def post(self): flow = app.flow flow.redirect_uri = request.form["redirect_uri"] authCode = request.form["code"] flow.fetch_token(code=authCode) credentials = flow.credentials req_url = "https://www.googleapis.com/oauth2/v1/userinfo?access_token=" + credentials.token user_info = requests.get(req_url).json() user = AuthenticationService.getUser(email=user_info['email']) if user: if not user.password: sessionId = uuid4() session = Session(user=user, sessionId=sessionId) session.save() ret = make_response(user_info) ret.set_cookie("SID", str(session.sessionId), expires=session.dateExpires) return ret return Response("Email already registered with our service", status=403) else: ret = {} ret['message'] = "Redirect to complete sign up" ret['user'] = user_info return Response(ret, status=200)
def do_login(self): user_name = self.get_argument("user") password = self.get_argument("password") user = User.authenticate_user(user_name, password) # either false or user object if user: # login worked session = Session(user_model_id=user.model_id) session.save() session.set_cookie(self) self.redirect('/')
def authenticate(self, email, password): hashedPassword = self.saltPassword(password) user = self.getUser(email=email) if not user: return False if hashedPassword != user.password: return False sessionId = uuid4() session = Session(user=user, sessionId=sessionId) session.save() return session
def post(self): user = { "firstName": request.form["firstName"], "lastName": request.form["lastName"], "email": request.form["email"], "password": request.form["password"], "organization": request.form["organization"], "location": request.form["location"], "userType": request.form["userType"] } try: User.objects.get(email=user["email"]) return Response( "There's already an account with the provided email.", status=400) except: try: AuthenticationService.signup(user) userConfirmationId = uuid4() user = User.objects.get(email=user["email"]) if AuthenticationService.isUserConfirmed(user): sessionId = uuid4() session = Session(user=user, sessionId=sessionId) session.save() data = { "message": "Google authorized successful!", "user": user.email } ret = make_response(data) ret.set_cookie("SID", str(session.sessionId), expires=session.dateExpires) return ret AuthenticationService.setUserConfirmationId( user, userConfirmationId) sub = "Confirm Account" msg = f"<p>Congratulations, you've registered for Agriworks. Please click the link below to confirm your account.</p><p><a href=\"{app.rootUrl}/confirm-user/{userConfirmationId}\"> Confirm account </a></p>" MailService.sendMessage(user, sub, msg) return Response("Signup successful", status=200) except: return Response("Signup unsuccessful. Please try again.", status=403)