def get_google_login_url(self,
oauth_redirect_uri=None,
redirect_to_after_oauth=None):
if not oauth_redirect_uri:
oauth_redirect_uri = '%s%s' % (
'http://localhost:9095' if self.request.host.startswith(
'localhost') else self.request.host_url.replace(
'http://', 'https://'), '/_/auth/oauth2_callback')
if not redirect_to_after_oauth:
redirect_to_after_oauth = 'http://localhost:5007' if self.request.host.startswith(
'localhost') else '/'
self.session['redirect_to_after_oauth'] = str(redirect_to_after_oauth)
# http://oauth2client.readthedocs.io/en/latest/source/oauth2client.client.html
flow = flow_from_clientsecrets(
get_path_to_oauth_secrets(),
scope='https://www.googleapis.com/auth/userinfo.email',
redirect_uri=oauth_redirect_uri)
self.session['pickled_oauth_flow'] = pickle.dumps(flow)
self.session['oauth_state'] = utils.generate_secret(32)
try:
return str(
flow.step1_get_authorize_url(
state=self.session['oauth_state']))
except TypeError:
# TODO: Fix breakage only appearing in tests.
return str(flow.step1_get_authorize_url())
def dispatch(self):
if self.request.host == 'dev.trot.to':
if not users.get_current_user():
self.redirect(users.create_login_url('/'))
return
elif not users.is_current_user_admin():
self.abort(403)
self.is_local_env = not os.getenv('SERVER_SOFTWARE',
'').startswith('Google App Engine/')
# Get a session store for this request.
self.session_store = sessions.get_store(request=self.request)
self.login_error = None
self.user_email = None
self.user = None
if not self.user_email:
self.user_email = self.session.get('user_email')
self.user_org = get_organization_id_for_email(
self.user_email) if self.user_email else None
if not self.user_email:
self.attempt_auth_by_emailed_link()
if not self.user_email and env.current_env_is_local():
self.attempt_auth_by_user_header()
self.session['already_accepted_terms'] = False
if self.user_email:
self.user = get_or_create_user(self.user_email, self.user_org)
self.session[
'already_accepted_terms'] = not not self.user.accepted_terms_at
if not self.session.get('csrf_token'):
self.session['csrf_token'] = utils.generate_secret(32)
try:
self.redirect_to = None
self.check_authorization()
if self.redirect_to:
self.response.write(
json.dumps({'redirect_to': self.redirect_to}))
return
# Dispatch the request.
webapp2.RequestHandler.dispatch(self)
finally:
# Save all sessions, IFF secure connection
if self.request.scheme == 'https' or self.is_local_env:
self.session_store.save_sessions(self.response)
def send_login_email(request_source_url, email):
if not validate_email(email):
raise LoginEmailException('Please provide a valid email address')
email_login_link_object = models.EmailLoginLink(
email=email, secret=utils.generate_secret(32))
email_login_link_object.put()
html_template = JINJA_ENVIRONMENT.get_template(
'auth/login_link_email.html')
txt_template = JINJA_ENVIRONMENT.get_template('auth/login_link_email.txt')
if '/play_queued_request' in request_source_url:
emailed_url = request_source_url
else:
scheme, remainder = request_source_url.split('://')
emailed_url = '%s://%s/_/auth/email_callback' % (
scheme, remainder.split('/')[0])
login_url = '%s?%s' % (emailed_url,
urllib.urlencode({
'e': email,
's': email_login_link_object.secret
}))
html = html_template.render({'login_url': login_url})
text = txt_template.render({'login_url': login_url})
email_data = {
'recipient_email': email,
'subject': 'Log in to Trotto',
'plaintext': text,
'html': html
}
deferred.defer(email_helper.send_email, email_data)
os.path.join(os.path.dirname(os.path.realpath(__file__)),
'src/config/client_secrets.json')):
print(
'\nTo deploy to App Engine, you must include a src/config/client_secrets.json. For guidance, see'
' https://github.com/trotto/go-links#obtain-oauth-client-credentials.'
)
sys.exit(1)
if __name__ == "__main__":
secrets = get_secrets(False) or {}
if 'sessions_secret' not in secrets:
user_input = raw_input(
"You don't yet have a sessions secret, so one will be created for you and stored"
" in src/config/secrets.yaml. Be sure to store this secret somewhere safe."
" Hit Enter to continue. ")
print('\n')
secrets['sessions_secret'] = generate_secret(64)
if 'app_id' not in secrets:
secrets['app_id'] = raw_input("What's your App Engine app ID? ")
_write_secrets(secrets)
_check_for_client_secrets()
os.environ['TROTTO_APP_ID'] = secrets['app_id']