def authorized(request, authorization_id): auth = FacebookAuthorization.objects.get(id=authorization_id) if request.GET.get('error'): # @todo Handle user not wanting to auth. return redirect(auth.get_absolute_url()) # @todo We are probably better of using some kind of # application_installation custom signal that creates the user. code = request.GET.get('code') try: access_token = auth.get_access_token(code)[0] except urllib2.HTTPError: return redirect(auth.get_facebook_authorize_url()) request_data = GraphAPI(access_token).get_object('me') facebook_user, created = FacebookUser.objects.get_or_create( uid=request_data['id'], application=auth.application) facebook_user.access_token = access_token facebook_user.first_name = request_data['first_name'] facebook_user.last_name = request_data['last_name'] facebook_user.locale = request_data.get('locale') facebook_user.timezone = request_data.get('timezone') facebook_user.religion = request_data.get('religion') facebook_user.location = request_data.get('location', {}).get('name') facebook_user.gender = request_data.get('gender') facebook_user.email = request_data.get('email') facebook_user.save() authenticated_user = authenticate(facebook_user=facebook_user) if authenticated_user is None: # @todo import the profile and check if it has a foreignkey to # FacebookUser username = "".join(random.choice(BASE62_ALPHABET) for i in xrange(30)) user = User.objects.create_user(username=username, email=facebook_user.email) user.first_name = facebook_user.first_name[0:30] user.last_name = facebook_user.last_name[0:30] user.set_unusable_password() user.save() try: profile = user.get_profile() profile.facebook = facebook_user profile.save() authenticated_user = authenticate(facebook_user=facebook_user) except SiteProfileNotAvailable: user.delete() if authenticated_user is not None: if authenticated_user.is_active: login(request, authenticated_user) #@todo handle user not active. #@todo what should happen if the user doesn't get logged in? return redirectjs(auth.next)
def authorize(request, application_id): # 1. ?next=url # 2. HTTP_REFERER # 3. Application link. (website if canvas is not setup) app = FacebookApplication.objects.get(id=application_id) next = request.META.get('HTTP_REFERER', app.link) next = request.GET.get('next', next) scope = request.GET.get("perms", app.default_scope) assert(not next is None) auth = FacebookAuthorization.objects.create(next=next, application=app, scope=scope) # Catch 22 problem :( auth.redirect_uri = request.build_absolute_uri(auth.get_authorized_url()) auth.save() return redirectjs(auth.get_facebook_authorize_url())
def dispatch(self, request, *args, **kwargs): request_ids = request.GET.get('request_ids') if not request_ids: return super(FacebookInvitationMixin, self).dispatch( request, *args, **kwargs ) # If the user is not authenticated just return and let # FacebookAppAuthMixin deal with getting us an authed user. if(not request.user.is_authenticated() or not request.user.get_profile().facebook): return super(FacebookInvitationMixin, self).dispatch( request, *args, **kwargs ) facebook_user = request.user.get_profile().facebook next_url = None for request_id in request_ids.split(','): try: invitation = FacebookInvitation.objects.get( request_id=request_id, receiver=facebook_user, accepted=None ) invitation.accepted = timezone.now() invitation.save() if invitation.next: next_url = invitation.next except FacebookInvitation.DoesNotExist: pass else: self.handle_invitation(invitation) if next_url: return redirectjs(next_url) return super(FacebookInvitationMixin, self).dispatch( request, *args, **kwargs )