def connect_users(request):
payload = {}
logging.info(request.POST)
fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
fb.session_key = request.POST['fb_sig_session_key']
user_info_response = fb.users.getInfo([request.POST['fb_sig_user']], ['email_hashes', 'first_name', 'last_name'])
logging.info(user_info_response)
for hash in user_info_response[0]['email_hashes']:
user = User.all().filter('email_hash = ', hash).get()
user.facebook_id = int(request.POST['fb_sig_user'])
user.put()
return render("standardpage.html", payload, request)
def send_connect_users(request):
payload = {}
users = User.all().filter('username > ', request.GET['name']).fetch(100)
hashes = []
fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
for user in users:
#logging.debug(user)
user.email_hash = fb.hash_email(user.email)
hashes.append({"email_hash": user.email_hash})
username = user.username
user.put()
logging.info(hashes)
logging.info(username)
user_info_response = fb.connect.registerUsers(hashes)
logging.info(user_info_response)
payload['text'] = "<a href='/send_connect?name=%s'>%s</a>" % (username, username)
return render("standardpage.html", payload, request)
def register(request, page):
payload = {}
if request.method == 'POST':
f = RegisterForm(request.POST)
if request.POST.has_key('toc'):
if f.is_valid():
check_captcha = captcha.submit(request.POST['recaptcha_challenge_field'], request.POST['recaptcha_response_field'], settings.RECAPTCHA_PRIVATE_KEY, request.META['REMOTE_ADDR'])
if check_captcha.is_valid:
user = User(key_name="user%s" % f.data['username'], username=f.data['username'], email=f.data['email'])
user.set_password(f.data['password'])
user.is_active = True
fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
user.email_hash = fb.hash_email(user.email)
hashes = []
hashes.append({"email_hash": user.email_hash})
user.put()
user_info_response = fb.connect.registerUsers(hashes)
#automatically login
user = authenticate(username=f.data['username'],password=f.data['password'])
if user is not None:
if user.is_active:
login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if request.GET.has_key("next"):
return HttpResponseRedirect(request.GET["next"])
else:
return HttpResponseRedirect('/account/')
else:
payload["captchaerror"] = True
else:
payload["tocerror"] = True
else:
f = RegisterForm()
request.session.set_test_cookie()
payload["captchahtml"] = captcha.displayhtml(settings.RECAPTCHA_PUB_KEY)
payload["form"] = f
if request.GET.has_key("next"):
payload["next"] = request.GET["next"]
return render("register.html", payload, request)
def connect_users(request):
#<QueryDict: {u'fb_sig_time': [u'1230351016.3299'],
# u'fb_sig_authorize': [u'1'],
# u'fb_sig_locale': [u'en_US'],
# u'fb_sig_session_key': [u'2.oYf3yaL9PnROgLyp5cBg9A__.86400.1230440400-1144902201'],
# u'fb_sig_in_new_facebook': [u'1'],
# u'fb_sig_profile_update_time': [u'0'],
# u'fb_sig_user': [u'1144902201'],
# u'fb_sig_expires': [u'1230440400'],
# u'fb_sig': [u'807f94cba0b3a26f359cd5a7c16cdcd6'],
# u'fb_sig_api_key': [u'9669d802ca3cdcc15172ccd7b4636646'],
# u'fb_sig_added': [u'1']}>
payload = {}
logging.info(request.POST)
fb = Facebook(settings.FACEBOOK_API_KEY, settings.FACEBOOK_API_SECRET)
fb.session_key = request.POST['fb_sig_session_key']
user_info_response = fb.users.getInfo([request.POST['fb_sig_user']], ['email_hashes', 'first_name', 'last_name'])
logging.info(user_info_response)
for hash in user_info_response[0]['email_hashes']:
user = User.all().filter('email_hash = ', hash).get()
user.facebook_id = int(request.POST['fb_sig_user'])
user.put()
return render("standardpage.html", payload, request)
def process_request(self, request):
try:
# Set the facebook message to empty. This message can be used to dispaly info from the middleware on a Web page.
request.facebook_message = None
# Don't bother trying FB Connect login if the user is already logged in
if not request.user.is_authenticated():
# FB Connect will set a cookie with a key == FB App API Key if the user has been authenticated
if API_KEY in request.COOKIES:
fb = Facebook(API_KEY, API_SECRET)
if(fb.validate_cookie_signature(request.COOKIES)):
# If session hasn't expired
if(datetime.fromtimestamp(float(request.COOKIES[API_KEY+'_expires'])) > datetime.now()):
# Try to get Django account corresponding to friend
# Authenticate then login (or display disabled error message)
user = authenticate(facebook_id=request.COOKIES[API_KEY + '_user'])
logging.info(user)
if user is not None:
if user.is_active:
login(request, user)
self.facebook_user_is_authenticated = True
else:
request.facebook_message = ACCOUNT_DISABLED_ERROR
self.delete_fb_cookies = True
else:
django_user = User.get_by_key_name("userfb%s" % request.COOKIES[API_KEY + '_user'])
if not django_user:
# There is no Django account for this Facebook user.
# Create one, then log the user in.
fb.session_key = request.COOKIES[API_KEY + '_session_key']
user_info_response = fb.users.getInfo([request.COOKIES[API_KEY + '_user']], ['first_name', 'last_name'])
# Create user
user = User(key_name="userfb%s" % request.COOKIES[API_KEY + '_user'], username = "******" % (user_info_response[0]['first_name'], user_info_response[0]['last_name']),
email= '*****@*****.**' % request.COOKIES[API_KEY + '_user'])
user.set_password(md5.new(request.COOKIES[API_KEY + '_user'] + settings.SECRET_KEY).hexdigest())
user.is_active = True
user.facebook_id = int(request.COOKIES[API_KEY + '_user'])
user.put()
# Authenticate and log in (or display disabled error message)
user = authenticate(username='******' % request.COOKIES[API_KEY + '_user'],
password=md5.new(request.COOKIES[API_KEY + '_user'] + settings.SECRET_KEY).hexdigest())
logging.info("ROUND2")
if user is not None:
if user.is_active:
login(request, user)
self.facebook_user_is_authenticated = True
else:
request.facebook_message = ACCOUNT_DISABLED_ERROR
self.delete_fb_cookies = True
else:
request.facebook_message = ACCOUNT_PROBLEM_ERROR
self.delete_fb_cookies = True
else:
request.facebook_message = ACCOUNT_PROBLEM_ERROR
self.delete_fb_cookies = True
# Cookie session expired
else:
logout(request)
self.delete_fb_cookies = True
# Cookie values don't match hash
else:
logout(request)
self.delete_fb_cookies = True
# Logged in
else:
# If FB Connect user
if API_KEY in request.COOKIES:
# IP hash cookie set
if 'fb_ip' in request.COOKIES:
try:
real_ip = request.META['HTTP_X_FORWARDED_FOR']
except KeyError:
real_ip = request.META['REMOTE_ADDR']
# If IP hash cookie is NOT correct
if request.COOKIES['fb_ip'] != md5.new(real_ip + API_SECRET + settings.SECRET_KEY).hexdigest():
logout(request)
self.delete_fb_cookies = True
# FB Connect user without hash cookie set
else:
logout(request)
self.delete_fb_cookies = True
# Something else happened. Make sure user doesn't have site access until problem is fixed.
except:
request.facebook_message = PROBLEM_ERROR
logout(request)
self.delete_fb_cookies = True
