'is_active': True, 'is_superuser': False, 'password': password } user = User(**user_defaults) if user: user.save() # Get/Create the user profile try: profile = user.get_profile() except: profile = Profile(git_access_token=token, user=user, meta=resp.content) # update meta information and token profile.git_access_token = token profile.meta = resp.content profile.save() # Create settings for user try: user_settings = Setting.objects.get(user=user) except: user_settings = None if not user_settings: s = Setting()
"username": github_user["login"], "is_active": True, "is_superuser": False, "password": password, } user = User(**user_defaults) if user: user.save() # Get/Create the user profile try: profile = user.get_profile() except: profile = Profile(git_access_token=token, user=user, meta=resp.content) # update meta information and token profile.git_access_token = token profile.meta = resp.content profile.save() # Create settings for user try: user_settings = Setting.objects.get(user=user) except: user_settings = None if not user_settings: s = Setting() s.user = user
def signin_callback(request, slug=None, template_name="base.html"): """Callback from Github OAuth""" user = None url = 'https://github.com/login/oauth/access_token' # Just request user setup locally if debug to prevent using the token # that was faked out user_url = 'https://api.github.com/users/%s' % (GITHUB_USER) if DEBUG: url = 'http://localhost:9000/access_token/' code = request.GET['code'] resp = requests.post(url=url, data={ 'client_id': GITHUB_CLIENT_ID, 'client_secret': '2b40ac4251871e09441eb4147cbd5575be48bde9', 'code': code}) _validate_github_response(resp) # FIXME: Awful parsing w/ lots of assumptions # String looks like this currently # access_token=1c21852a9f19b685d6f67f4409b5b4980a0c9d4f&token_type=bearer token = resp.content.split('&')[0].split('=')[1] if not DEBUG: # Use token to request logged in user when running normally user_url = 'https://api.github.com/user?access_token=%s' % (token) resp = requests.get(user_url) # FIXME: Handle error _validate_github_response(resp) github_user = simplejson.loads(resp.content) try: user = User.objects.get(username=github_user['login']) except: password = User.objects.make_random_password() user_defaults = { 'username': github_user['login'], 'is_active': True, 'is_superuser': False, 'password': password} user = User(**user_defaults) if user: user.save() try: profile = user.get_profile() except: profile = Profile(git_access_token=token, user=user, meta=resp.content) profile.git_access_token = token profile.save() # Fake auth b/c github already verified them and we aren't using our # own #passwords...yet? user.auto_login = True user = authenticate(user=user) login(request, user) return redirect(reverse('post_list', args=[user.username]))