def callback():
# Get authorization code Google sent back to you
code = request.args.get("code")
# Find out what URL to hit to get tokens that allow you to ask for
# things on behalf of a user
google_provider_cfg = get_google_provider_cfg()
token_endpoint = google_provider_cfg["token_endpoint"]
# Prepare and send request to get tokens! Yay tokens!
token_url, headers, body = client.prepare_token_request(
token_endpoint,
authorization_response=request.url,
redirect_url=request.base_url,
code=code,
)
token_response = requests.post(
token_url,
headers=headers,
data=body,
auth=(GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET),
)
# Parse the tokens!
client.parse_request_body_response(json.dumps(token_response.json()))
# Now that we have tokens (yay) let's find and hit URL
# from Google that gives you user's profile information,
# including their Google Profile Image and Email
userinfo_endpoint = google_provider_cfg["userinfo_endpoint"]
uri, headers, body = client.add_token(userinfo_endpoint)
userinfo_response = requests.get(uri, headers=headers, data=body)
# We want to make sure their email is verified.
# The user authenticated with Google, authorized our
# app, and now we've verified their email through Google!
if userinfo_response.json().get("email_verified"):
unique_id = userinfo_response.json()["sub"]
users_email = userinfo_response.json()["email"]
picture = userinfo_response.json()["picture"]
users_name = userinfo_response.json()["given_name"]
else:
return "User email not available or not verified by Google.", 400
# Create a user in our db with the information provided
# by Google
user = User(
id_=unique_id, name=users_name, email=users_email, profile_pic=picture
)
# Doesn't exist? Add to database
if not User.get(unique_id):
User.create(unique_id, users_name, users_email, picture)
# Begin user session by logging the user in
login_user(user)
# Send user back to homepage
return redirect(url_for("index"))
def newuser():
"""endpoint for setting up a new user"""
if request.method == 'POST':
uid = request.form.get('uid')
name = request.form.get('fullname')
email = request.form.get('email')
profile_pic = request.form.get('profile_pic')
usertype = request.form.get('usertype')
user = User.get(uid)
if not user:
return "User has not given consent to Google Login", 400
if len(name) > 50:
return render_template("newuser.html", message="Full name too long", userid=uid, fullname=name,
email=email, profile_pic=profile_pic)
db.update_user(uid, name, email, profile_pic, usertype)
user = User.get(uid)
login_user(user)
return redirect(url_for("index"))
else:
return render_template("newuser.html")
def test_get_user_miss(self):
app = Flask(__name__)
with app.app_context():
id_ = "sw3525"
name = "Carbon"
email = "*****@*****.**"
profile_pic = "123.png"
usertype = "Personal"
User.create(id_, name, email, profile_pic, usertype)
user = User.get("sw9999")
self.assertEqual(None, user)
def test_get_user(self):
app = Flask(__name__)
with app.app_context():
id_ = "sw3525"
name = "Carbon"
email = "*****@*****.**"
profile_pic = "123.png"
usertype = "Personal"
User.create(id_, name, email, profile_pic, usertype)
user = User.get("sw3525")
self.assertEqual("sw3525", user.id)
self.assertEqual("Carbon", user.name)
self.assertEqual("*****@*****.**", user.email)
self.assertEqual("123.png", user.profile_pic)
self.assertEqual("Personal", user.usertype)
def load_user(user_id):
return User.get(user_id)
def load_user(user_id):
"""Flask-Login helper to retrieve a user from our db"""
return User.get(user_id)