def token_require(request):
name = request.GET.get('app', '')
service = Service.objects.filter(name=name).first()
url = request.GET.get('url', '')
dest = get_callback(request.user, service, url)
alias = service.alias if service else url
reason = 0
if request.user.is_superuser:
reason = 1
elif name.startswith('sparcs') and not request.user.profile.sparcs_id:
reason = 2
elif not dest:
reason = 3
if reason:
return render(request, 'api/denied.html', {
'reason': reason,
'alias': alias,
'dest': dest
})
token = AccessToken.objects.filter(user=request.user,
service=service).first()
if token:
logger.info('token.delete', {'r': request, 'hide': True})
token.delete()
m = ServiceMap.objects.filter(user=request.user, service=service).first()
if (not m or m.unregister_time) and service:
result = reg_service(request.user, service)
if result:
profile_logger.info('register.success: app=%s' % service.name,
{'r': request})
else:
d = service.cooltime - (timezone.now() - m.unregister_time).days
profile_logger.warning('register.fail: app=%s' % service.name,
{'r': request})
return render(request, 'api/cooltime.html', {
'service': service,
'left': d
})
while True:
tokenid = os.urandom(10).encode('hex')
if not AccessToken.objects.filter(tokenid=tokenid,
service=service).count():
break
token = AccessToken(tokenid=tokenid,
user=request.user,
service=service,
expire_time=timezone.now() + timedelta(seconds=5))
token.save()
logger.info('token.create: app=%s,url=%s' % (name, url), {'r': request})
args = {'tokenid': token.tokenid}
return redirect(dest + '?' + urllib.urlencode(args))
def token_require(request):
client_id = request.GET.get('client_id', '')
state = request.GET.get('state', '')
service = Service.objects.filter(name=client_id).first()
if not service:
raise SuspiciousOperation('INVALID_SERVICE')
if len(state) < 8:
raise SuspiciousOperation('INVALID_STATE')
user = request.user
profile = user.profile
flags = user.profile.flags
reason = 0
if flags['sysop']:
reason = 1
elif service.scope == 'SPARCS' and not flags['sparcs']:
reason = 2
elif service.scope == 'TEST' and not flags['test']:
reason = 3
elif service.scope != 'TEST' and flags['test-only']:
reason = 4
elif not (profile.email_authed or profile.facebook_id or profile.twitter_id
or profile.kaist_id):
reason = 5
if reason:
return render(request, 'api/denied.html', {
'reason': reason,
'alias': service.alias,
})
AccessToken.objects.filter(user=user, service=service).delete()
m = ServiceMap.objects.filter(user=user, service=service).first()
if not m or m.unregister_time:
m_new = service_register(user, service)
log_msg = 'success' if m_new else 'fail'
logger.warning(
f'register.{log_msg}', {
'r':
request,
'extra': [
('app', service.name),
('sid', m_new.sid if m_new else ''),
],
})
if not m_new:
left = service.cooltime - (timezone.now() - m.unregister_time).days
return render(request, 'api/cooltime.html', {
'service': service,
'left': left,
})
while True:
tokenid = token_hex(10)
if not AccessToken.objects.filter(tokenid=tokenid).count():
break
token = AccessToken(
tokenid=tokenid,
user=user,
service=service,
expire_time=timezone.now() + timedelta(seconds=TIMEOUT),
)
token.save()
logger.info('login.try', {
'r': request,
'hide': True,
'extra': [('app', client_id)],
})
return redirect(service.login_callback_url + '?' +
urlencode({
'code': token.tokenid,
'state': state,
}))
def token_require(request):
client_id = request.GET.get('client_id', '')
state = request.GET.get('state', '')
if len(state) < 8:
raise SuspiciousOperation()
service = Service.objects.filter(name=client_id).first()
if not service:
raise SuspiciousOperation()
user = request.user
profile = user.profile
flags = user.profile.flags
reason = 0
if flags['sysop']:
reason = 1
elif service.scope == 'SPARCS' and not flags['sparcs']:
reason = 2
elif service.scope == 'TEST' and not flags['test']:
reason = 3
elif service.scope != 'TEST' and flags['test-only']:
reason = 4
elif not (profile.email_authed or profile.facebook_id or profile.twitter_id
or profile.kaist_id):
reason = 5
if reason:
return render(request, 'api/denied.html', {
'reason': reason,
'alias': service.alias
})
token = AccessToken.objects.filter(user=user, service=service).first()
if token:
logger.info('token.delete', {'r': request, 'hide': True})
token.delete()
m = ServiceMap.objects.filter(user=user, service=service).first()
if not m or m.unregister_time:
result = reg_service(user, service)
if result:
profile_logger.info('register.success: app=%s' % service.name,
{'r': request})
else:
d = service.cooltime - (timezone.now() - m.unregister_time).days
profile_logger.warning('register.fail: app=%s' % service.name,
{'r': request})
return render(request, 'api/cooltime.html', {
'service': service,
'left': d
})
while True:
tokenid = token_hex(10)
if not AccessToken.objects.filter(tokenid=tokenid,
service=service).count():
break
token = AccessToken(tokenid=tokenid,
user=user,
service=service,
expire_time=timezone.now() + timedelta(seconds=10))
token.save()
logger.info('token.create: app=%s' % client_id, {'r': request})
args = {'code': token.tokenid, 'state': state}
return redirect(service.login_callback_url + '?' + urlencode(args))