def logged_in(self):
"""Returns true if a user is currently logged in, false otherwise."""
token = os.getenv('HTTP_AUTHORIZATION')
if token:
return UserToken.get('', 'bearer', token) is not None
else:
return self.auth.get_user_by_session() is not None
def get(self):
ageLimit = datetime.datetime.now() - datetime.timedelta(days=1)
targetTokensQuery = UserToken.query(UserToken.created < ageLimit)
targetTokens = targetTokensQuery.iter()
for targetToken in targetTokens:
targetToken.key.delete()
self.response.write(RESPONSE_OK)
def current_user(self):
"""Returns currently logged in user"""
token = os.getenv('HTTP_AUTHORIZATION')
if token:
user_token = UserToken.get('', 'bearer', token)
return self.auth.store.user_model.get_by_id(int(user_token.user))
user_dict = self.auth.get_user_by_session()
return self.auth.store.user_model.get_by_id(user_dict['user_id'])
def get_old_signup_tokens():
""" Return query with subject 'signup' """
expiredTokensQuery = UserToken.query(
UserToken.subject == 'signup', UserToken.created <=
(datetime.datetime.utcnow() - datetime.timedelta(days=2)))
expiredTokens = expiredTokensQuery.fetch(keys_only=True)
return expiredTokens
def get_old_auth_tokens():
""" Return query with subject 'auth' """
expiredTokensQuery = UserToken.query(
UserToken.subject == 'auth', UserToken.created <=
(datetime.datetime.utcnow() - datetime.timedelta(weeks=3)))
expiredTokens = expiredTokensQuery.fetch(keys_only=True)
return expiredTokens
def _auth_token(self, provider=None):
"""Used as a replacement to _auth_<provider>_callback to create a token
based login flow for mobiles.
"""
self.session['username'] = self.request.get('username')
cfg = self.PROVIDERS.get(provider, (None,))
meth = self._auth_method(cfg[0], 'callback')
# Get user profile data and their access token
user_data, auth_info = meth(provider, *cfg[-1:])
# The rest should be implemented by the actual app
user = self._login_user(user_data, auth_info, provider)
# Set token
user_data['token'] = UserToken.create(user.key.id(), 'bearer').token
return self.render_json(user_data)
def get(self):
# 'auth' Tokens expire after 3 months, 'bearer' after 1 year.
now = datetime.datetime.utcnow()
three_months_ago = now - datetime.timedelta(3 * (365/12))
one_year_ago = now - datetime.timedelta(365)
expired_tokens = UserToken.query(
ndb.OR(ndb.AND(UserToken.subject == 'auth',
UserToken.created <= three_months_ago),
ndb.AND(UserToken.subject == 'bearer',
UserToken.created <= one_year_ago))
)
while True:
logging.info('Deleting user tokens')
keys = expired_tokens.fetch(100, keys_only=True)
if len(keys) > 0:
ndb.delete_multi(keys)
else:
break
def get_all_signup_tokens():
""" Return query with subject 'signup' """
signupTokensQuery = UserToken.query(UserToken.subject == 'signup')
signupTokens = signupTokensQuery.fetch()
return signupTokens
def oauth2_token(self):
return UserToken.query(UserToken.user == self.key.id()).get().token
def get_old_signup_tokens():
""" Return query with subject 'signup' """
expiredTokensQuery = UserToken.query(UserToken.subject=='signup', UserToken.created <= (datetime.datetime.utcnow() - datetime.timedelta(days=2)))
expiredTokens = expiredTokensQuery.fetch(keys_only=True)
return expiredTokens
def get_all_signup_tokens():
""" Return query with subject 'signup' """
signupTokensQuery = UserToken.query(UserToken.subject=='signup')
signupTokens = signupTokensQuery.fetch()
return signupTokens
def deleteRecoveryToken(self, token):
UserToken.get(self.getId(), "recovery", token).key.delete()
def recoveryToken(self):
return UserToken.create(self.getId(), "recovery").token
def post(self):
self.response.headers['Content-Type'] = "application/json"
