예제 #1
0
    def post(self, ar, grant=None, character=None):
        from brave.core.character.model import EVECharacter
        from brave.core.application.model import ApplicationGrant

        ar = self.ar(ar)
        u = user._current_obj()

        if not grant:
            # Deny access.
            ar.user = u
            ar.grant = None
            ar.expires = datetime.utcnow() + timedelta(
                minutes=10)  # extend to allow time for verification
            ar.save()

            target = URL(ar.failure)
            target.query.update(dict(token=str(ar.id)))

            return 'json:', dict(success=True, location=str(target))

        try:
            character = EVECharacter.objects.get(owner=u, id=character)
        except EVECharacter.DoesNotExist:
            return 'json:', dict(success=False,
                                 message="Unknown character ID.")
        except:
            log.exception("Error loading character.")
            return 'json:', dict(success=False,
                                 message="Error loading character.")

        # TODO: Non-zero grants.
        grant = ApplicationGrant(user=u,
                                 application=ar.application,
                                 mask=0,
                                 expires=datetime.utcnow() +
                                 timedelta(days=30),
                                 character=character)
        grant.save()

        ar.user = u
        ar.grant = grant
        ar.expires = datetime.utcnow() + timedelta(
            minutes=10)  # extend to allow time for verification
        ar.save()

        target = URL(ar.success)
        target.query.update(dict(token=str(grant.id)))
        return 'json:', dict(success=True, location=str(target))
예제 #2
0
    def get(self, ar):
        from brave.core.application.model import ApplicationGrant

        ar = self.ar(ar)
        u = user._current_obj()
        grant = ApplicationGrant.objects(user=u,
                                         application=ar.application).first()

        if not grant:
            # TODO: We need a 'just logged in' flag in the request.

            characters = list(u.characters.order_by('name').all())
            if len(characters):
                default = u.primary or characters[0]
            else:
                return (
                    'brave.core.template.authorize',
                    dict(
                        success=False,
                        message=
                        _("This application requires that you have a character connected to your"
                          " account. Please <a href=\"/key/\">add an API key</a> to your account."
                          ),
                        ar=ar))
            return 'brave.core.template.authorize', dict(success=True,
                                                         ar=ar,
                                                         characters=characters,
                                                         default=default)

        ngrant = ApplicationGrant(user=u,
                                  application=ar.application,
                                  mask=grant.mask,
                                  expires=datetime.utcnow() +
                                  timedelta(days=30),
                                  character=grant.character)
        ngrant.save()

        ar.user = u
        ar.grant = ngrant
        ar.expires = datetime.utcnow() + timedelta(
            minutes=10)  # extend to allow time for verification
        ar.save()

        r = grant.delete()

        target = URL(ar.success)
        target.query.update(dict(token=str(ngrant.id)))
        raise HTTPFound(location=str(target))