def mainpage(request): code = request.GET['code'] payload = {'code':code,'client_id':settings.GOOGLE_CLIENT_ID,'client_secret':settings.GOOGLE_SECRET,'redirect_uri':settings.GOOGLE_REDIRECT_URL,'grant_type':'authorization_code'} r = requests.post('https://accounts.google.com/o/oauth2/token',payload) print 'type =', type(r.json()['id_token'].encode('utf-8')) token = r.json()['id_token'].encode('utf-8') print 'token type =', type(token) segments = token.split('.') if (len(segments) != 3): raise Exception('Wrong number of segments in token: %s' % segments) b64string = segments[1] b64string = b64string.encode('ascii') padded = b64string + '=' * (4 - len(b64string) % 4) padded = base64.urlsafe_b64decode(padded) #Create a new session ses_id = auth.create_session_id() if 'sessionid' not in request.session: request.session['sessionid'] = ses_id request.session['acsrfid'] = auth.get_acsrf(ses_id) print 'old request session id =', request.session['sessionid'] print 'old request acsrf id =', request.session['acsrfid'] request.session['sessionid'] = ses_id request.session['acsrfid'] = auth.get_acsrf(ses_id) print 'new request session id =', request.session['sessionid'] print 'new request acsrf id =', request.session['acsrfid'] return render_to_response('startpage.html',context_instance=RequestContext(request))
def render_portfolio(): acsrf = request.forms.get('antiCSRF') ses_id = request.forms.get('session_id') if (not auth.is_valid_acsrf(ses_id)): return template('Login',message='Improper Credentials or Timeout.',goog_anal_script=GoogleAnalyticsInclusionScript) auth.update_acsrf(ses_id) LogActivity.logPageTurn(ses_id,"Portfolio") portfolio = request.forms.get('portfolio') return template('Portfolio',acsrf=auth.get_acsrf(ses_id),\ session_id=ses_id,\ portfolio=portfolio,\ feedback_url=LocalURLToRecordFeedback,\ goog_anal_script=GoogleAnalyticsInclusionScript)
def pptriv(): username = request.forms.get('username') password = request.forms.get('password') # just a little throttle to slow down any denial of service attack.. time.sleep(1.0); if (not auth.does_authenticate(username,password)): LogActivity.logBadCredentials(username) return template('Login',message='Improper Credentials.',goog_anal_script=GoogleAnalyticsInclusionScript) search_string = request.forms.get('search_string') search_string = search_string if search_string is not None else "Dell Latitude" psc_pattern = request.forms.get('psc_pattern') ses_id = auth.create_session_id() LogActivity.logSessionBegin(username,ses_id) LogActivity.logPageTurn(ses_id,"StartPage") return template('StartPage',search_string=search_string,\ acsrf=auth.get_acsrf(ses_id),\ username=username, \ session_id=ses_id,\ psc_pattern=psc_pattern,goog_anal_script=GoogleAnalyticsInclusionScript)
def render_main_page(acsf,ses_id): if (not auth.is_valid_acsrf(ses_id)): return template('Login',message='Improper Credentials or Timeout.', footer_html=FOOTER_HTML, goog_anal_script=GoogleAnalyticsInclusionScript) auth.update_acsrf(ses_id) search_string = request.forms.get('search_string') search_string = search_string if search_string is not None else "" commodity_id = request.forms.get('commodity_id') LogActivity.logPageTurn(ses_id,"MainPage") return template('MainPage',search_string=search_string,\ acsrf=auth.get_acsrf(ses_id),\ session_id=ses_id,\ feedback_url=LocalURLToRecordFeedback,\ footer_html=FOOTER_HTML,\ column_dropdown=COLUMN_DROPDOWN_HTML,\ commodity_id=commodity_id,goog_anal_script=GoogleAnalyticsInclusionScript)
def pptriv(): acsrf = request.forms.get('antiCSRF') ses_id = request.forms.get('session_id') if (not auth.is_valid_acsrf(ses_id)): return template('Login',message='Improper Credentials or Timeout.',goog_anal_script=GoogleAnalyticsInclusionScript) auth.update_acsrf(ses_id) search_string = request.forms.get('search_string') search_string = search_string if search_string is not None else "Dell Latitude" commodity_id = request.forms.get('commodity_id') print 'COMMODITY_ID = '+commodity_id LogActivity.logPageTurn(ses_id,"MainPage") return template('MainPage',search_string=search_string,\ acsrf=auth.get_acsrf(ses_id),\ session_id=ses_id,\ feedback_url=LocalURLToRecordFeedback,\ commodity_id=commodity_id,goog_anal_script=GoogleAnalyticsInclusionScript)