def user_view(request): # ユーザー情報取得API if request.method == 'GET': try: user_id = int(request.GET['id']) except (MultiValueDictKeyError, ValueError): return json_response_bad_request() if not request.user.is_authenticated(): return json_response_forbidden() try: user = User.objects.get(pk=user_id) except User.DoesNotExist: # ID が不正だったら Not Found return json_response_not_found() user_info = user_to_dict(user) return json_response(context=dict(user=user_info))
def auth_view(request): try: key = request.GET['access_token_key'] secret = request.GET['access_token_secret'] except MultiValueDictKeyError: # bad request return json_response_bad_request() try: # get twitter account by key and secret tw_account = tw_util.get_vc(key, secret) except TypeError: # Error reason is not well known # sending dummy access token key/secret causes error return json_response_server_error() if tw_account == {}: # 正しいアクセストークンキー、シークレットでなかった場合 など return json_response_not_found() user_name = tw_account['id'] # get twitter icon URL and save icon image to local # 暫定的に認証時に毎回アイコンを取得 twicon = image_utils.get_img(tw_account['icon_url']) if twicon is None: relative_pathname = 'default_twicon' else: relative_pathname = os.path.join('twicon', str(user_name)) absolute_pathname = image_utils.build_media_absolute_pathname( relative_pathname) image_utils.save_bindata(absolute_pathname, twicon) icon_url = image_utils.build_media_absolute_url(request, relative_pathname) # 新規に作成されたユーザーも、登録済みだったユーザーも # どちらもパスワードとしてtemp_passwordを設定する temp_password = User.objects.make_random_password() try: # HQTP user exists user = User.objects.get(username=user_name) user.set_password(temp_password) user.save() created = False except User.DoesNotExist: # User has twitter account, but doesn't have HQTP account # create new user user = User.objects.create_user(username=user_name, email='', password=temp_password) profile = user.get_profile() profile.screen_name = tw_account['screen_name'] profile.name = tw_account['name'] profile.icon_url = icon_url profile.save() achieve.give_achievement('first_login', user) created = True auth_user = authenticate(username=user_name, password=temp_password) # セキュリティのために、パスワード認証ができないようにします # アクセストークンKEY、SECRETによる認証しか行いません auth_user.set_unusable_password() if auth_user.is_active: # Log in successful login(request, auth_user) user_info = user_to_dict(auth_user) else: # User is deleted return json_response_not_found() return json_response(context=dict(created=created, user=user_info))