def _on_auth(self, twit_user): if not twit_user: raise tornado.web.HTTPError(500, "Twitter auth failed") # map the twitter data to stuff we use email = u'' prettyname = twit_user['name'] auth_supplier = 'twitter' auth_uid = twit_user['username'] username = twit_user['username'] # TODO: the rest of this could be shared between handlers... next = self.get_argument("next", None) user = self.session.query(UserAccount).filter_by( auth_supplier=auth_supplier, auth_uid=auth_uid).first() if user is None: # new user username = UserAccount.calc_unique_username(self.session, username) user = UserAccount(username=username, prettyname=prettyname, email=email, auth_supplier=auth_supplier, auth_uid=auth_uid) self.session.add(user) self.session.commit() if next is not None: next = '/welcome?' + urllib.urlencode({'next': next}) else: next = '/welcome' self.set_secure_cookie("user", unicode(user.id)) if next is None: next = '/' self.redirect(next)
def get(self, tok_name): tok_ok = False tok = self.session.query(Token).filter(Token.name==tok_name).first() if tok: if datetime.datetime.utcnow() < tok.expires: tok_ok = True if not tok_ok: raise tornado.web.HTTPError(404, "This link has been used already, or has expired") payload = tok.get_payload_as_dict() if payload['op'] == 'register': landing_url = '/welcome' if 'next' in payload: # let the welcome page know where user is intending to go landing_url += '?' + urllib.urlencode({'next': payload['next']}) email = payload['email'] # user already created? user = self.session.query(UserAccount).filter(UserAccount.email==email).first() if user is not None: # yes - just log them in self.set_secure_cookie("user", unicode(user.id)) self.redirect(landing_url) return hashed_password = payload['hashed_password'] # default username derived from email address username = email.split("@")[0].lower() username = UserAccount.calc_unique_username(self.session, username) user = UserAccount(username=username, email=email, hashed_password=hashed_password) self.session.add(user) # self.session.delete(tok) self.session.commit() # log them in self.set_secure_cookie("user", unicode(user.id)) self.redirect(landing_url) return elif payload['op'] == 'login': user_id = payload['user_id'] next = payload.get('next','/') self.set_secure_cookie("user", unicode(user_id)) self.redirect(next) return raise tornado.web.HTTPError(404)
def get_anon_user(self): """ get or create an anonymous (non-logged-in) user """ anon_user = self.session.query(UserAccount).filter_by( anonymous=True).first() if anon_user is None: # no anon user - create one (this should probably be in app startup, # but likely we'll start supporting on-the-fly anon users tied to IP # address or something... so may as well all be in here. username = UserAccount.calc_unique_username(self.session, u'anon') anon_user = UserAccount(username=username, prettyname=u"Anonymous", anonymous=True) return anon_user