def authorized(oauth_token): # Callback from github oauth next_url = request.args.get('next') or url_for('index') # Ensure Auth token is present if oauth_token is None: flash('Authorization failed.', 'danger') return redirect(next_url) # Search for user in DB based on Auth token user = db_session.query(User).filter_by(access_token=oauth_token).first() if user is None: # If user is not found in DB create new user with Auth token user = User(oauth_token) # Retrive Users GitHub Data and assign name to user.username as this may # have changed since last log in github_params = {'access_token': oauth_token} github_response = github.raw_request('GET', 'user', params=github_params) github_user_data = github_response.json() user.username = str(github_user_data['login']) # Update DB with new/updated User db_session.add(user) db_session.commit() # store user id and access token in session session['user_id'] = user.id session['user_token'] = user.access_token flash('You are logged in.', 'success') return redirect(next_url)
def register_user(): email = request.form.get('email') if not re.match(email_pattern, email): return jsonify(message="Email is not valid."), 400 password = request.form.get('password') username = request.form.get('username') if email == '' or password == '' or username == '': return jsonify(message='Form fields incomplete.'), 400 if session.query(User).filter_by(email=email).first() is not None: return jsonify(message='User already registered.'), 400 # initialize user user = User(email=email) user.username = username user.hash_password(password) user.picture = default_picture_url session.add(user) session.commit() # set login_session data user = session.query(User).filter_by(email=email).one() login_session['username'] = user.username login_session['email'] = user.email login_session['picture'] = user.picture login_session['user_id'] = user.id login_session['provider'] = 'none' return jsonify(message='You have successfully registered.'), 201
def register(): if request.method == 'GET': return render_template('register.html') username = request.form['username'] password = request.form['password'] email = request.form['email'] if username and password and email: user = User() user.email = request.form['email'] user.password = request.form['password'] user.username = request.form['username'] db.session.add(user) db.session.commit() flash('User successfully registered') return redirect(url_for('login')) else: flash('Please fill all the fields to register') return redirect(url_for('register'))
def callback(): # Redirect user to home page if already logged in. if current_user is not None and current_user.is_authenticated: return redirect(url_for('restaurants')) if 'error' in request.args: if request.args.get('error') == 'access_denied': flash('You denied access.') return flash('Error encountered') return if 'code' not in request.args and 'state' not in request.args: return redirect(url_for('login')) else: # Execution reaches here when user has # successfully authenticated our app. print 'my still session', session google = get_google_auth(state=session['oauth_state']) try: token = google.fetch_token(Auth.TOKEN_URI, client_secret=Auth.CLIENT_SECRET, authorization_response=request.url) except HTTPError: return 'HTTPError occurred.' google = get_google_auth(token=token) resp = google.get(Auth.USER_INFO) if resp.status_code == 200: user_data = resp.json() email = user_data['email'] print 'my email', email user = db_session.query(User).filter_by(email=email).first() # print 'my google user', user.fetchall() if user is None: user = User() user.email = email user.username = user_data['name'] print(token) user.tokens = json.dumps(token) user.avatar = user_data['picture'] db_session.add(user) db_session.commit() login_user(user) return redirect(url_for('all_restaurants')) return 'Could not fetch your information.'
def callback(): if current_user is not None and current_user.is_authenticated: return redirect(url_for('index')) if 'error' in request.args: if request.args.get('error') == 'access_denied': return 'You denied access.' return 'Error encountered.' if 'code' not in request.args and 'state' not in request.args: return redirect(url_for('login')) else: google = get_google_auth(state=session['oauth_state']) try: token = google.fetch_token(Auth.TOKEN_URI, client_secret=Auth.CLIENT_SECRET, authorization_response=request.url) except Exception: return 'HTTPError occurred.' google = get_google_auth(token=token) resp = google.get(Auth.USER_INFO) print(resp) if resp.status_code == 200: user_data = resp.json() email = user_data['email'] user = User.query.filter_by(email=email).first() print(user) if user is None: user = User() user.email = email user.username = user_data['email'] print(token) user.social_auth_token = json.dumps(token) db.session.add(user) db.session.commit() login_user(user) return redirect(url_for('index')) return 'Could not fetch your information.'
def do_POST(self): try: if self.path.endswith('/logout'): res = self.check_login() if res is not 'NotLoggedIn': id = session.query(User).filter_by(username = res).one().id session.query(LoginSessions).filter_by(user_id = id).delete() session.commit() self.send_response(302) self.send_header('content-type','text/html') self.send_header('location','/restaurant') self.end_headers() return if self.path.endswith("/create/menuitem"): ctype,pdict = cgi.parse_header(self.headers.getheader('content-type')) if ctype == 'multipart/form-data': fields = cgi.parse_multipart(self.rfile,pdict) postcontent = fields.get('name') postcontent += fields.get('description') postcontent += fields.get('price') restid = re.compile('/restaurant/([0-9]+)/').match(self.path).group(1) rest = session.query(Restaurant).filter_by(id = restid).one() newitem = MenuItem(name = postcontent[0],description = postcontent[1],price = postcontent[2],restaurant = rest) session.add(newitem) session.commit() self.send_response(301) self.send_header('Content-type','text/html') self.send_header('location','/restaurant/%s' %(restid)) self.end_headers() return if self.path.endswith("/create/restaurant"): ctype,pdict = cgi.parse_header(self.headers.getheader('content-type')) if ctype == 'multipart/form-data': fields = cgi.parse_multipart(self.rfile,pdict) postcontent = fields.get('name') newrest = Restaurant(name = postcontent[0]) session.add(newrest) session.commit() self.send_response(301) self.send_header('content-type','text/html') self.send_header('location','/restaurant') self.end_headers() return if self.path.endswith("/register"): ctype,pdict = cgi.parse_header(self.headers.getheader('content-type')) if ctype == 'multipart/form-data': fields = cgi.parse_multipart(self.rfile,pdict) data = fields.get('username') data += fields.get('password') indb = session.query(User).filter_by(username = data[0]) if indb.count() == 1: self.send_response(302) self.send_header('content-type','text/html') self.send_header('error','Username already exists') self.send_header('location','/register') self.end_headers() return obj = User() obj.username = data[0] obj.password = data[1] session.add(obj) session.commit() self.send_response(302) self.send_header('content-type','text/html') self.send_header('location','/login') self.end_headers() return if self.path.endswith("/login"): ctype,pdict = cgi.parse_header(self.headers.getheader('content-type')) if ctype == 'multipart/form-data': fields = cgi.parse_multipart(self.rfile,pdict) data = fields.get('username') data += fields.get('password') user = session.query(User).filter_by(username = data[0]) if user.count() == 1: if user.one().password == data[1]: newsession = LoginSessions(user = user.one()) session.add(newsession) session.commit() c = Cookie.SimpleCookie() c['id'] = user.one().id self.send_response(301) self.send_header('content-type','text/html') self.send_header('Set-Cookie',c.output(header = '')) self.send_header('location','/restaurant') self.end_headers() return except IOError: self.send_response(404,"Input Data incorrect")