Exemple #1
0
def user_view(request):
    # ユーザー情報取得API
    if request.method == 'GET':
        try:
            user_id = int(request.GET['id'])
        except (MultiValueDictKeyError, ValueError):
            return json_response_bad_request()

        if not request.user.is_authenticated():
            return json_response_forbidden()

        try:
            user = User.objects.get(pk=user_id)
        except User.DoesNotExist:
            # ID が不正だったら Not Found
            return json_response_not_found()

        user_info = user_to_dict(user)
        return json_response(context=dict(user=user_info))
Exemple #2
0
def auth_view(request):
    try:
        key = request.GET['access_token_key']
        secret = request.GET['access_token_secret']
    except MultiValueDictKeyError:
        # bad request
        return json_response_bad_request()

    try:
        # get twitter account by key and secret
        tw_account = tw_util.get_vc(key, secret)
    except TypeError:
        # Error reason is not well known
        # sending dummy access token key/secret causes error
        return json_response_server_error()

    if tw_account == {}:
        # 正しいアクセストークンキー、シークレットでなかった場合 など
        return json_response_not_found()
    user_name = tw_account['id']

    # get twitter icon URL and save icon image to local
    # 暫定的に認証時に毎回アイコンを取得
    twicon = image_utils.get_img(tw_account['icon_url'])
    if twicon is None:
        relative_pathname = 'default_twicon'
    else:
        relative_pathname = os.path.join('twicon', str(user_name))
        absolute_pathname = image_utils.build_media_absolute_pathname(
            relative_pathname)
        image_utils.save_bindata(absolute_pathname, twicon)
    icon_url = image_utils.build_media_absolute_url(request, relative_pathname)

    # 新規に作成されたユーザーも、登録済みだったユーザーも
    # どちらもパスワードとしてtemp_passwordを設定する
    temp_password = User.objects.make_random_password()
    try:
        # HQTP user exists
        user = User.objects.get(username=user_name)
        user.set_password(temp_password)
        user.save()
        created = False
    except User.DoesNotExist:
        # User has twitter account, but doesn't have HQTP account
        # create new user
        user = User.objects.create_user(username=user_name,
                                        email='',
                                        password=temp_password)
        profile = user.get_profile()
        profile.screen_name = tw_account['screen_name']
        profile.name = tw_account['name']
        profile.icon_url = icon_url
        profile.save()
        achieve.give_achievement('first_login', user)
        created = True

    auth_user = authenticate(username=user_name, password=temp_password)
    # セキュリティのために、パスワード認証ができないようにします
    # アクセストークンKEY、SECRETによる認証しか行いません
    auth_user.set_unusable_password()
    if auth_user.is_active:
        # Log in successful
        login(request, auth_user)
        user_info = user_to_dict(auth_user)
    else:
        # User is deleted
        return json_response_not_found()

    return json_response(context=dict(created=created, user=user_info))