Exemple #1
0
 def login(self):
     next_url = url_for('account.register')
     if g.current_user:
         oauth_info = get_oauth_by(oauth_type=self.name, uid=g.session['user_id'])
         if oauth_info:
             return redirect(request.referrer or url_for('index'))
         next_url = url_for('account.bind')
     callback = '%s%s' % (config.OAUTH_REDIRECT_DOMAIN, url_for('%s_oauth.authorized' % self.name))
     return self.oauth_obj.authorize(callback, next_url)
Exemple #2
0
    def authorized(self, resp):
        csrf = session.pop('%s_oauthcsrf' % self.name, None)
        state = request.args.get('state')
        if state and urllib.unquote(state) !=  csrf:
            return redirect(url_for('index'))
        if not session:
            return redirect(url_for('index'))
        next_url = session.pop('%s_oauthnext' % self.name) or url_for('index')
        logger.info(resp)
        if not resp or not resp.get(self.uid_str, None) \
                or not resp.get(self.token_str, None):
            return redirect(next_url)
        #safe escape
        #uid = resp.get(self.uid_str, None)
        token = resp.get(self.token_str, None)

        oauth = get_oauth_by(oauth_uid=resp[self.uid_str])
        if oauth is None:
            oauth = create_oauth(None, resp[self.uid_str], self.name)

        old_token = oauth.oauth_token
        oauth.oauth_token = token
        if not g.current_user and oauth.uid:
            #need profile!
            user = get_user(oauth.uid)
            if user:
                account_login(user)

                if old_token != oauth.oauth_token:
                    logger.info(old_token)
                    logger.info(oauth.oauth_token)
                    oauth.store()
                    self.update_token(oauth)

                return redirect(url_for('index'))

        session['from_oauth'] = oauth
        return redirect(next_url)
Exemple #3
0
 def get_token(self):
     if g.current_user:
         oauth_info = get_oauth_by(oauth_type=self.name, uid=g.session['user_id'])
         if not oauth_info:
             return
         return oauth_info.oauth_token