def profile_api(request): """ API for user profiles. """ if not request.user.is_authenticated(): return jsonResponse({"error": "You must be logged in to update your profile."}) if request.method == "POST": profileJSON = request.POST.get("json") if not profileJSON: return jsonResponse({"error": "No post JSON."}) profileUpdate = json.loads(profileJSON) profile = UserProfile(id=request.user.id) profile.update(profileUpdate) error = profile.errors() #TODO: should validation not need to be called manually? maybe inside the save if error: return jsonResponse({"error": error}) else: profile.save() return jsonResponse(profile.to_DICT()) return jsonResponse({"error": "Unsupported HTTP method."})
def auth_return(request): """ Step 2 of Google OAuth 2.0 flow. """ state = request.GET.get('state', None) if not state: return redirect('gauth_index') flow = google_auth_oauthlib.flow.Flow.from_client_secrets_file( settings.GOOGLE_OAUTH2_CLIENT_SECRET_FILEPATH, scopes=request.session.get('gauth_scope', ''), state=state) redirect_url = request.build_absolute_uri( reverse('gauth_callback')).replace("http:", "https:") flow.redirect_uri = redirect_url # flow.redirect_uri = request.session.get('next_view', '/') authorization_response = request.build_absolute_uri().replace( "http:", "https:") flow.fetch_token(authorization_response=authorization_response) credentials = flow.credentials credentials_dict = { 'token': credentials.token, 'refresh_token': credentials.refresh_token, 'id_token': credentials.id_token, 'token_uri': credentials.token_uri, 'client_id': credentials.client_id, 'client_secret': credentials.client_secret, 'scopes': credentials.scopes, 'expiry': datetime.datetime.strftime(credentials.expiry, '%Y-%m-%d %H:%M:%S') } profile = UserProfile(user_obj=request.user) if profile.gauth_token and profile.gauth_token[ "refresh_token"] and credentials_dict["refresh_token"] is None: credentials_dict["refresh_token"] = profile.gauth_token[ "refresh_token"] profile.update({"gauth_token": credentials_dict}) profile.save() # return credentials return redirect(request.session.get('next_view', '/'))
def unlink_gauth(request): profile = UserProfile(id=request.user.id) profile.update({"gauth_token": None}) profile.save() return redirect(f"/profile/{profile.slug}")