def auth(request): key = None date = None message = None try: api_key = ApiKey.objects.get(user=request.user) except ApiKey.DoesNotExist: api_key = None if request.method == 'POST': try: action = request.POST['action'] if action == 'delete' and api_key: api_key.delete() api_key = None message = 'The API key was successfully deleted.' elif action == 'generate': if not api_key: api_key = ApiKey.objects.create(user=request.user) else: api_key.key = ApiKey.generate_key(api_key) message = 'The API key was successfully generated.' except MultiValueDictKeyError: pass if api_key: key = api_key.key date = api_key.created return render_to_response('server/auth.html',{'logged': True, 'key': key, 'date': date, 'message': message}, context_instance=RequestContext(request))
def handle(self, *args, **options): self.options = options if len(args) < 1 or len(args) > 1: print >>sys.stderr, "takes one argument: %s" % self.args return user = args[0] u = None try: u = User.objects.get(username=user) print 'User {0} exists'.format(user) except User.DoesNotExist: print 'User {0} does not exist - creating'.format(user) u = User(username=user, is_staff=True) u.save() try: key = ApiKey.objects.get(user=u) print 'User {0} already has api key, skipping creation'.format(user) except ApiKey.DoesNotExist: print 'User {0} does not have an api key - creating'.format(user) u_apikey = ApiKey(user=u) u_apikey.key = u_apikey.generate_key() u_apikey.save() u.save() key = ApiKey.objects.get(user=u) print 'Key: {0}'.format(key)
def twitter_login_callback(self, request=None, **kwargs): ''' when we have the oauth verifier then send it through this api ''' #get the params twitter need post = simplejson.loads(request.body) twitter_key = settings.TWITTER_KEY twitter_secret = settings.TWITTER_SECRET oauth_token = request.session.get('OAUTH_TOKEN', '') oauth_token_secret = request.session.get('OAUTH_TOKEN_SECRET', '') oauth_verifier = post.get('oauth_verifier', '') #get the params from the login twitter = Twython(twitter_key, twitter_secret,oauth_token, oauth_token_secret) final_step = twitter.get_authorized_tokens(oauth_verifier) user_oauth_token = final_step['oauth_token'] user_oauth_token_secret = final_step['oauth_token_secret'] #find existing user or create a new one try: userprofile = UserProfile.objects.get(twitter_oauth_token=user_oauth_token, twitter_oauth_token_secret=user_oauth_token_secret) user = userprofile.user except: #create a user and user profile api_key = ApiKey() username = api_key.generate_key()[0:30] password = api_key.generate_key()[0:30] user = User() user.username = username user.is_active = True user.password = password user.save() userprofile = user.profile userprofile.twitter_oauth_token = user_oauth_token userprofile.twitter_oauth_token_secret = user_oauth_token_secret userprofile.save() #delete all the old api keys api_keys = ApiKey.objects.filter(user=user) api_keys.delete() #create a new api key api_key, created = ApiKey.objects.get_or_create(user=user) api_key.save() #store the keys in the session request.session['api_key'] = api_key.key request.session['username'] = user.username ur = UserProfileResource() ur_bundle = ur.build_bundle(obj=user.profile, request=request) return self.create_response(request, { 'is_logged_in': True, 'message': 'The user is logged in', 'username': user.username, 'api_key': api_key.key, 'user_profile': json.loads(ur.serialize(None, ur.full_dehydrate(ur_bundle), 'application/json')) })
