def login():
if request.method == 'POST':
name = request.args.get("name","")
email = request.args.get("email","")
logging.info("name " + name +" email " + email)
account = Account.query(Account.email == email).get()
#create a state string
state = ''
for x in xrange(32):
state+= random.choice(string.ascii_uppercase + string.digits)
session['state'] = state
storeToken = request.args.get("storeToken","")
#verify store token with google servers
try:
oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(storeToken)
except FlowExchangeError:
logging.info("error with Oauth")
return page_not_found(404)
# once store token verified send a request for credential for gplus
access_token = credentials.access_token
logging.info(access_token)
url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s"% access_token)
h = httplib2.Http()
result = json.loads(h.request(url,'GET')[1])
gplus_id = credentials.id_token['sub']
stored_credentials = session.get('credentials')
stored_gplus_id = session.get('gplus_id')
if account is not None:
logging.info("User already logged in")
account = Account.query(Account.email == email).get()
account.loggedIn = True
account.put()
session['credentials'] = credentials
session['gplus_id'] = gplus_id
session['username'] = account.name
session['userId'] = account.key.integer_id()
session['loggedIn'] = True
else:
logging.info("first time logging in")
session['credentials'] = credentials
session['gplus_id'] = gplus_id
session['username'] = name
account = Account(name=name,email=email,gplusId=gplus_id,accessToken = access_token,loggedIn=True)
key = account.put()
session['userId'] = key.integer_id()
session['loggedIn'] = True
return '200'
if request.method == 'GET':
return page_not_found(404)
def api_login():
logging.info("api_login Type " + request.method)
if request.method == 'POST':
name = request.args.get("name", "")
email = request.args.get("email", "")
# once store token verified send a request for credential for gplus
access_token = request.args.get("oauth", "")
gplus_id = request.args.get("gplusid", "")
#check for valid arguments
if name == "" or email == "" or access_token == "" or gplus_id == "":
return json_response(code=400)
url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s" %
access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
query = Account.query(Account.email == email)
account = query.get()
if query.count() != 0:
key = account.key
return json_success({"uuid": key.integer_id()})
session['gplus_id'] = gplus_id
session['username'] = name
account = Account(name=name,
email=email,
gplusId=gplus_id,
accessToken=access_token,
loggedIn=True)
key = account.put()
session['userId'] = key.integer_id()
return json_success({"uuid": key.integer_id()})
def api_login():
logging.info("api_login Type "+ request.method)
if request.method == 'POST':
name = request.args.get("name","")
email = request.args.get("email","")
# once store token verified send a request for credential for gplus
access_token = request.args.get("oauth","")
gplus_id = request.args.get("gplusid","")
#check for valid arguments
if name == "" or email == "" or access_token == "" or gplus_id == "":
return json_response(code=400)
url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s"% access_token)
h = httplib2.Http()
result = json.loads(h.request(url,'GET')[1])
query = Account.query(Account.email == email)
account = query.get()
if query.count() != 0:
key = account.key
return json_success({"uuid":key.integer_id() })
session['gplus_id'] = gplus_id
session['username'] = name
account = Account(name=name,email=email,gplusId=gplus_id,accessToken=access_token,loggedIn=True)
key = account.put()
session['userId'] = key.integer_id()
return json_success({"uuid":key.integer_id()})
def api_login():
logging.info("api_login Type "+ request.method)
if request.method == 'POST':
name = request.args.get("name","")
email = request.args.get("email","")
logging.info("name " + name +" email " + email)
# once store token verified send a request for credential for gplus
access_token = request.args.get("storeToken","")
gplus_id = request.args.get("id","")
logging.info(access_token)
url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s"% access_token)
h = httplib2.Http()
result = json.loads(h.request(url,'GET')[1])
query = Account.query(Account.email == email)
account = query.get()
if query.count() != 0:
logging.info("Account Already Exists")
key = account.key
return json_success({"uuid":key.integer_id() })
logging.info("first time logging in")
session['gplus_id'] = gplus_id
session['username'] = name
account = Account(name=name,email=email,gplusId=gplus_id,accessToken=access_token,loggedIn=True)
key = account.put()
session['userId'] = key.integer_id()
return json_success({"uuid":key.integer_id()})
if request.method == 'GET':
return page_not_found(404)
def logout():
if request.method == 'POST':
name = session['username']
account = Account.query(Account.name == name).get()
account.loggedIn = False
account.put()
logging.info("session before " + str(len(session)))
logging.info("session after " + str(len(session)))
session['loggedIn'] = False
logging.info("session set to loggedin = false")
session.clear()
return '200'
if request.method == 'GET':
return render_template('logout.html')
def logout():
if request.method == 'POST':
name = session['username']
account = Account.query(Account.name == name).get()
account.loggedIn = False
account.put()
logging.info("session before " + str(len(session)))
logging.info("session after " + str(len(session)))
session['loggedIn'] = False
logging.info("session set to loggedin = false")
session.clear()
return '200'
if request.method == 'GET':
return render_template('logout.html')
def mapAdmin(mapid=-1, email=""):
if mapid <= 0:
return json_response(code=400)
if email == "":
return json_response(code=400)
