def expireToken(): if request.args.get("secret") == app.config["QUEUE_SECRET"]: access_token = request.args.get("access_token") tokenInDB = Token.query(Token.access_token == access_token).get() if tokenInDB: tokenInDB.key.delete() return "Done", 200 return "Code already deleted or did not exist", 200 else: return "Unauthorized", 503
def getToken(): #client does this client = lookupClientByID(request.form.get("client_id")) #logging.warning("CLIENT ID: " + str(request.form.get("client_id"))) if client and client.client_secret == request.form.get("client_secret"): time.sleep(0.1) codeInDB = AuthCode.query(AuthCode.code == request.form.get("code")).get() #logging.warning("CODE IN DB:" + str(codeInDB)) if codeInDB: tokenGrant = Token(client = client.key, user = codeInDB.user, access_token = randomString(32), refresh_token = randomString(32), expires = datetime.now() + timedelta(seconds=app.config["ACCESSTOKEN_EXPIRATION"])) ndb.delete_multi(Token.query(Token.client == client.key and Token.user == codeInDB.user).fetch(keys_only = True)) #delete prior tokens tokenGrant.put() codeInDB.key.delete() taskqueue.add(url='/_expire-token', params={'access_token': tokenGrant.access_token, "secret": app.config["QUEUE_SECRET"]}, method="GET", countdown = app.config["ACCESSTOKEN_EXPIRATION"]) return jsonify({"access_token": tokenGrant.access_token, "refresh_token": tokenGrant.refresh_token, "expires": app.config["ACCESSTOKEN_EXPIRATION"]}) else: return jsonify({"error": "Auth code expired or invalid"}) return jsonify({"error": "Invalid credentials"})
def getUserData(): client = lookupClientByID(request.args.get("client_id")) time.sleep(0.1) #tokenInDB = Token.query(ndb.AND(Token.access_token == request.args.get("access_token")), Token.client == client.key).get() tokenInDB = Token.query(Token.access_token == request.args.get("access_token")).get() #logging.warning(Token.query(Token.access_token == request.args.get("access_token")).get()) if tokenInDB and request.args.get("client_secret") == client.client_secret: user = tokenInDB.user.get() logging.warning("USER FROM GETUSERDATA: " + str(user)) return jsonify({"firstName": user.firstName, "lastName": user.lastName, "birthday": str(user.birthday), "username": user.username, "email": user.email, "twitter": user.twitter}) else: return jsonify({"error": "Invalid token or credentials"})
def getToken(): #client does this client = lookupClientByID(request.form.get("client_id")) #logging.warning("CLIENT ID: " + str(request.form.get("client_id"))) if client and client.client_secret == request.form.get("client_secret"): time.sleep(0.1) codeInDB = AuthCode.query( AuthCode.code == request.form.get("code")).get() #logging.warning("CODE IN DB:" + str(codeInDB)) if codeInDB: tokenGrant = Token( client=client.key, user=codeInDB.user, access_token=randomString(32), refresh_token=randomString(32), expires=datetime.now() + timedelta(seconds=app.config["ACCESSTOKEN_EXPIRATION"])) ndb.delete_multi( Token.query(Token.client == client.key and Token.user == codeInDB.user).fetch( keys_only=True)) #delete prior tokens tokenGrant.put() codeInDB.key.delete() taskqueue.add(url='/_expire-token', params={ 'access_token': tokenGrant.access_token, "secret": app.config["QUEUE_SECRET"] }, method="GET", countdown=app.config["ACCESSTOKEN_EXPIRATION"]) return jsonify({ "access_token": tokenGrant.access_token, "refresh_token": tokenGrant.refresh_token, "expires": app.config["ACCESSTOKEN_EXPIRATION"] }) else: return jsonify({"error": "Auth code expired or invalid"}) return jsonify({"error": "Invalid credentials"})
def getUserData(): client = lookupClientByID(request.args.get("client_id")) time.sleep(0.1) #tokenInDB = Token.query(ndb.AND(Token.access_token == request.args.get("access_token")), Token.client == client.key).get() tokenInDB = Token.query( Token.access_token == request.args.get("access_token")).get() #logging.warning(Token.query(Token.access_token == request.args.get("access_token")).get()) if tokenInDB and request.args.get("client_secret") == client.client_secret: user = tokenInDB.user.get() logging.warning("USER FROM GETUSERDATA: " + str(user)) return jsonify({ "firstName": user.firstName, "lastName": user.lastName, "birthday": str(user.birthday), "username": user.username, "email": user.email, "twitter": user.twitter }) else: return jsonify({"error": "Invalid token or credentials"})