def view_user(request): # TODO # Add in auth tokens (if exists) and access tokens (if exists) session = DBSession() matchdict = request.matchdict if (request.logged_in != int(matchdict["user_id"])): return HTTPForbidden(_("You are not allowed to view information about a user other than yourself.")) user = session.query(User).join(User.groups).join(Group.group_info).filter(User.id == matchdict["user_id"]).one() request_key_url = "" key = "" secret = "" token = "" token_secret = "" keySecret = ConsumerKeySecret.getByUserID(request.logged_in) if (keySecret): key = keySecret.consumer_key secret = keySecret.consumer_secret tokenData = Token.getTokenByConsumerID(keySecret.id) if (tokenData): token = tokenData.token token_secret = tokenData.token_secret else: request_key_url = route_url("api_request_key", request) return dict(username = user.username, homepage = user.homepage, title = _("Viewing ") + " " + user.username, key = key, secret = secret, token = token, token_secret = token_secret, request_key_url = request_key_url)
def api_access_token(request): session = DBSession() if (not request.logged_in): request.session.flash(_("You must be logged in.")) return HTTPFound(location = route_url("home", request)) consumer = ConsumerKeySecret.getByUserID(request.logged_in) if (not consumer): return HTTPFound(location = route_url("api_request_key", request)) token = Token.getByConsumerID(consumer.id) if (not token): request.session.flash(_("Attempt to retrieve an access token that does not belong to you.")) return HTTPFound(location = route_url("home", request)) return dict(title = _("Your token and token secret"), token = token.token, token_secret = token.token_secret)
def api_request_key(request): session = DBSession() if (not request.logged_in): request.session.flash(_("You must be registered and logged in to request a consumer key and secret.")) return HTTPForbidden(location = route_url("home", request)) keySecret = ConsumerKeySecret.getByUserID(request.logged_in) if (keySecret): key = keySecret.consumer_key secret = keySecret.consumer_secret else: # generate a consumer key and secret randomData = hashlib.sha1(str(random.random())).hexdigest() keySecret = ConsumerKeySecret() key = generateRandomKey() secret = generateRandomKey() keySecret.consumer_key = key keySecret.consumer_secret = secret keySecret.user_id = request.logged_in keySecret.setNormalStatus() session.add(keySecret) return dict(key = key, secret = secret, title = _("Fluid Nexus Key and Secret"))