def post(self):
flow = app.flow
flow.redirect_uri = request.form["redirect_uri"]
authCode = request.form["code"]
flow.fetch_token(code=authCode)
credentials = flow.credentials
req_url = "https://www.googleapis.com/oauth2/v1/userinfo?access_token=" + credentials.token
user_info = requests.get(req_url).json()
user = AuthenticationService.getUser(email=user_info['email'])
if user:
if not user.password:
sessionId = uuid4()
session = Session(user=user, sessionId=sessionId)
session.save()
ret = make_response(user_info)
ret.set_cookie("SID",
str(session.sessionId),
expires=session.dateExpires)
return ret
return Response("Email already registered with our service",
status=403)
else:
ret = {}
ret['message'] = "Redirect to complete sign up"
ret['user'] = user_info
return Response(ret, status=200)
def do_login(self):
user_name = self.get_argument("user")
password = self.get_argument("password")
user = User.authenticate_user(user_name,
password) # either false or user object
if user: # login worked
session = Session(user_model_id=user.model_id)
session.save()
session.set_cookie(self)
self.redirect('/')
def authenticate(self, email, password):
hashedPassword = self.saltPassword(password)
user = self.getUser(email=email)
if not user:
return False
if hashedPassword != user.password:
return False
sessionId = uuid4()
session = Session(user=user, sessionId=sessionId)
session.save()
return session
def post(self):
user = {
"firstName": request.form["firstName"],
"lastName": request.form["lastName"],
"email": request.form["email"],
"password": request.form["password"],
"organization": request.form["organization"],
"location": request.form["location"],
"userType": request.form["userType"]
}
try:
User.objects.get(email=user["email"])
return Response(
"There's already an account with the provided email.",
status=400)
except:
try:
AuthenticationService.signup(user)
userConfirmationId = uuid4()
user = User.objects.get(email=user["email"])
if AuthenticationService.isUserConfirmed(user):
sessionId = uuid4()
session = Session(user=user, sessionId=sessionId)
session.save()
data = {
"message": "Google authorized successful!",
"user": user.email
}
ret = make_response(data)
ret.set_cookie("SID",
str(session.sessionId),
expires=session.dateExpires)
return ret
AuthenticationService.setUserConfirmationId(
user, userConfirmationId)
sub = "Confirm Account"
msg = f"<p>Congratulations, you've registered for Agriworks. Please click the link below to confirm your account.</p><p><a href=\"{app.rootUrl}/confirm-user/{userConfirmationId}\"> Confirm account </a></p>"
MailService.sendMessage(user, sub, msg)
return Response("Signup successful", status=200)
except:
return Response("Signup unsuccessful. Please try again.",
status=403)
