Пример #1
0
  def GET(self, objectId, subObject=None):
    dbSession = self.sessionFactory()
    currentUser = getCurrentUser(dbSession)
    if currentUser is None:
      errors.throwError(errors.InvalidToken)
    if objectId == "me":
      objectId = currentUser.email

    objectId = urllib.unquote(objectId).decode('utf8')
    if schemas.EMAIL_REGEX.match(objectId):
      return handleGetUser(currentUser, dbSession, objectId, subObject)
    else:
      errors.throwError(errors.InvalidObject)
Пример #2
0
  def login_validate(self, token):
    session = self.sessionFactory()
    tokenPair = session.query(schemas.AuthToken).get(token)
    if tokenPair is None:
      errors.throwError(errors.InvalidToken)

    # We received a valid token originally from /auth/login. Continue with the
    # Google authentication process.
    validateFlow = OAuth2WebServerFlow(
        client_id=self.settings.get('google', 'client_id'),
        client_secret=self.settings.get('google', 'client_secret'),
        scope=self.settings.get('google', 'scopes'),
        redirect_uri=self.settings.get('google', 'redirect_uri'),
        state=tokenPair.validator
    )
    raise cherrypy.HTTPRedirect(validateFlow.step1_get_authorize_url())
Пример #3
0
  def login_callback(self, state, code):
    # state is the validation code generated from /auth/login
    # code is the Google authorization code
    # scope contains the permissions associated with this code
    session = self.sessionFactory()

    # Check if the validation key exists
    tokenPair = session.query(schemas.AuthToken).filter(
        schemas.AuthToken.validator == state).first()
    if tokenPair is None:
      errors.throwError(error.InvalidToken)

    # Request the Google access and refresh tokens
    credentials = self.googleFlow.step2_exchange(code)

    # Get some information about the authenticated user
    authHttp = credentials.authorize(httplib2.Http())
    googlePlus = build('plus', 'v1', http=authHttp)
    googleUser = googlePlus.people().get(userId='me',
        fields='displayName,name,emails,image,url').execute()
    # A Google account *must* have a unique account email associated with it.
    email = filter(
        lambda x: x['type'] == 'account', googleUser['emails'])[0]['value']

    user = session.query(schemas.User).get(email)
    if user is None:
      newUser = schemas.User(
          email=email, name=googleUser['displayName'],
          credentials=credentials.to_json(), googlelink=googleUser['url'],
          profileimg=googleUser['image']['url'])
      session.add(newUser)

    # Add Gmail adddress to stored token
    tokenPair.email = email

    session.commit()

    # Success. Redirect the user to the dashboard.
    raise cherrypy.HTTPRedirect("/dashboard.html")
Пример #4
0
def handleGetUser(currentUser, dbSession, userId, subObject=None):
  user = dbSession.query(schemas.User).get(userId)
  if user is None:
    errors.throwError(errors.InvalidObject)

  return user.toJson()