def authenticate():
url = request.values['url']
redir = request.values['redirect']
if request.method == 'GET':
auth = Auth.get_by_user_and_url(g.user.id, url)
if auth:
redir = '%s?token=%s' % (redir, auth.token)
return redirect(redir)
return render_template('/authenticate.html', url=url, redir=redir)
if request.form.get('agree', ''):
auth = Auth.get_or_create(g.user.id, url)
if auth:
redir = '%s?token=%s' % (redir, auth.token)
return redirect(redir)
def delete_auth():
auth_id = request.form['auth_id']
auth = Auth.get(auth_id)
if not auth:
return jsonify({'message': 'not found'}), 404
if not auth.user_id == g.user.id:
return jsonify({'message': 'not allowed'}), 403
auth.delete()
return jsonify({'message': 'ok'}), 200
def get_profile():
token = request.values.get('token', '')
if not token:
token = request.headers.get('X-Neptulon-Token', '')
auth = Auth.get_by_token(token)
if not auth:
return jsonify({}), 404
return jsonify(auth.user.to_dict()), 200