def token():
post_data = get_post_data()
is_invalid, error_message = _is_invalid_data(post_data)
if is_invalid:
abort(400, {'error': error_message })
app = ClientApplication.find_by_credentials(post_data['client_key'], post_data['client_secret'])
if app is None:
abort(400, {'error': APP_NOT_FOUND })
allowed_grant_types = app.grant_type.split(',')
if post_data['grant_type'] not in allowed_grant_types:
abort(400, {'error': GRANT_TYPE_NOT_ALLOWED })
today = datetime.datetime.now()
expires_at = today + datetime.timedelta(days=1)
a = AccessToken()
a.client_application = app.key
a.expires_at = expires_at
a.token = ah.generate_random_string()
a.token_type = post_data['grant_type']
if post_data['lead_token']:
a.lead_token = post_data['lead_token']
a.put()
time.sleep(1)
return jsonify(data=a.to_json()), 201
