def connect_users(request): payload = {} logging.info(request.POST) fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET) fb.session_key = request.POST['fb_sig_session_key'] user_info_response = fb.users.getInfo([request.POST['fb_sig_user']], ['email_hashes', 'first_name', 'last_name']) logging.info(user_info_response) for hash in user_info_response[0]['email_hashes']: user = User.all().filter('email_hash = ', hash).get() user.facebook_id = int(request.POST['fb_sig_user']) user.put() return render("standardpage.html", payload, request)
def connect_users(request): #<QueryDict: {u'fb_sig_time': [u'1230351016.3299'], # u'fb_sig_authorize': [u'1'], # u'fb_sig_locale': [u'en_US'], # u'fb_sig_session_key': [u'2.oYf3yaL9PnROgLyp5cBg9A__.86400.1230440400-1144902201'], # u'fb_sig_in_new_facebook': [u'1'], # u'fb_sig_profile_update_time': [u'0'], # u'fb_sig_user': [u'1144902201'], # u'fb_sig_expires': [u'1230440400'], # u'fb_sig': [u'807f94cba0b3a26f359cd5a7c16cdcd6'], # u'fb_sig_api_key': [u'9669d802ca3cdcc15172ccd7b4636646'], # u'fb_sig_added': [u'1']}> payload = {} logging.info(request.POST) fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET) fb.session_key = request.POST['fb_sig_session_key'] user_info_response = fb.users.getInfo([request.POST['fb_sig_user']], ['email_hashes', 'first_name', 'last_name']) logging.info(user_info_response) for hash in user_info_response[0]['email_hashes']: user = User.all().filter('email_hash = ', hash).get() user.facebook_id = int(request.POST['fb_sig_user']) user.put() return render("standardpage.html", payload, request)
def process_request(self, request): try: # Set the facebook message to empty. This message can be used to dispaly info from the middleware on a Web page. request.facebook_message = None # Don't bother trying FB Connect login if the user is already logged in if not request.user.is_authenticated(): # FB Connect will set a cookie with a key == FB App API Key if the user has been authenticated if API_KEY in request.COOKIES: fb = Facebook(API_KEY, API_SECRET) if(fb.validate_cookie_signature(request.COOKIES)): # If session hasn't expired if(datetime.fromtimestamp(float(request.COOKIES[API_KEY+'_expires'])) > datetime.now()): # Try to get Django account corresponding to friend # Authenticate then login (or display disabled error message) user = authenticate(facebook_id=request.COOKIES[API_KEY + '_user']) logging.info(user) if user is not None: if user.is_active: login(request, user) self.facebook_user_is_authenticated = True else: request.facebook_message = ACCOUNT_DISABLED_ERROR self.delete_fb_cookies = True else: django_user = User.get_by_key_name("userfb%s" % request.COOKIES[API_KEY + '_user']) if not django_user: # There is no Django account for this Facebook user. # Create one, then log the user in. fb.session_key = request.COOKIES[API_KEY + '_session_key'] user_info_response = fb.users.getInfo([request.COOKIES[API_KEY + '_user']], ['first_name', 'last_name']) # Create user user = User(key_name="userfb%s" % request.COOKIES[API_KEY + '_user'], username = "******" % (user_info_response[0]['first_name'], user_info_response[0]['last_name']), email= '*****@*****.**' % request.COOKIES[API_KEY + '_user']) user.set_password(md5.new(request.COOKIES[API_KEY + '_user'] + settings.SECRET_KEY).hexdigest()) user.is_active = True user.facebook_id = int(request.COOKIES[API_KEY + '_user']) user.put() # Authenticate and log in (or display disabled error message) user = authenticate(username='******' % request.COOKIES[API_KEY + '_user'], password=md5.new(request.COOKIES[API_KEY + '_user'] + settings.SECRET_KEY).hexdigest()) logging.info("ROUND2") if user is not None: if user.is_active: login(request, user) self.facebook_user_is_authenticated = True else: request.facebook_message = ACCOUNT_DISABLED_ERROR self.delete_fb_cookies = True else: request.facebook_message = ACCOUNT_PROBLEM_ERROR self.delete_fb_cookies = True else: request.facebook_message = ACCOUNT_PROBLEM_ERROR self.delete_fb_cookies = True # Cookie session expired else: logout(request) self.delete_fb_cookies = True # Cookie values don't match hash else: logout(request) self.delete_fb_cookies = True # Logged in else: # If FB Connect user if API_KEY in request.COOKIES: # IP hash cookie set if 'fb_ip' in request.COOKIES: try: real_ip = request.META['HTTP_X_FORWARDED_FOR'] except KeyError: real_ip = request.META['REMOTE_ADDR'] # If IP hash cookie is NOT correct if request.COOKIES['fb_ip'] != md5.new(real_ip + API_SECRET + settings.SECRET_KEY).hexdigest(): logout(request) self.delete_fb_cookies = True # FB Connect user without hash cookie set else: logout(request) self.delete_fb_cookies = True # Something else happened. Make sure user doesn't have site access until problem is fixed. except: request.facebook_message = PROBLEM_ERROR logout(request) self.delete_fb_cookies = True