def mainpage(request):
code = request.GET['code']
payload = {'code':code,'client_id':settings.GOOGLE_CLIENT_ID,'client_secret':settings.GOOGLE_SECRET,'redirect_uri':settings.GOOGLE_REDIRECT_URL,'grant_type':'authorization_code'}
r = requests.post('https://accounts.google.com/o/oauth2/token',payload)
print 'type =', type(r.json()['id_token'].encode('utf-8'))
token = r.json()['id_token'].encode('utf-8')
print 'token type =', type(token)
segments = token.split('.')
if (len(segments) != 3):
raise Exception('Wrong number of segments in token: %s' % segments)
b64string = segments[1]
b64string = b64string.encode('ascii')
padded = b64string + '=' * (4 - len(b64string) % 4)
padded = base64.urlsafe_b64decode(padded)
#Create a new session
ses_id = auth.create_session_id()
if 'sessionid' not in request.session:
request.session['sessionid'] = ses_id
request.session['acsrfid'] = auth.get_acsrf(ses_id)
print 'old request session id =', request.session['sessionid']
print 'old request acsrf id =', request.session['acsrfid']
request.session['sessionid'] = ses_id
request.session['acsrfid'] = auth.get_acsrf(ses_id)
print 'new request session id =', request.session['sessionid']
print 'new request acsrf id =', request.session['acsrfid']
return render_to_response('startpage.html',context_instance=RequestContext(request))
def render_portfolio():
acsrf = request.forms.get('antiCSRF')
ses_id = request.forms.get('session_id')
if (not auth.is_valid_acsrf(ses_id)):
return template('Login',message='Improper Credentials or Timeout.',goog_anal_script=GoogleAnalyticsInclusionScript)
auth.update_acsrf(ses_id)
LogActivity.logPageTurn(ses_id,"Portfolio")
portfolio = request.forms.get('portfolio')
return template('Portfolio',acsrf=auth.get_acsrf(ses_id),\
session_id=ses_id,\
portfolio=portfolio,\
feedback_url=LocalURLToRecordFeedback,\
goog_anal_script=GoogleAnalyticsInclusionScript)
def pptriv():
username = request.forms.get('username')
password = request.forms.get('password')
# just a little throttle to slow down any denial of service attack..
time.sleep(1.0);
if (not auth.does_authenticate(username,password)):
LogActivity.logBadCredentials(username)
return template('Login',message='Improper Credentials.',goog_anal_script=GoogleAnalyticsInclusionScript)
search_string = request.forms.get('search_string')
search_string = search_string if search_string is not None else "Dell Latitude"
psc_pattern = request.forms.get('psc_pattern')
ses_id = auth.create_session_id()
LogActivity.logSessionBegin(username,ses_id)
LogActivity.logPageTurn(ses_id,"StartPage")
return template('StartPage',search_string=search_string,\
acsrf=auth.get_acsrf(ses_id),\
username=username, \
session_id=ses_id,\
psc_pattern=psc_pattern,goog_anal_script=GoogleAnalyticsInclusionScript)
def render_main_page(acsf,ses_id):
if (not auth.is_valid_acsrf(ses_id)):
return template('Login',message='Improper Credentials or Timeout.',
footer_html=FOOTER_HTML,
goog_anal_script=GoogleAnalyticsInclusionScript)
auth.update_acsrf(ses_id)
search_string = request.forms.get('search_string')
search_string = search_string if search_string is not None else ""
commodity_id = request.forms.get('commodity_id')
LogActivity.logPageTurn(ses_id,"MainPage")
return template('MainPage',search_string=search_string,\
acsrf=auth.get_acsrf(ses_id),\
session_id=ses_id,\
feedback_url=LocalURLToRecordFeedback,\
footer_html=FOOTER_HTML,\
column_dropdown=COLUMN_DROPDOWN_HTML,\
commodity_id=commodity_id,goog_anal_script=GoogleAnalyticsInclusionScript)
def pptriv():
acsrf = request.forms.get('antiCSRF')
ses_id = request.forms.get('session_id')
if (not auth.is_valid_acsrf(ses_id)):
return template('Login',message='Improper Credentials or Timeout.',goog_anal_script=GoogleAnalyticsInclusionScript)
auth.update_acsrf(ses_id)
search_string = request.forms.get('search_string')
search_string = search_string if search_string is not None else "Dell Latitude"
commodity_id = request.forms.get('commodity_id')
print 'COMMODITY_ID = '+commodity_id
LogActivity.logPageTurn(ses_id,"MainPage")
return template('MainPage',search_string=search_string,\
acsrf=auth.get_acsrf(ses_id),\
session_id=ses_id,\
feedback_url=LocalURLToRecordFeedback,\
commodity_id=commodity_id,goog_anal_script=GoogleAnalyticsInclusionScript)
