def get(self):
"""Handle code exchange."""
code = self.request.get('code')
if not code:
# TODO: Display error.
return None
oauth_flow = self.create_oauth_flow()
# Perform the exchange of the code. If there is a failure with exchanging
# the code, return None.
try:
creds = oauth_flow.step2_exchange(code)
except FlowExchangeError:
# TODO: Display error.
return None
users_service = util.create_service('oauth2', 'v2', creds)
# TODO: Check for errors.
user = users_service.userinfo().get().execute()
userid = user.get('id')
username = user.get('name')
# Store the credentials in the data store using the userid as the key.
# TODO: Hash the userid the same way the userToken is.
"""StorageByKeyName(Credentials, userid, 'credentials').put(creds)"""
entity = Credentials(name = username,
credentials = creds,
key_name = userid)
entity.put()
logging.info('Successfully stored credentials for user: %s', entity)
util.store_userid(self, userid)
self._perform_post_auth_tasks(userid, creds)
self.redirect('/')
def login():
if request.method == 'GET':
if current_user.is_authenticated:
flash("Already logged in!")
return redirect(url_for('artefacts'))
else:
return render_template('login.html')
elif request.method == 'POST':
new_user = Credentials(request.form['email'], request.form['password'])
# Determines if a user with that email exists in the database
db_user = email_taken(new_user)
if db_user:
hash_pw = db_user[3]
# Determines if the password has is correct
if check_password_hash(hash_pw.tobytes(), new_user.password):
new_user = User(db_user)
login_user(new_user)
flash("Successfully logged in")
return redirect('/')
else:
flash("Incorrect details, try again")
return redirect('/login')
else:
flash("That user doesn't exist!")
return redirect('/login')
def _insert_item_all_users(self):
"""Insert a timeline item to all authorized users."""
logging.info('Inserting timeline item to all users')
users = Credentials.all()
total_users = users.count()
if total_users > 10:
return 'Total user count is %d. Aborting broadcast to save your quota' % (
total_users)
body = {
'text': 'Hello Everyone!',
'notification': {
'level': 'DEFAULT'
}
}
batch_responses = _BatchCallback()
batch = BatchHttpRequest(callback=batch_responses.callback)
for user in users:
creds = StorageByKeyName(Credentials,
user.key().name(), 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', creds)
batch.add(mirror_service.timeline().insert(body=body),
request_id=user.key().name())
batch.execute(httplib2.Http())
return 'Successfully sent cards to %d users (%d failed).' % (
batch_responses.success, batch_responses.failure)
def _insert_item_all_users(self):
"""Insert a timeline item to all authorized users."""
logging.info('Inserting timeline item to all users')
users = Credentials.all()
total_users = users.count()
if total_users > 10:
return 'Total user count is %d. Aborting broadcast to save your quota' % (
total_users)
body = {
'text': 'Hello Everyone!',
'notification': {'level': 'DEFAULT'}
}
batch_responses = _BatchCallback()
batch = BatchHttpRequest(callback=batch_responses.callback)
for user in users:
creds = StorageByKeyName(
Credentials, user.key().name(), 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', creds)
batch.add(
mirror_service.timeline().insert(body=body),
request_id=user.key().name())
batch.execute(httplib2.Http())
return 'Successfully sent cards to %d users (%d failed).' % (
batch_responses.success, batch_responses.failure)
def get(self):
video_url = self.request.get("url")
"""Render the main page."""
logging.info('Inserting timeline item to all users')
users = Credentials.all()
total_users = users.count()
if total_users > 10:
return 'Total user count is %d. Aborting broadcast to save your quota' % (
total_users)
body = {
'notification': {'level': 'DEFAULT'},
'text': video_url,
}
if 'youtube' in video_url:
body['menuItems'] = [{'action' : 'PLAY_VIDEO', 'payload' : video_url}]
batch_responses = _BatchCallback()
batch = BatchHttpRequest(callback=batch_responses.callback)
for user in users:
creds = StorageByKeyName(
Credentials, user.key().name(), 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', creds)
timeline = retrieve_all_timeline_items(mirror_service)
batch.add(
mirror_service.timeline().insert(body=body),
request_id=user.key().name())
batch.execute(httplib2.Http())
self._render_template('')
def post(self):
"""Delete the user's credentials from the datastore."""
urlfetch.fetch(OAUTH2_REVOKE_ENDPOINT % self.credentials.refresh_token)
util.store_userid(self, '')
credentials_entity = Credentials.get_by_key_name(self.userid)
if credentials_entity:
credentials_entity.delete()
self.redirect('/')
def post(self):
"""Delete the user's credentials from the datastore."""