map = Map.get_by_id(mapid)
if map is None:
return json_response(code=400)
adminAccount = Account.query(Account.email == email).get()
if adminAccount is None:
return json_response(code=400)
userid = adminAccount.key.integer_id()
if request.method == 'POST':
if userid not in map.adminIds:
map.adminIds.append(userid)
map.put()
else:
return json_success(adminAccount.Get())
if mapid not in adminAccount.adminMaps:
adminAccount.adminMaps.append(mapid)
adminAccount.put()
return json_success(adminAccount.Get())
if request.method == 'DELETE':
logging.info("delete")
if userid not in map.adminIds:
return json_response(code=400)
if mapid not in adminAccount.adminMaps:
return json_response(code=400)
if adminAccount.key.integer_id() == map.creatorId:
return json_response(code=400)
map.adminIds.remove(userid)
adminAccount.adminMaps.remove(mapid)
map.put()
adminAccount.put()
return json_response(code=200)
def mapAdmin(mapid=-1,email=""):
if mapid <= 0:
return json_response(code=400)
if email == "":
return json_response(code=400)
map = Map.get_by_id(mapid)
if map is None:
return json_response(code=400)
adminAccount = Account.query(Account.email == email).get()
if adminAccount is None:
return json_response(code=400)
userid = adminAccount.key.integer_id()
if request.method == 'POST':
if userid not in map.adminIds:
map.adminIds.append(userid)
map.put()
else:
return json_success(adminAccount.Get())
if mapid not in adminAccount.adminMaps:
adminAccount.adminMaps.append(mapid)
adminAccount.put()
return json_success(adminAccount.Get())
if request.method == 'DELETE':
logging.info("delete")
if userid not in map.adminIds:
return json_response(code=400)
if mapid not in adminAccount.adminMaps:
return json_response(code=400)
if adminAccount.key.integer_id() == map.creatorId:
return json_response(code=400)
map.adminIds.remove(userid)
adminAccount.adminMaps.remove(mapid)
map.put()
adminAccount.put()
return json_response(code=200)
def admin_add(mapId,email):
if request.method == 'POST':
logging.info("email="+email)
user = session['username']
uid = session['userId']
map = Map.get_by_id(mapId)
adminAccount = Account.query(Account.email == email).get()
if adminAccount == None:
return json_response(message="No Account with that email exists",code=400)
adminId = adminAccount.key.integer_id()
if adminId not in map.adminIds:
map.adminIds.append(adminId)
map.put()
if mapId not in adminAccount.adminMaps:
adminAccount.adminMaps.append(mapId)
adminAccount.put()
return '200'
def admin_add(mapId, email):
if request.method == 'POST':
logging.info("email=" + email)
user = session['username']
uid = session['userId']
map = Map.get_by_id(mapId)
adminAccount = Account.query(Account.email == email).get()
if adminAccount == None:
return json_response(message="No Account with that email exists",
code=400)
adminId = adminAccount.key.integer_id()
if adminId not in map.adminIds:
map.adminIds.append(adminId)
map.put()
if mapId not in adminAccount.adminMaps:
adminAccount.adminMaps.append(mapId)
adminAccount.put()
return '200'
def api_login():
logging.info("api_login Type " + request.method)
if request.method == 'POST':
name = request.args.get("name", "")
email = request.args.get("email", "")
logging.info("name " + name + " email " + email)
# once store token verified send a request for credential for gplus
access_token = request.args.get("storeToken", "")
gplus_id = request.args.get("id", "")
logging.info(access_token)
url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s" %
access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
query = Account.query(Account.email == email)
account = query.get()
if query.count() != 0:
logging.info("Account Already Exists")
key = account.key
return json_success({"uuid": key.integer_id()})
logging.info("first time logging in")
session['gplus_id'] = gplus_id
session['username'] = name
account = Account(name=name,
email=email,
gplusId=gplus_id,
accessToken=access_token,
loggedIn=True)
key = account.put()
session['userId'] = key.integer_id()
return json_success({"uuid": key.integer_id()})
if request.method == 'GET':
return page_not_found(404)
def login():
if request.method == 'POST':
name = request.args.get("name", "")
email = request.args.get("email", "")
logging.info("name " + name + " email " + email)
account = Account.query(Account.email == email).get()
#create a state string
state = ''
for x in xrange(32):
state += random.choice(string.ascii_uppercase + string.digits)
session['state'] = state
storeToken = request.args.get("storeToken", "")
#verify store token with google servers
try:
oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(storeToken)
except FlowExchangeError:
logging.info("error with Oauth")
return page_not_found(404)
# once store token verified send a request for credential for gplus
access_token = credentials.access_token
logging.info(access_token)
url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s" %
access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
gplus_id = credentials.id_token['sub']
stored_credentials = session.get('credentials')
stored_gplus_id = session.get('gplus_id')
if account is not None:
logging.info("User already logged in")
account = Account.query(Account.email == email).get()
account.loggedIn = True
account.put()
session['credentials'] = credentials
session['gplus_id'] = gplus_id
session['username'] = account.name
session['userId'] = account.key.integer_id()
session['loggedIn'] = True
else:
logging.info("first time logging in")
session['credentials'] = credentials
session['gplus_id'] = gplus_id
session['username'] = name
account = Account(name=name,
email=email,
gplusId=gplus_id,
accessToken=access_token,
loggedIn=True)
key = account.put()
session['userId'] = key.integer_id()
session['loggedIn'] = True
return '200'
if request.method == 'GET':
return page_not_found(404)
