def actor_twitter_callback(request):
logging.info("Callback URL")
redirect_to = memcache.client.get('redirect_to')
memcache.client.delete('redirect_to')
view = user.get_user_from_cookie_or_legacy_auth(request)
if view is not None:
if view.extra.get('twitter_access_token') is None:
twitter_user, token = util_externals.twitter_user()
logging.info("Creating external profile after creates a token")
ep_ref = api.create_external_profile(view.nick,
'twitter',
twitter_user.screen_name,
str(twitter_user.id),
'http://twitter.com/%s'%twitter_user.screen_name)
view.extra['twitter_access_token'] = token
view.put()
if not redirect_to == 'autoclose':
response = util.RedirectFlash(redirect_to,
'Oauth authentication success')
return response
c = template.RequestContext(request, locals())
t = loader.get_template('actor/templates/twitter_callback.html')
return http.HttpResponse(t.render(c))
def api_authorize(request):
"""
checks on the request token provided or ask the user enter one
allows the user to authorize this
if consumer style is web and a callback is provided redirect to it
otherwise suggest that the user notify their application that authorization
has completed
"""
redirect = urllib.quote(request.get_full_path())
view = user.get_user_from_cookie_or_legacy_auth(request)
if view is None:
logging.info("Redirect: %s " % redirect)
return http.HttpResponseRedirect("/login?redirect_to=%s" % redirect)
oauth_token = request.REQUEST.get('oauth_token', None)
if not oauth_token:
# please enter token page
pass
oauth_token_ref = api.oauth_get_request_token(api.ROOT, oauth_token)
if not oauth_token_ref:
raise Exception("bad token")
oauth_consumer_ref = api.oauth_get_consumer(api.ROOT,
oauth_token_ref.consumer)
if not oauth_consumer_ref:
raise Exception("bad consumer")
if "active" != oauth_consumer_ref.status:
raise Exception("inactive consumer")
perms = request.REQUEST.get('perms', 'read')
if request.POST:
# we posted to this page to authorize
# TODO verify nonce
validate.nonce(request, "authorize_token")
api.oauth_authorize_request_token(api.ROOT, oauth_token_ref.key_,
actor=request.user.nick, perms=perms)
oauth_callback = request.POST.get("oauth_callback", None)
if oauth_consumer_ref.type == "web":
if oauth_callback:
return http.HttpResponseRedirect(oauth_callback)
elif oauth_consumer_ref.callback_url is not None:
return http.HttpResponseRedirect(oauth_consumer_ref.callback_url)
c = template.RequestContext(request, locals())
t = loader.get_template('api/templates/authorized.html')
return http.HttpResponse(t.render(c))
perms_pretty = {'read': 'view',
'write': 'view and update',
'delete': 'view, update and delete'}[perms]
c = template.RequestContext(request, locals())
t = loader.get_template('api/templates/authorize.html')
return http.HttpResponse(t.render(c))
def login_login(request):
redirect_to = request.REQUEST.get('redirect_to', '/')
redirect_to = clean.redirect_to(redirect_to)
if request.POST:
try:
login = request.POST.get('log', None)
password = request.POST.get('pwd', None)
rememberme = request.POST.get('rememberme', None)
# TODO validate
current_user = user.lookup_user_by_login(login, password)
if current_user:
if redirect_to == '/':
redirect_to = current_user.url('/overview')
# Attempt to do some cleanup on the user if necessary
api.user_cleanup(api.ROOT, current_user.nick)
# if we aren't hosted or aren't ssl just set the cookie and go home
if (not settings.HOSTED_DOMAIN_ENABLED
or not settings.SSL_LOGIN_ENABLED):
response = http.HttpResponseRedirect(redirect_to)
response = user.set_user_cookie(response, current_user, rememberme)
return response
# otherwise, we're going to have to redirect to set the cookie on
# the proper domain
sso_token = util.generate_uuid()
cache.set('sso/%s' % sso_token, (current_user.nick, rememberme), timeout=10)
sso_url = 'http://%s/login/noreally' % (settings.DOMAIN)
sso_url = util.qsa(
sso_url, {'redirect_to': redirect_to, 'sso_token': sso_token})
return http.HttpResponseRedirect(sso_url)
else:
raise exception.ValidationError("Invalid username or password")
except:
exception.handle_exception(request)
view =user.get_user_from_cookie_or_legacy_auth(request)
area="login"
if view:
if redirect_to == '/':
redirect_to = request.user.url('/overview')
return http.HttpResponseRedirect(redirect_to)
c = template.RequestContext(request, locals())
t = loader.get_template('login/templates/login.html')
return http.HttpResponse(t.render(c))
def actor_twitter_auth(request):
# Getting the access token
view = user.get_user_from_cookie_or_legacy_auth(request)
access_token = None
if view is not None:
access_token = view.extra.get('twitter_access_token', None)
redirect_to = request.GET.get('redirect_to', '/')
if access_token is not None:
if redirect_to == 'autoclose':
memcache.client.set('redirect_to', redirect_to, 600)
return http.HttpResponseRedirect('/twitter/callback')
return http.HttpResponseRedirect(redirect_to)
try:
authorization_url = twitter.get_authorization_url(redirect_to)
except:
response = util.RedirectFlash(redirect_to, 'We can not connect to twitter')
return response
return http.HttpResponseRedirect(authorization_url)
