def fblogin(): """This view handle the authentication and authorization with facebook""" # Validate state token if request.args.get('state') != login_session['state']: return respond('Invalid state parameter.', 401) token = request.data.decode() # Use token to get user info from API userinfo_url = "https://graph.facebook.com/v3.2/me" params = {"access_token": token, "fields": "name,id,email"} resp = requests.get(userinfo_url, params=params) assert resp.ok, resp.text facebook_info = resp.json() user = User.query.filter_by(email=facebook_info['email']).first() if not user: user = User(email=facebook_info['email'], username=facebook_info['name'], token=token, provider='facebook', provider_id=facebook_info['id']) db.session.add(user) db.session.commit() else: user.token = token db.session.add(user) db.session.commit() login_user(user) flash(f"you are now logged in as {current_user.username}") return redirect(url_for('index'))
def glogin(): """This view handle the authentication and authorization with google""" # Validate state token if request.args.get('state') != login_session['state']: return respond('Invalid state parameter.', 401) # Obtain authorization code code = request.data print(f'code: {code}') try: # Upgrade the authorization code into a credentials object oauth_flow = flow_from_clientsecrets(client_secrets, scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(code) except FlowExchangeError: return respond('Failed to upgrade the authorization code.', 401) # Check that the access token is valid. tokeninfo_url = 'https://www.googleapis.com/oauth2/v3/tokeninfo' params = {'access_token': credentials.access_token, 'alt': 'json'} resp = requests.get(tokeninfo_url, params=params) assert resp.ok, resp.text result = resp.json() # Verify that the access token is used for the intended user. if result['sub'] != credentials.id_token['sub']: return respond("Token's user ID doesn't match given user ID.", 401) # Verify that the access token is valid for this app. if result['azp'] != credentials.id_token['azp']: return respond("Token's client ID does not match app's.", 401) # Get user info userinfo_url = "https://www.googleapis.com/oauth2/v3/userinfo" params = {'access_token': credentials.access_token, 'alt': 'json'} resp = requests.get(userinfo_url, params=params) assert resp.ok, resp.text data = resp.json() user = User.query.filter_by(email=data.get('email')).first() if not user: user = User(email=data['email'], username=data['name'], token=credentials.access_token, provider='google', provider_id=result['azp']) db.session.add(user) db.session.commit() else: user.token = credentials.access_token db.session.add(user) db.session.commit() login_user(user) flash(f"you are now logged in as {current_user.username}") return redirect(url_for('index'))