def register():
"""Register the user directly (not through a social account)."""
if current_user.is_authenticated():
return redirect(url_for('mod_feed.index'))
form = RegisterForm()
if form.validate_on_submit():
# Register User into database
user = User(email=form.email.data,
password=form.password.data)
db.session.add(user)
db.session.commit()
# Send email to confirm user
token = user.generate_confirmation_token()
send_email(user.email, 'Confirm your Account',
'auth/email/confirm', user=user, token=token)
# Create a `Saved` magazine
magazine = Magazine(name='Saved', public=False,
user_id=user.id, removable=False)
db.session.add(magazine)
db.session.commit()
user.saved_magazine = magazine.id
flash('An activation email has been sent to your account')
return redirect(url_for('mod_feed.index'))
return render_template('auth/register.html', form=form)
def facebook_authorized(response):
"""Authorize the Facebook account.
:param response: The response from Facebook
"""
next_url = request.args.get('next') or url_for('mod_feed.index')
if not response:
flash('You denied the request to sign in')
return redirect(next_url)
# Store the token so we can access it later from tokengetter
session['facebook_access_token'] = (response['access_token'], '')
fbme = facebook.get('/me')
email = fbme.data['email']
# If the user is not registered, add him
user = User.query.filter_by(email=email).first()
if not user:
user = User(email=email, register_with_provider=True, confirmed=True)
db.session.add(user)
db.session.commit()
# In any case we update the authentication token in the db
# If the user has revoked access we will have new token here
connection = Connection.query.filter_by(
user_id=user.id,
provider_id=provider_id['FACEBOOK']).first()
if not connection:
connection = Connection(
user_id=user.id,
provider_id=provider_id['FACEBOOK'],
provider_user_id=fbme.data['id'],
display_name=fbme.data['name'],
image_url='https://graph.facebook.com/%s/picture?type=large' % \
(fbme.data['id']),
user=user)
db.session.add(connection)
connection.oauth_token = response['access_token']
# Create a `Saved` magazine
if not Magazine.query.filter_by(name='Saved').first():
magazine = Magazine(name='Saved', public=False, user_id=user.id)
db.session.add(magazine)
db.session.commit()
user.saved_magazine = magazine.id
login_user(user)
return redirect(next_url)
def google_authorized(response):
"""Authorize the Google account
:param response: The response from Google's authorization service
"""
access_token = response['access_token']
session['google_token'] = (access_token, '')
headers = {'Authorization': 'OAuth '+ access_token}
req = Request('https://www.googleapis.com/oauth2/v1/userinfo',
None, headers)
try:
res = urlopen(req)
except URLError as err:
if err.code == 401:
# Unauthorized - bad token
session.pop('google_token', None)
flash('You denied the request to sign in')
return redirect(url_for('mod_auth.login'))
flash('Something bad happened when signing with Google')
return redirect(url_for('mod_auth.login'))
user_info = json.loads(res.read())
user = User.query.filter_by(email=user_info['email']).first()
if not user:
user = User(email=user_info['email'],
register_with_provider=True,
confirmed=True)
db.session.add(user)
db.session.commit()
connection = Connection.query.filter_by(
user_id=user.id,
provider_id=provider_id['GOOGLE']).first()
if not connection:
connection = Connection(
user_id=user.id,
provider_id=provider_id['GOOGLE'],
provider_user_id=user_info['id'],
display_name=user_info['name'],
image_url=user_info['picture'],
user=user)
connection.oauth_token = access_token
db.session.add(connection)
# Create a `Saved` magazine
if not Magazine.query.filter_by(name='Saved').first():
magazine = Magazine(name='Saved', public=False, user_id=user.id)
db.session.add(magazine)
db.session.commit()
user.saved_magazine = magazine.id
login_user(user)
return redirect(session.get('google_auth_next_url'))
