def process_request(self, request):
# Check to see if this is the login/logout page, if so just return.
if '/accounts/login/' in request.path or '/accounts/logout/' in request.path:
return
# TODO: Only do oauth token stuff when the url is an API url
if 'token' in request.COOKIES:
# Get the encrypted access token data, fix any equal sign encoding.
enc = request.COOKIES['token'].replace('%3D', '=').encode('UTF-8')
# Decrypt the access token data
token = decrypt_access_token(enc)
# Check for a valid oauth token.
if token is not None and 'access_token' in token:
# Check to see if access token is not valid.
if not is_access_token_valid(token):
# TODO: Figure out when we should *not* just refresh the token.
# Try to refresh the token.
token = refresh_access_token(token)
# If we have a good refreshed token, update the cookies.
if 'access_token' in token:
# Encrypt the new token
enc = encrypt_access_token(token)
# Set the token into the request object
cookies = request.COOKIES.copy()
cookies['token'] = enc.decode('UTF-8')
cookies['token-update'] = "1"
request.COOKIES = cookies.copy()
else:
# Refresh token failed
return HttpResponseRedirect('/accounts/logout/')
# Create the Authorization header with the access token.
request.META['Authorization'] = 'bearer {0}'.format(token['access_token'])
else:
pass
def test_token_refresh(self):
""" Test we can refresh the access token """
self.assertTrue(refresh_access_token(self.token))
def test_token_refresh(self):
""" Test we can refresh the access token """
self.assertTrue(refresh_access_token(self.token))