from database_setup import Base, User, Phylum, Class, Order, Family, Genus, Species, PhylumClass, ClassOrder, OrderFamily, FamilyGenus, GenusSpecies engine = create_engine('sqlite:///fungusamongus.db') Base.metadata.bind = engine DBSession = sessionmaker(bind=engine) session = DBSession() # Load Admin User session.query(User).delete() session.commit() admin = User() admin.user_id = 1 admin.user_name = 'admin' admin.user_email = '*****@*****.**' session.add(admin) session.commit() # Load Phylum session.query(Phylum).delete() session.commit() phylums = open('phylum.json') phylum_data = json.load(phylums) for phylum in phylum_data: phylum_entry = Phylum() phylum_entry.phylum_name = phylum['PhylumName'] phylum_entry.phylum_image = phylum['PhylumImage'] phylum_entry.phylum_description = phylum['PhylumSummary'] phylum_entry.created_by = 1
def gconnect(): """ Validate token """ if request.args.get('state') != login_session['state']: response = make_response(json.dumps('Invalid state parameter.'), 401) response.headers['Content-Type'] = 'application/json' return response # Obtain authorization code code = request.data try: # Upgrade the authorization code into a credentials object oauth_flow = flow_from_clientsecrets('client_secret.json', scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(code) except FlowExchangeError: response = make_response( json.dumps('Failed to upgrade the authorization code.'), 401) response.headers['Content-Type'] = 'application/json' return response # Check that the access token is valid. access_token = credentials.access_token url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' % access_token) http_var = httplib2.Http() result = json.loads(http_var.request(url, 'GET')[1]) # If there was an error in the access token info, abort. if result.get('error') is not None: response = make_response(json.dumps(result.get('error')), 500) response.headers['Content-Type'] = 'application/json' return response # Verify that the access token is used for the intended user. gplus_id = credentials.id_token['sub'] if result['user_id'] != gplus_id: response = make_response( json.dumps("Token's user ID doesn't match given user ID."), 401) response.headers['Content-Type'] = 'application/json' return response # Verify that the access token is valid for this app. if result['issued_to'] != CLIENT_ID: response = make_response( json.dumps("Token's client ID does not match app's."), 401) print "Token's client ID does not match app's." response.headers['Content-Type'] = 'application/json' return response stored_credentials = login_session.get('credentials') stored_gplus_id = login_session.get('gplus_id') if stored_credentials is not None and gplus_id == stored_gplus_id: response = make_response( json.dumps('Current user is already connected.'), 200) response.headers['Content-Type'] = 'application/json' return response # Store the access token in the session for later use. login_session['access_token'] = credentials.access_token login_session['gplus_id'] = gplus_id # Get user info userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo" params = {'access_token': credentials.access_token, 'alt': 'json'} answer = requests.get(userinfo_url, params=params) data = answer.json() login_session['username'] = data['name'] login_session['picture'] = data['picture'] login_session['email'] = data['email'] # see if user exists, if it doesn't make a new one email = data['email'] if email: user = get_user_by_email_provider(email, "Google") if user is None: user = User() user.user_name = data['name'] user.user_email = email user.user_picture = data['picture'] user.user_provider = "Google" user.user_id = insert_user(user) login_session['user_id'] = user.user_id else: login_session['user_id'] = user.user_id output = 'Successful' return output