def is_current_user_admin(cls, handler):
if u'user' in handler.session:
user = User.get(handler.session['user'])
role = Role.all().filter("name", "Administrator").get()
if user.key() in role.users:
return True
else:
return False
else:
return False
def post(self, request):
client_id = request.form["client_id"]
temp_token = request.form["temp_token"]
if request.session[client_id] != temp_token:
return Forbidden("Wrong client_id and temp_token")
user = User.get(username="******")
consumer = Consumer.get(client_id=client_id)
consumer.code = str(uuid4())
consumer.save()
ConsumerUser.get_or_create(consumer=consumer, user=user)
params = {"code": consumer.code}
return RedirectResponse("%s?%s" % (consumer.redirect_uri, urlencode(params)))
def by_password(self, client_id, client_secret, username, password):
try:
user = User.get(username=username, password=password)
print client_id, client_secret
consumer = Consumer.get(client_id=client_id, client_secret=client_secret)
ConsumerUser.get_or_create(consumer=consumer, user=user)
consumer.access_token = str(uuid4())
print consumer.access_token
consumer.save()
params = {"access_token": consumer.access_token}
return JsonResponse(params)
except DoesNotExist:
params = {"error": "Wrong parameters"}
return JsonResponse(params)
def get_current_user(cls, handler):
if 'user' in handler.session:
user = User.get(handler.session['user'])
return user
else:
return None
