Exemplo n.º 1
0
def connect_users(request):
	payload = {}
	logging.info(request.POST)
	fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
	fb.session_key = request.POST['fb_sig_session_key']
	user_info_response = fb.users.getInfo([request.POST['fb_sig_user']], ['email_hashes', 'first_name', 'last_name'])
	logging.info(user_info_response)
	for hash in user_info_response[0]['email_hashes']:
		user = User.all().filter('email_hash = ', hash).get()
		user.facebook_id = int(request.POST['fb_sig_user'])
		user.put()
	return render("standardpage.html", payload, request)
Exemplo n.º 2
0
def connect_users(request):
	#<QueryDict: {u'fb_sig_time': [u'1230351016.3299'], 
	#			u'fb_sig_authorize': [u'1'], 
	#			u'fb_sig_locale': [u'en_US'], 
	#			u'fb_sig_session_key': [u'2.oYf3yaL9PnROgLyp5cBg9A__.86400.1230440400-1144902201'], 
	#			u'fb_sig_in_new_facebook': [u'1'], 
	#			u'fb_sig_profile_update_time': [u'0'], 
	#			u'fb_sig_user': [u'1144902201'], 
	#			u'fb_sig_expires': [u'1230440400'], 
	#			u'fb_sig': [u'807f94cba0b3a26f359cd5a7c16cdcd6'], 
	#			u'fb_sig_api_key': [u'9669d802ca3cdcc15172ccd7b4636646'], 
	#			u'fb_sig_added': [u'1']}>
	payload = {}
	logging.info(request.POST)
	fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
	fb.session_key = request.POST['fb_sig_session_key']
	user_info_response = fb.users.getInfo([request.POST['fb_sig_user']], ['email_hashes', 'first_name', 'last_name'])
	logging.info(user_info_response)
	for hash in user_info_response[0]['email_hashes']:
		user = User.all().filter('email_hash = ', hash).get()
		user.facebook_id = int(request.POST['fb_sig_user'])
		user.put()
	return render("standardpage.html", payload, request)
	def process_request(self, request):
		try:
			 # Set the facebook message to empty. This message can be used to dispaly info from the middleware on a Web page.
			request.facebook_message = None
	
			# Don't bother trying FB Connect login if the user is already logged in
			if not request.user.is_authenticated():
				# FB Connect will set a cookie with a key == FB App API Key if the user has been authenticated
				if API_KEY in request.COOKIES:
					fb = Facebook(API_KEY, API_SECRET)

					if(fb.validate_cookie_signature(request.COOKIES)):
				
						# If session hasn't expired
						if(datetime.fromtimestamp(float(request.COOKIES[API_KEY+'_expires'])) > datetime.now()):
			
							# Try to get Django account corresponding to friend
							# Authenticate then login (or display disabled error message)
							user = authenticate(facebook_id=request.COOKIES[API_KEY + '_user'])
							logging.info(user)
							if user is not None:
								if user.is_active:
									login(request, user)
									self.facebook_user_is_authenticated = True
								else:
									request.facebook_message = ACCOUNT_DISABLED_ERROR
									self.delete_fb_cookies = True
							else:
								django_user = User.get_by_key_name("userfb%s" % request.COOKIES[API_KEY + '_user'])
								if not django_user:
									# There is no Django account for this Facebook user.
									# Create one, then log the user in.
									fb.session_key = request.COOKIES[API_KEY + '_session_key']
									user_info_response = fb.users.getInfo([request.COOKIES[API_KEY + '_user']], ['first_name', 'last_name'])
							
									# Create user
									user = User(key_name="userfb%s" % request.COOKIES[API_KEY + '_user'], username = "******" % (user_info_response[0]['first_name'], user_info_response[0]['last_name']), 
												email= '*****@*****.**' % request.COOKIES[API_KEY + '_user'])
									user.set_password(md5.new(request.COOKIES[API_KEY + '_user'] + settings.SECRET_KEY).hexdigest())
									user.is_active = True
									user.facebook_id = int(request.COOKIES[API_KEY + '_user'])
									user.put()
							
									# Authenticate and log in (or display disabled error message)
									user = authenticate(username='******' % request.COOKIES[API_KEY + '_user'], 
											password=md5.new(request.COOKIES[API_KEY + '_user'] + settings.SECRET_KEY).hexdigest())
									logging.info("ROUND2")
									if user is not None:
										if user.is_active:
											login(request, user)
											self.facebook_user_is_authenticated = True
										else:
											request.facebook_message = ACCOUNT_DISABLED_ERROR
											self.delete_fb_cookies = True
									else:
										request.facebook_message = ACCOUNT_PROBLEM_ERROR
										self.delete_fb_cookies = True
								else:								
									request.facebook_message = ACCOUNT_PROBLEM_ERROR
									self.delete_fb_cookies = True
								
						# Cookie session expired
						else:
							logout(request)
							self.delete_fb_cookies = True
						
				   # Cookie values don't match hash
					else:
						logout(request)
						self.delete_fb_cookies = True
					
			# Logged in
			else:
				# If FB Connect user
				if API_KEY in request.COOKIES:
					# IP hash cookie set
					if 'fb_ip' in request.COOKIES:
					
						try:
							real_ip = request.META['HTTP_X_FORWARDED_FOR']
						except KeyError:
							real_ip = request.META['REMOTE_ADDR']
					
						# If IP hash cookie is NOT correct
						if request.COOKIES['fb_ip'] != md5.new(real_ip + API_SECRET + settings.SECRET_KEY).hexdigest():
							 logout(request)
							 self.delete_fb_cookies = True
					# FB Connect user without hash cookie set
					else:
						logout(request)
						self.delete_fb_cookies = True
				
		# Something else happened. Make sure user doesn't have site access until problem is fixed.
		except:
			request.facebook_message = PROBLEM_ERROR
			logout(request)
			self.delete_fb_cookies = True