def authorized(oauth_token): if request.method == 'GET': global error # 只要为None就说明不存在或者伪造 if oauth_token is None: error = '获得Github授权失败!!' return redirect(url_for('user.login')) try: r = github.get('user', access_token=oauth_token) except GitHubError: error = '获得Github授权失败!!' return redirect(url_for('user.login')) username = r.get('login') user = User.query.filter_by(username=username).first() if user is None: user = User(user_id=r.get('id'), username=username, email=r.get('email')) user.add_with_save() session['username'] = username return redirect(url_for('blog.index'))