def renew_fb(): '''Renew the current user's Facebook access token. The client should make this call periodically (once every couple months, see User.should_renew_fb_token) to keep the access token up to date. Takes a Facebook signed request object from the post params in the form of: { 'fb_signed_request': obj } ''' req = flask.request current_user = view_helpers.get_current_user() rmclogger.log_event( rmclogger.LOG_CATEGORY_API, rmclogger.LOG_EVENT_RENEW_FB, { 'user_id': current_user.id, 'request_form': req.form, } ) fbsr = req.form.get('fb_signed_request') if fbsr is None: logging.warn('No fbsr set') raise exceptions.ImATeapot('No fbsr set') fb_data = facebook.get_fb_data(fbsr, app.config) access_token = fb_data['access_token'] expires_on = fb_data['expires_on'] is_invalid = fb_data['is_invalid'] if not is_invalid: current_user.fb_access_token_expiry_date = expires_on current_user.fb_access_token = access_token current_user.fb_access_token_invalid = is_invalid # Update the user's fb friend list, since it's likely outdated by now try: current_user.update_fb_friends( facebook.get_friend_list(access_token)) except: # Not sure why this would happen. Usually it's due to invalid # access_token, but we JUST got the token, so it should be valid logging.warn( "/api/renew-fb: get_friend_list failed with token (%s)" % access_token) current_user.save() return ''
def login_with_facebook(): """Login or create an account using Facebook connect Upon successful login or account creation, returns a 'secure cookie' (provided by Flask) containing the session data. Takes a Facebook signed request in the form of: { 'fb_signed_request': obj } """ req = flask.request fbsr = req.form.get('fb_signed_request') rmclogger.log_event( rmclogger.LOG_CATEGORY_GENERIC, rmclogger.LOG_EVENT_LOGIN, { 'fbsr': fbsr, 'request_form': req.form, 'type': rmclogger.LOGIN_TYPE_STRING_FACEBOOK, }, ) if (fbsr is None): raise exceptions.ImATeapot('No fbsr set') fb_data = facebook.get_fb_data(fbsr, app.config) fbid = fb_data['fbid'] fb_access_token = fb_data['access_token'] fb_access_token_expiry_date = fb_data['expires_on'] is_invalid = fb_data['is_invalid'] user = m.User.objects(fbid=fbid).first() if user: # Existing user. Update with their latest Facebook info user.fb_access_token = fb_access_token user.fb_access_token_expiry_date = fb_access_token_expiry_date user.fb_access_token_invalid = is_invalid user.save() # Authenticate view_helpers.login_as_user(user) rmclogger.log_event( rmclogger.LOG_CATEGORY_IMPRESSION, rmclogger.LOG_EVENT_LOGIN, { 'new_user': False, 'user_id': user.id, 'type': rmclogger.LOGIN_TYPE_STRING_FACEBOOK, }, ) else: # New user. Sign up with their Facebook info now = datetime.now() user_obj = { 'email': req.form.get('email'), 'fb_access_token': fb_access_token, 'fb_access_token_expiry_date': fb_access_token_expiry_date, 'fbid': fbid, 'first_name': req.form.get('first_name'), 'friend_fbids': flask.json.loads(req.form.get('friend_fbids')), 'gender': req.form.get('gender'), 'join_date': now, 'join_source': m.User.JoinSource.FACEBOOK, 'last_name': req.form.get('last_name'), 'last_visited': now, 'middle_name': req.form.get('middle_name'), } referrer_id = req.form.get('referrer_id') if referrer_id: try: user_obj['referrer_id'] = bson.ObjectId(referrer_id) except bson.errors.InvalidId: pass # Create the user user = m.User(**user_obj) user.save() # Authenticate view_helpers.login_as_user(user) rmclogger.log_event( rmclogger.LOG_CATEGORY_IMPRESSION, rmclogger.LOG_EVENT_LOGIN, { 'new_user': True, 'user_id': user.id, 'referrer_id': referrer_id, 'type': rmclogger.LOGIN_TYPE_STRING_FACEBOOK, }, ) return ''
