def by_code(self, client_id, client_secret, code):
try:
consumer = Consumer.get(client_id=client_id, client_secret=client_secret, code=code)
consumer.access_token = str(uuid4())
consumer.save()
params = {"access_token": consumer.access_token}
return JsonResponse(params)
except DoesNotExist:
params = {"error": "Wrong parameters"}
return JsonResponse(params)
def on_enter(self, call):
request = call.args[1]
if not self.token_name in request.args:
return Forbidden("You should pass %s in request args" % self.token_name)
token = request.args[self.token_name]
kwargs = {self.token_name: token}
try:
request.consumer = Consumer.get(**kwargs)
except DoesNotExist:
return Forbidden("Wrong client_id")
def post(self, request):
client_id = request.form["client_id"]
temp_token = request.form["temp_token"]
if request.session[client_id] != temp_token:
return Forbidden("Wrong client_id and temp_token")
user = User.get(username="******")
consumer = Consumer.get(client_id=client_id)
consumer.code = str(uuid4())
consumer.save()
ConsumerUser.get_or_create(consumer=consumer, user=user)
params = {"code": consumer.code}
return RedirectResponse("%s?%s" % (consumer.redirect_uri, urlencode(params)))
def by_password(self, client_id, client_secret, username, password):
try:
user = User.get(username=username, password=password)
print client_id, client_secret
consumer = Consumer.get(client_id=client_id, client_secret=client_secret)
ConsumerUser.get_or_create(consumer=consumer, user=user)
consumer.access_token = str(uuid4())
print consumer.access_token
consumer.save()
params = {"access_token": consumer.access_token}
return JsonResponse(params)
except DoesNotExist:
params = {"error": "Wrong parameters"}
return JsonResponse(params)
def application_after_load(self, application):
Consumer.drop_table(fail_silently=True)
Consumer.create_table()
User.drop_table(fail_silently=True)
User.create_table()
ConsumerUser.drop_table(fail_silently=True)
ConsumerUser.create_table()
user1 = User.create(username="******", password=self.hash_password("s"))
user2 = User.create(username="******", password=self.hash_password("b"))
consumer1 = Consumer.create(name="app1", client_id="1", client_secret=str(uuid4()), access_token="a1")
consumer2 = Consumer.create(name="app2", client_id="2", client_secret="secret2", redirect_uri="http://localhost:8080/auth_usage/end")
consumer3 = Consumer.create(name="app3", client_id="3", client_secret="secret3")
ConsumerUser.create(consumer=consumer1, user=user1)
print "app loaded"
def get(self, request):
consumer = Consumer.get(client_id=request.args["client_id"])
temp_token = str(uuid4())
request.session[consumer.client_id] = temp_token
return TemplateResponse("user_auth.html", {"consumer": consumer, "temp_token": temp_token})