# Does e-mail already exist?
jsn = json.loads(self.request.body)
email = jsn['email']
password = jsn['password']
first_name = jsn['first_name']
last_name = jsn['last_name']
phone = jsn['phone']
query = User.query(User.email == email)
users = query.fetch()
if users:
msg = 'Unable to create user. Duplicate email: %s' % email
self.send_response(self.RESPONSE_CODE_400, msg, "")
return
# Create Stripe customer
stripe.api_key = utils.get_stripe_api_key()
stripe_customer = stripe.Customer.create()
stripe_customer_id = stripe_customer.id
# If stripe customer Id doesn't exist, set to None
if not stripe_customer_id:
stripe_customer_id = None
# Create a user
unique_properties = ['email']
user_data = self.user_model.create_user(email,
unique_properties,
email=email,
password_raw=password,
first_name=first_name,
last_name=last_name,
phone=phone)
#stripeCustomerId=stripe_customer_id
# If user was not created, probably a duplicate email
if not user_data[0]: # user_data is a tuple
msg = 'Unable to create user. Duplicate email: %s' % email
self.send_response(self.RESPONSE_CODE_400, msg, "")
return
# New user created. Get user at index 1
user = user_data[1]
user_dict = user.to_dict()
user_id = user.get_id()
token = UserToken.create(user_id, subject='auth', token=None)
user_dict['token'] = str(token.token)
user_dict['email'] = email
del user_dict['created']
del user_dict['updated']
print user_dict
self.send_response(self.RESPONSE_CODE_200, "User Signed Up", user_dict)
def post(self):
self.response.headers['Content-Type'] = "application/json"
# Does e-mail already exist?
jsn = json.loads(self.request.body)
email = jsn['email']
password = jsn['password']
first_name = jsn['first_name']
last_name = jsn['last_name']
phone = jsn['phone']
query = User.query(User.email == email)
users = query.fetch()
if users:
msg = 'Unable to create user. Duplicate email: %s' % email
self.send_response(self.RESPONSE_CODE_400, msg, "")
return
# Create Stripe customer
stripe.api_key = utils.get_stripe_api_key()
stripe_customer = stripe.Customer.create()
stripe_customer_id = stripe_customer.id
# If stripe customer Id doesn't exist, set to None
if not stripe_customer_id:
stripe_customer_id = None
# Create a user
unique_properties = ['email']
user_data = self.user_model.create_user(email,
unique_properties,
email=email,
password_raw=password,
first_name=first_name,
last_name=last_name,
phone=phone)
#stripeCustomerId=stripe_customer_id
# If user was not created, probably a duplicate email
if not user_data[0]: # user_data is a tuple
msg = 'Unable to create user. Duplicate email: %s' % email
self.send_response(self.RESPONSE_CODE_400, msg, "")
return
# New user created. Get user at index 1
user = user_data[1]
user_dict = user.to_dict()
user_id = user.get_id()
token = UserToken.create(user_id, subject='auth', token=None)
user_dict['token'] = str(token.token)
user_dict['email'] = email
del user_dict['created']
del user_dict['updated']
print user_dict
self.send_response(self.RESPONSE_CODE_200, "User Signed Up", user_dict)
def get_old_auth_tokens():
""" Return query with subject 'auth' """
expiredTokensQuery = UserToken.query(UserToken.subject=='auth', UserToken.created <= (datetime.datetime.utcnow() - datetime.timedelta(weeks=3)))
expiredTokens = expiredTokensQuery.fetch(keys_only=True)
return expiredTokens
def get(self):
query = UserToken.query()
query = query.filter(UserToken.updated < datetime.now() - timedelta(days=14))
auth_token_keys = map(lambda t: t.key, query.fetch())
ndb.delete_multi(auth_token_keys)
logging.info("Cleaned up %d auth tokens" % len(auth_token_keys))