def GET(self, objectId, subObject=None):
dbSession = self.sessionFactory()
currentUser = getCurrentUser(dbSession)
if currentUser is None:
errors.throwError(errors.InvalidToken)
if objectId == "me":
objectId = currentUser.email
objectId = urllib.unquote(objectId).decode('utf8')
if schemas.EMAIL_REGEX.match(objectId):
return handleGetUser(currentUser, dbSession, objectId, subObject)
else:
errors.throwError(errors.InvalidObject)
def login_validate(self, token):
session = self.sessionFactory()
tokenPair = session.query(schemas.AuthToken).get(token)
if tokenPair is None:
errors.throwError(errors.InvalidToken)
# We received a valid token originally from /auth/login. Continue with the
# Google authentication process.
validateFlow = OAuth2WebServerFlow(
client_id=self.settings.get('google', 'client_id'),
client_secret=self.settings.get('google', 'client_secret'),
scope=self.settings.get('google', 'scopes'),
redirect_uri=self.settings.get('google', 'redirect_uri'),
state=tokenPair.validator
)
raise cherrypy.HTTPRedirect(validateFlow.step1_get_authorize_url())
def login_callback(self, state, code):
# state is the validation code generated from /auth/login
# code is the Google authorization code
# scope contains the permissions associated with this code
session = self.sessionFactory()
# Check if the validation key exists
tokenPair = session.query(schemas.AuthToken).filter(
schemas.AuthToken.validator == state).first()
if tokenPair is None:
errors.throwError(error.InvalidToken)
# Request the Google access and refresh tokens
credentials = self.googleFlow.step2_exchange(code)
# Get some information about the authenticated user
authHttp = credentials.authorize(httplib2.Http())
googlePlus = build('plus', 'v1', http=authHttp)
googleUser = googlePlus.people().get(userId='me',
fields='displayName,name,emails,image,url').execute()
# A Google account *must* have a unique account email associated with it.
email = filter(
lambda x: x['type'] == 'account', googleUser['emails'])[0]['value']
user = session.query(schemas.User).get(email)
if user is None:
newUser = schemas.User(
email=email, name=googleUser['displayName'],
credentials=credentials.to_json(), googlelink=googleUser['url'],
profileimg=googleUser['image']['url'])
session.add(newUser)
# Add Gmail adddress to stored token
tokenPair.email = email
session.commit()
# Success. Redirect the user to the dashboard.
raise cherrypy.HTTPRedirect("/dashboard.html")
def handleGetUser(currentUser, dbSession, userId, subObject=None):
user = dbSession.query(schemas.User).get(userId)
if user is None:
errors.throwError(errors.InvalidObject)
return user.toJson()