirect(conf_['token_url'] + '?' + query_string) def g_callback(self): # parse the original url from the google+ redirect state param original_url = self.request.args.get('state', '') code = self.request.args['code'] conf_ = conf['g'] # authenticate the passed code q = requests.post(conf_['access_url'], data = {'code': code, 'client_id': conf_['client_id'], 'client_secret': conf_['client_secret'], 'redirect_uri': oauth_base + '/callback/g', 'grant_type': 'authorization_code'}) if q.status_code != 200: stderr.write("Login error:\n %s\n" % q.content) return self.redirect('/?msg=AUTH_ERROR') content = loads(q.content) access_token = content['access_token'] del content # get userinfo q = requests.get('https://www.googleapis.com/oauth2/v1/userinfo?access_token=' + access_token) content = loads(q.content) profile_id = content['id'] # save userinfo by id User.save_g_data(self.session, profile_id, fullname=content['name'], email=content['email']) # set redirect with cookie self.redirect('/' + original_url) cookie_val = prepare_cookie('gmail', str(profile_id)) self._response.set_cookie('logged', cookie_val) def logout(self, original_url): self.redirect('/' + original_url) self.response.delete_cookie('logged') def twitter_request(self, original_url): conf_ = conf['twitter'] original_url = oauth_base + conf_['callback_base'] + url_quote(original_url) consumer = oauth2.Consumer(conf_['consumer_key'], conf_['consumer_secret']) client = oauth2.Client(consumer) q, content = client.request(conf_['token_url'], "POST", body = url_encode({'oauth_callback':original_url})) if q['status'] != "200": stderr.write("Login error twitter auth:\n %s\n" % q.content) return self.redirect('/?msg=2') del q oauth_data = url_decode(content) oauth_token = oauth_data['oauth_token'] oauth_token_secret = oauth_data['oauth_token_secret'] del content del oauth_data f = open(oauth_secrets_path_prefix + oauth_token, 'w') f.write(oauth_token_secret) f.close() self.redirect(conf_['authenticate'] + "?oauth_token=" + oauth_token) def twitter_callback(self, original_url): oauth_token = self.request.args['oauth_token'] try: f = open(oauth_secrets_path_prefix + oauth_token, 'r') except IOError, exc: stderr.write("Login error (token not found):\n %s\n" % str(exc)) return self.redirect('/?msg=2') oauth_token_secret = f.read() f.close() oauth_verifier = self.request.args['oauth_verifier'] token = oauth2.Token(oauth_token, oauth_token_secret) token.set_verifier(oauth_verifier) conf_ = conf['twitter'] consumer = oauth2.Consumer(conf_['consumer_key'], conf_['consumer_secret']) client = oauth2.Client(consumer, token) q, content = client.request(conf_['access_token'], method = 'POST') if q['status'] != "200": stderr.write("Login error:\n %s\n" % q.content) return self.redirect('/?msg=2') del q content = url_decode(content) oauth_token = content['oauth_token'] oauth_token_secret = content['oauth_token_secret'] user_id = content['user_id'] username = content['screen_name'] User.save_twitter_data(self.session, user_id, fullname=username, email='') del content f = open(oauth_secrets_path_prefix + oauth_token, 'w') f.write(oauth_token_secret) f.close() # set redirect to callback original_url = '/' + original_url self.redirect(original_url) cookie_val = prepare_cookie('twitter', user_id) self._response.set_cookie('logged', cookie_val)