def invalidate(self, access_token): """ Logout user """ from namespace_models.User import User user = User.objects(email=self.email_from_token(access_token)).first() if not user: return False AccessToken.objects(user=user).delete() return True
def logout(): access_token = from_params_or_json(request, 'access_token') try: User().logout(access_token=access_token) return {'logged_out': True} except OAuth2Error as e: message = dict(e.message) response.status = message.pop('status_code') return message
def unregister(): email = from_params_or_json(request, 'email') email = email if is_email(email) else '' password = from_params_or_json(request, 'password') try: User(email=email, password=password).unregister() except OAuth2Error: pass response.status = 204
def profile(email=None): if email: # TODO: RBAC here if email != AccessToken().email_from_token(from_params_or_json(request, 'access_token')): return error(response, 'access_denied', 'You cannot access another user\'s profile') else: email = AccessToken().email_from_token(from_params_or_json(request, 'access_token')) try: return {'user': User.objects(email=email).first().email} except (ValidationError, NotUniqueError) as e: return error(response, 'server_error', e.message) except OAuth2Error as e: message = dict(e.message) response.status = message.pop('status_code') return message
def login(email=None, password=None, grant_type=None): email = from_params_or_json(request, 'email') or email email = email if is_email(email) else '' password = from_params_or_json(request, 'password') or password grant_type = from_params_or_json(request, 'grant_type') or grant_type try: if email and password and grant_type == 'password': login_resp = User(email=email, password=password).login() if login_resp and 'access_token' in login_resp: return login_resp return error(response, 'server_error', "Login failed") else: return error(response, 'invalid_request', "`email`, `password` and `grant_type='password'` required") except OAuth2Error as e: message = dict(e.message) response.status = message.pop('status_code') return message
def register(email=None, password=None): email = from_params_or_json(request, 'email') or email email = email if is_email(email) else '' password = from_params_or_json(request, 'password') or password if not email or not password: return error(response, 'invalid_request', "`email` and `password` required") try: registered = User(email=email, password=password).register() if registered: tok = AccessToken(user=registered).generate() return {'access_token': tok.token, 'expires_in': randint(0, 200)} except NotUniqueError: return error(response, 'access_denied', "Email already registered") except ValidationError as e: return error(response, 'invalid_request', e.message) except OAuth2Error as e: message = dict(e.message) response.status = message.pop('status_code') return message return error(response, 'server_error', "Registration failed")
def token_from_email(email): """ Returns the last generated access_token, else None """ from namespace_models.User import User return AccessToken.objects(user=User.objects(email=email).first()).first()