def login(): req = flask.request fbsr = req.form.get('fb_signed_request') # TODO(Sandy): Change log category because this isn't API? rmclogger.log_event( rmclogger.LOG_CATEGORY_API, rmclogger.LOG_EVENT_LOGIN, { 'fbsr': fbsr, 'request_form': req.form, }, ) if (fbsr is None): raise exceptions.ImATeapot('No fbsr set') fb_data = facebook.get_fb_data(fbsr, app.config) fbid = fb_data['fbid'] fb_access_token = fb_data['access_token'] fb_access_token_expiry_date = fb_data['expires_on'] is_invalid = fb_data['is_invalid'] user = m.User.objects(fbid=fbid).first() if user: # Existing user. Update with latest FB info user.fb_access_token = fb_access_token user.fb_access_token_expiry_date = fb_access_token_expiry_date user.fb_access_token_invalid = is_invalid user.save() view_helpers.login_as_user(user) rmclogger.log_event( rmclogger.LOG_CATEGORY_IMPRESSION, rmclogger.LOG_EVENT_LOGIN, { 'new_user': False, 'user_id': user.id, }, ) return '' # Sign up the new user friend_fbids = flask.json.loads(req.form.get('friend_fbids')) gender = req.form.get('gender') first_name = req.form.get('first_name') middle_name = req.form.get('middle_name') last_name = req.form.get('last_name') email = req.form.get('email') now = datetime.now() user_obj = { 'fbid': fbid, 'first_name': first_name, 'middle_name': middle_name, 'last_name': last_name, 'email': email, 'gender': gender, 'fb_access_token': fb_access_token, 'fb_access_token_expiry_date': fb_access_token_expiry_date, # TODO(Sandy): Count visits properly 'join_date': now, 'join_source': m.User.JoinSource.FACEBOOK, 'num_visits': 1, 'last_visited': now, 'friend_fbids': friend_fbids, # TODO(Sandy): Fetch from client side and pass here: name, email, # school, program, faculty } referrer_id = req.form.get('referrer_id') if referrer_id: try: user_obj['referrer_id'] = bson.ObjectId(referrer_id) except: pass user = m.User(**user_obj) user.save() view_helpers.login_as_user(user) rmclogger.log_event( rmclogger.LOG_CATEGORY_IMPRESSION, rmclogger.LOG_EVENT_LOGIN, { 'new_user': True, 'user_id': user.id, 'referrer_id': referrer_id, }, ) return ''
def login_with_facebook(): """Login or create an account using Facebook connect Upon successful login or account creation, returns a 'secure cookie' (provided by Flask) containing the session data. Takes a Facebook signed request in the form of: { 'fb_signed_request': obj } """ req = flask.request fbsr = req.form.get('fb_signed_request') rmclogger.log_event( rmclogger.LOG_CATEGORY_GENERIC, rmclogger.LOG_EVENT_LOGIN, { 'fbsr': fbsr, 'request_form': req.form, 'type': rmclogger.LOGIN_TYPE_STRING_FACEBOOK, }, ) if (fbsr is None): raise exceptions.ImATeapot('No fbsr set') fb_data = facebook.get_fb_data(fbsr, app.config) fbid = fb_data['fbid'] fb_access_token = fb_data['access_token'] fb_access_token_expiry_date = fb_data['expires_on'] is_invalid = fb_data['is_invalid'] user = m.User.objects(fbid=fbid).first() if user: # Existing user. Update with their latest Facebook info user.fb_access_token = fb_access_token user.fb_access_token_expiry_date = fb_access_token_expiry_date user.fb_access_token_invalid = is_invalid user.save() # Authenticate view_helpers.login_as_user(user) rmclogger.log_event( rmclogger.LOG_CATEGORY_IMPRESSION, rmclogger.LOG_EVENT_LOGIN, { 'new_user': False, 'user_id': user.id, 'type': rmclogger.LOGIN_TYPE_STRING_FACEBOOK, }, ) else: # New user, or existing email logins user. now = datetime.now() email = req.form.get('email') user_data = { 'fb_access_token': fb_access_token, 'fb_access_token_expiry_date': fb_access_token_expiry_date, 'fbid': fbid, 'friend_fbids': flask.json.loads(req.form.get('friend_fbids')), 'gender': req.form.get('gender'), 'last_visited': now, } user = m.User.objects(email=email).first() if email else None if user: # Update existing account with Facebook data referrer_id = None for k, v in user_data.iteritems(): user[k] = v user.save() else: # Create an account with their Facebook data user_data.update({ 'email': email, 'first_name': req.form.get('first_name'), 'join_date': now, 'join_source': m.User.JoinSource.FACEBOOK, 'last_name': req.form.get('last_name'), 'middle_name': req.form.get('middle_name'), }) referrer_id = req.form.get('referrer_id') if referrer_id: try: user_data['referrer_id'] = bson.ObjectId(referrer_id) except bson.errors.InvalidId: pass user = m.User(**user_data) user.save() # Authenticate view_helpers.login_as_user(user) rmclogger.log_event( rmclogger.LOG_CATEGORY_IMPRESSION, rmclogger.LOG_EVENT_LOGIN, { 'new_user': True, 'user_id': user.id, 'referrer_id': referrer_id, 'type': rmclogger.LOGIN_TYPE_STRING_FACEBOOK, }, ) return ''