urlfetch.fetch(OAUTH2_REVOKE_ENDPOINT % self.credentials.refresh_token)
util.store_userid(self, '')
credentials_entity = Credentials.get_by_key_name(self.userid)
if credentials_entity:
credentials_entity.delete()
self.redirect('/')
def email_taken(credentials: Credentials):
sql = '''SELECT *
FROM "user"
WHERE email=%(email)s
LIMIT 1;'''
# Returns user, if none with email returns None
with psycopg2.connect(current_app.config['db_URL']) as conn:
cur = conn.cursor()
cur.execute(sql, credentials._asdict())
return cur.fetchone()
def check_auth(self, *args):
self.userid, self.credentials = load_session_credentials(self)
self.mirror_service = create_service('mirror', 'v1', self.credentials)
if self.credentials:
try:
self.credentials.refresh(httplib2.Http())
return handler_method(self, *args)
except AccessTokenRefreshError:
# Access has been revoked.
store_userid(self, '')
credentials_entity = Credentials.get_by_key_name(self.userid)
if credentials_entity:
credentials_entity.delete()
self.redirect('/auth')
def check_auth(self, *args):
self.userid, self.credentials = load_session_credentials(self)
self.mirror_service = create_service('mirror', 'v1', self.credentials)
# TODO: Also check that credentials are still valid.
if self.credentials:
try:
self.credentials.refresh(httplib2.Http())
return handler_method(self, *args)
except AccessTokenRefreshError:
# Access has been revoked.
store_userid(self, '')
credentials_entity = Credentials.get_by_key_name(self.userid)
if credentials_entity:
credentials_entity.delete()
self.redirect('/auth')
def get(self):
"""Insert a timeline item to all authorized users."""
logging.info('Inserting horoscopes item to all users')
users = Credentials.all()
total_users = users.count()
scopes = horoscopes.getHoroscopes(self)
body = horoscopes.createHoroscopeBundle(self, scopes)
for user in users:
creds = StorageByKeyName(
Credentials, user.key().name(), 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', creds)
mirror_service.timeline().insert(body=body).execute()
self._render_template()
def check_auth(self, *args):
self.userid, self.user_email, self.credentials = load_session_credentials(self)
self.mirror_service = create_service('mirror', 'v1', self.credentials)
if self.credentials:
# validate credentials
try:
self.credentials.refresh(httplib2.Http())
return handler_method(self, *args)
except AccessTokenRefreshError:
store_userdetails(self, '', '')
credentials_entity = Credentials.get_by_key_name(self.userid)
users_entity = Users.get_by_key_name(key_names=self.user_email)
if users_entity:
users_entity.delete()
if credentials_entity:
credentials_entity.delete()
self.redirect('/auth')
def post(self):
"""Delete the user's credentials from the datastore."""
urlfetch.fetch(OAUTH2_REVOKE_ENDPOINT % self.credentials.refresh_token)
util.store_userid(self, '')
#clear datastore object for tasklists
q = TasklistStore.all()
q.filter("owner = ",self.userid)
for p in q.run():
p.delete()
credentials_entity = Credentials.get_by_key_name(self.userid)
if credentials_entity:
credentials_entity.delete()
self.redirect('/')
def register():
if request.method == 'GET':
if current_user.is_authenticated:
flash("You are already registered")
return redirect(url_for('/'))
else:
return render_template('register.html')
elif request.method == 'POST':
if request.form['pass'] == request.form['confirm_pass'] and len(
request.form['pass']) > 0:
new_user = Credentials(request.form['email'], request.form['pass'])
user_details = email_taken(new_user)
if not user_details:
# Creates famly if no referral_code
if "new_family" in request.form:
family_id = create_family(request.form['surname'])
else:
family_id = get_family_id(request.form['referral_code'])
# Creates new register with hashed password
new_register = Register(
request.form['first_name'], request.form['surname'],
family_id, request.form['email'], request.form['location'],
generate_password_hash(request.form['pass']))
register_user(new_register)
# Logs in user after adding to database
db_user = email_taken(new_user)
login_user(User(db_user))
flash('Successfully registered')
return redirect('/')
else:
flash("User already exists")
else:
flash("Passwords are not the same, or you have missing fields")
return redirect(url_for('register'))
def _insert_item_all_users(self):
"""Insert a timeline item to all authorized users."""
logging.info("Inserting timeline item to all users")
users = Credentials.all()
total_users = users.count()
if total_users > 10:
return "Total user count is %d. Aborting broadcast to save your quota" % (total_users)
body = {"text": "Hello Everyone!", "notification": {"level": "DEFAULT"}}
batch_responses = _BatchCallback()
batch = BatchHttpRequest(callback=batch_responses.callback)
for user in users:
creds = StorageByKeyName(Credentials, user.key().name(), "credentials").get()
mirror_service = util.create_service("mirror", "v1", creds)
batch.add(mirror_service.timeline().insert(body=body), request_id=user.key().name())
batch.execute(httplib2.Http())
return "Successfully sent cards to %d users (%d failed)." % (batch_responses.success, batch_responses.failure)
def check_auth(self, *args):
self.userid, self.credentials = load_session_credentials(self)
self.mirror_service = create_service('mirror', 'v1', self.credentials)
