def gconnect():
code = request.data
try:
# Upgrade the authorization code into a credentials object
oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='')
oauth_flow.redirect_uri = 'postmessage'
credentials = oauth_flow.step2_exchange(code)
except FlowExchangeError:
return error_message(401, "Failed to upgrade the authorization code.")
# Check if the access token is valid
access_token = credentials.access_token
url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' %
access_token)
h = httplib2.Http()
result = json.loads(h.request(url, 'GET')[1])
# If there was an error in the access token info, abort
if result.get('error') is not None:
return error_message(500, result.get('error'))
# Verify that the access token is used for the intended user.
gplus_id = credentials.id_token['sub']
if result['user_id'] != gplus_id:
return error_message(401,
"Token's user ID doesn't match give user ID.")
# Verify that the access token is valid for this app.
if result['issued_to'] != CLIENT_ID:
return error_message(401, "Token's client ID does not match app's.")
# Get user info
userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"
params = {'access_token': credentials.access_token, 'alt': 'json'}
answer = requests.get(userinfo_url, params=params)
data = answer.json()
name = data["name"]
picture = data["picture"]
email = data["email"]
user = session.query(User).filter_by(email=email).first()
if not user:
user = User(username=name, picture=picture, email=email)
session.add(user)
session.commit()
# Make token
token = user.generate_auth_token(600)
return data_message(200, {'token': token.decode('ascii')},
"Successfully generated token."), 200
def edit_category(category_id):
try:
category = session.query(Category).filter_by(id=category_id).one()
except:
return error_message(404, "Cannot update: Category not found.")
name = request.form.get('name')
if name:
category.name = name
session.add(category)
session.commit()
else:
return error_message(400, "Course name is required.")
return data_message(200, {"Category": category.serialize},
"Successfully updated the category.")
def get_course_by_id(category_id, course_id):
try:
course = session.query(Course).filter_by(
id=course_id, category_id=category_id).one()
except:
return error_message(404, "Course not found.")
return data_message(200, {"Course": course.serialize},
"Successfully returned the selected course.")
def delete_course(category_id, course_id):
try:
course = session.query(Course).filter_by(
id=course_id, category_id=category_id).one()
except:
return error_message(404, "Cannot delete: Course not found.")
session.delete(course)
session.commit()
return data_message(200, None, "Course was successfully deleted.")
def delete_category(category_id):
try:
category = session.query(Category).filter_by(id=category_id).one()
except:
return error_message(404, "Cannot delete: Category not found.")
session.query(Course).filter_by(category_id=category_id).delete()
session.delete(category)
session.commit()
return data_message(200, None,
"Category and sub-courses was successfully deleted.")
def add_category():
name = request.form.get('name')
if name:
category = Category(name=name)
session.add(category)
session.commit()
else:
return error_message(400, "Course name is required.")
return data_message(200, {"Category": category.serialize},
"Successfully added a category.")
def add_course(category_id):
try:
category = session.query(Category).filter_by(id=category_id).one()
except:
return error_message(
404, "Cannot add new course to this category: Category not found.")
name = request.form.get('name')
if name:
course = Course(name=name,
description=request.form.get('description'),
img_url=request.form.get('img-url'),
intro_video_url=request.form.get('intro-video-url'),
category_id=category.id)
session.add(course)
session.commit()
else:
return error_message(400, "Course name is required.")
return data_message(200, {"Course": course.serialize},
"Successfully added a course.")
def get_courses_by_category_id(category_id):
try:
category = session.query(Category).filter_by(id=category_id).one()
except:
return error_message(404, "Category not found.")
courses = session.query(Course).filter_by(category_id=category_id).all()
return data_message(
200, {
"Category": category.serialize,
"Courses": [c.serialize for c in courses]
}, "Successfully returned all courses by given category.")
def edit_course(category_id, course_id):
try:
course = session.query(Course).filter_by(
id=course_id, category_id=category_id).one()
except:
return error_message(404, "Cannot update: Course not found.")
if request.form.get(
'name'
): # if 'name' is a non-empty value then update else keep current value
course.name = request.form('name')
course.description = request.form.get('description')
course.img_url = request.form.get('img-url')
course.intro_video_url = request.form.get('intro-video-url')
session.add(course)
session.commit()
return data_message(200, {"Course": course.serialize},
"Successfully updated the course.")