def api_users(): """Returns a list of users in the database. Email addresses are removed from returned data. :returns: JSON with a 'users' key and list of users. """ recs = app.q_User().all() resp = [each.sdict for each in recs] [each.pop("email", None) for each in resp] return jsonify(users=resp)
def api_users(): """Returns a list of users in the database. Email addresses are removed from returned data. :returns: JSON with a 'users' key and list of users. """ recs = app.q_User().all() resp = [each.sdict for each in recs] [each.pop('email', None) for each in resp] return jsonify(users=resp)
def gconnect(): """Handles G+ third-party signin.""" code = request.get_json()['data'] try: oauth_flow = flow_from_clientsecrets('clientsecrets.json', scope='') oauth_flow.redirect_uri = 'postmessage' # Exchange code for credentials object with token credentials = oauth_flow.step2_exchange(code) except FlowExchangeError: return jsonify(message='Failed to upgrade authorization code'), 401 # Check that access token is valid access_token = credentials.access_token url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={}' .format(access_token)) result = requests.get(url).json() # Abort if error. if result.get('error') is not None: return jsonify(message=result.get('error')), 500 # Verify that the access token is used for the intended user. gplus_id = credentials.id_token['sub'] if result['user_id'] != gplus_id: return jsonify(message="Token's user ID doesn't match login."), 401 # Verify that the access token is valid for this app. app_token = ''.join(['494203108202-8qijkubc2hiio08dptgb5cc21su8qf84', '.apps.googleusercontent.com']) if result['issued_to'] != app_token: return jsonify(message="Token's client ID does not match app's."), 401 stored_credentials = login_session.get('access_token') stored_gplus_id = login_session.get('gplus_id') if stored_credentials is not None and gplus_id == stored_gplus_id: return jsonify(status='ok', message='Current user is already connected.', username=login_session['username'], picture=login_session['picture']) # Store the access token in the session for later use. login_session['access_token'] = credentials.access_token login_session['gplus_id'] = gplus_id # Get user info userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo" params = {'access_token': credentials.access_token, 'alt': 'json'} data = requests.get(userinfo_url, params=params).json() login_session['username'] = data['name'] login_session['picture'] = data['picture'] login_session['email'] = data['email'] # Get user id from database or add new user. user_rec = app.q_User().filter_by(name=data['name'], email=data['email']).first() if user_rec: login_session['user_id'] = user_rec.id else: new_user = User(name=data['name'], email=data['email'], picture=data['picture']) app.db_session.add(new_user) app.db_session.commit() login_session['user_id'] = new_user.id flash("you are now logged in as {}".format(login_session['username'])) resp = jsonify(status='ok', username=login_session['username'], picture=login_session['picture']) resp.set_cookie('_csrf', _csrf(), max_age=None) return resp