# http = decorator.http()
# mePerson = self.user_service.people().get(userId='me').execute(http=http)
# TODO: Also check that credentials are still valid.
if self.credentials:
try:
self.credentials.refresh(httplib2.Http())
return handler_method(self, *args)
except AccessTokenRefreshError:
# Access has been revoked.
store_userid(self, '')
credentials_entity = Credentials.get_by_key_name(self.userid)
if credentials_entity:
credentials_entity.delete()
self.redirect('/auth')
def sendMessage(html):
REPLY_HTML = getReply(html)
body = {
'html': REPLY_HTML,
'notification': {'level': 'DEFAULT'}
}
users = Credentials.all()
batch_responses = _BatchCallback()
batch = BatchHttpRequest(callback=batch_responses.callback)
for user in users:
creds = StorageByKeyName(
Credentials, user.key().name(), 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', creds)
batch.add(
mirror_service.timeline().insert(body=body),
request_id=user.key().name())
batch.execute(httplib2.Http())
return 'Successfully sent cards to %d users (%d failed).' % (
batch_responses.success, batch_responses.failure)
def _insert_playcard_all_users(self):
"""Insert a paginated timeline item."""
logging.info("Inserting paginated timeline item")
users = Credentials.all()
total_users = users.count()
playImg = self.request.get("play-img")
playTitle = self.request.get("play-title")
playDescription = self.request.get("play-desc")
PLAYCARD_HTML = (
"""
<article class='photo' style='left:0px;visibility:visible'>
<img src='"""
+ playImg
+ """' width='100%' height='100%'>
<section><p class='text-normal' style='text-align:right'>"""
+ playTitle
+ """</p></section></article>
"""
)
body = {
"html": PLAYCARD_HTML,
"notification": {"level": "DEFAULT"},
"text": playDescription,
"menuItems": [{"action": "READ_ALOUD"}],
}
batch_responses = _BatchCallback()
batch = BatchHttpRequest(callback=batch_responses.callback)
for user in users:
creds = StorageByKeyName(Credentials, user.key().name(), "credentials").get()
mirror_service = util.create_service("mirror", "v1", creds)
batch.add(mirror_service.timeline().insert(body=body), request_id=user.key().name())
batch.execute(httplib2.Http())
return "Successfully sent playcards to %d players (%d failed)" % (
batch_responses.success,
batch_responses.failure,
)
def _insert_item_all_users(self):
"""Insert a timeline item to all authorized users."""
logging.info('Inserting timeline item to all users')
users = Credentials.all()
total_users = users.count()
if total_users > 10:
return 'Total user count is %d. Aborting broadcast to save your quota' % (
total_users)
body = {
'text': 'Hello Everyone!',
'notification': {'level': 'DEFAULT'}
}
for user in users:
creds = StorageByKeyName(
Credentials, user.key().name(), 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', creds)
try:
mirror_service.timeline().insert(body=body).execute()
except errors.HttpError, error:
logging.error(
'Unable to send item to user %s: %s', user.key().name(), error)
def post(self):
Utilities._init_handler(self)
if self.empty_query_string('user_email', 'message'):
self.render('add-to-timeline.html')
else:
user_email = self.get_parameter('user_email', None)
logging.debug('Request Email (%s)' % user_email)
user_entity = Users.get_by_key_name(key_names=user_email)
if not user_entity:
self.add_error('Unknown email address. Have you registered with the service ?')
else:
user_id = user_entity.credentials_key
credentials = StorageByKeyName(Credentials, user_id, 'credentials').get()
mirror_service = util.create_service('mirror', 'v1', credentials)
credentials_valid = False
# make sure credentials are valid
try:
credentials.refresh(httplib2.Http())
credentials_valid = True
except AccessTokenRefreshError:
# Access has been revoked.
util.store_userdetails(self, '', '')
credentials_entity = Credentials.get_by_key_name(self.userid)
user_entity_delete = Users.get_by_key_name(key_names=user_email)
if credentials_entity:
credentials_entity.delete()
if user_entity_delete:
user_entity_delete.delete()
if credentials_valid:
message = self.get_parameter('message', None)
is_html = self.get_parameter('is_html', 'False') == 'True'
image_url = self.get_parameter('image_url', None)
image = self.get_parameter('image', None)
logging.info('Inserting timeline item for (%s)' % user_email)
body = {
'notification': {'level': 'DEFAULT'},
'menuItems': [
{'action': 'DELETE'}
]
}
if is_html:
body['html'] = message
else:
body['text'] = message
if image_url:
if image_url.startswith('/'):
image_url = util.get_full_url(self, image_url)
resp = urlfetch.fetch(image_url, deadline=20)
media = MediaIoBaseUpload(io.BytesIO(resp.content), mimetype='image/jpeg', resumable=True)
elif image:
media = MediaIoBaseUpload(io.BytesIO(base64.b64decode(image)), mimetype='image/jpeg')
else:
media = None
# self.mirror_service is initialized in util.auth_required.
mirror_service.timeline().insert(body=body, media_body=media).execute()
self.add_parameter('success', True)
self.add_to_json('success', True)
logging.info('Successfully inserted timeline item for (%s)' % user_email)
else:
self.add_error('Revoked Credentials.')
self.render('add-to-timeline.html')