class PSAPIBaseTest(ResourceTestCase): fixtures = ['perfsonar_api_metadata.json'] def setUp(self): super(PSAPIBaseTest, self).setUp() #create user credentials self.noperms_user = User(username="******", is_staff=True) self.noperms_user.save() self.noperms_apikey = ApiKey(user=self.noperms_user) self.noperms_apikey.key = self.noperms_apikey.generate_key() self.noperms_apikey.save() self.admin_user = User(username="******", is_staff=True) self.admin_user.save() for model_name in ['psmetadata', 'pspointtopointsubject', 'pseventtypes', 'psmetadataparameters']: for perm_name in ['add', 'change', 'delete']: perm = Permission.objects.get(codename='{0}_{1}'.format(perm_name, model_name)) self.admin_user.user_permissions.add(perm) #Add timeseries permissions for perm_name in ['add', 'change', 'delete']: perm = Permission.objects.get(codename='esmond_api.{0}_timeseries'.format(perm_name)) self.admin_user.user_permissions.add(perm) self.admin_user.save() self.admin_apikey = ApiKey(user=self.admin_user) self.admin_apikey.key = self.admin_apikey.generate_key() self.admin_apikey.save() def create_noperms_credentials(self): return self.create_apikey(self.noperms_user.username, self.noperms_apikey.key) def create_admin_credentials(self): return self.create_apikey(self.admin_user.username, self.admin_apikey.key) def assertExpectedResponse(self, expected, url, get_params={}): response = self.client.get(url, get_params) self.assertHttpOK(response) data = json.loads(response.content) self.assertEquals(expected, data)
def fb_login(self, request=None, **kwargs): ''' will login the user using facebook ''' #get the params post = simplejson.loads(request.body) access_token = post.get('access_token') signed_request = post.get('signed_request') #get the email of the user fb_decode = fb_request_decode(signed_request) fb_user_id = fb_decode['fb_data']['user_id'] facebook=fb.graph.api(access_token) object=facebook.get_object(cat="single", id=fb_user_id, fields=[ ] ) email = object['email'] #find the user try: user = User.objects.get(email=email) except: #create the user object api_key = ApiKey() username = api_key.generate_key()[0:30] password = api_key.generate_key()[0:30] user = User() user.username = username user.email = email user.is_active = True user.password = password user.save() #delete all the old api keys api_keys = ApiKey.objects.filter(user=user) api_keys.delete() #create a new api key api_key, created = ApiKey.objects.get_or_create(user=user) api_key.save() ur = UserProfileResource() ur_bundle = ur.build_bundle(obj=user.profile, request=request) return self.create_response(request, { 'is_logged_in': True, 'message': 'The user is logged in', 'api_key': api_key.key, 'username': user.username, 'user_profile': json.loads(ur.serialize(None, ur.full_dehydrate(ur_bundle), 'application/json')) })
def handle(self, *args, **options): self.options = options if len(args) < 1 or len(args) > 1: print >>sys.stderr, "takes one argument: %s" % self.args return user = args[0] u = None try: u = User.objects.get(username=user) print 'User {0} exists'.format(user) except User.DoesNotExist: print 'User {0} does not exist - creating'.format(user) u = User(username=user, is_staff=True) u.save() print 'Setting metadata POST permissions.' for model_name in ['psmetadata', 'pspointtopointsubject', 'pseventtypes', 'psmetadataparameters']: for perm_name in ['add', 'change', 'delete']: perm = Permission.objects.get(codename='{0}_{1}'.format(perm_name, model_name)) print perm u.user_permissions.add(perm) u.save() try: key = ApiKey.objects.get(user=u) print 'User {0} already has api key, skipping creation'.format(user) except ApiKey.DoesNotExist: print 'User {0} does not have an api key - creating'.format(user) u_apikey = ApiKey(user=u) u_apikey.key = u_apikey.generate_key() u_apikey.save() u.save() key = ApiKey.objects.get(user=u) print 'Key: {0}'.format(key)
def handle(self, *args, **options): self.options = options if len(args) < 1 or len(args) > 1: print >>sys.stderr, "takes one argument: %s" % self.args return user = args[0] u = None try: u = User.objects.get(username=user) print 'User {0} exists'.format(user) except User.DoesNotExist: print 'User {0} does not exist - creating'.format(user) u = User(username=user, is_staff=True) u.save() print 'Setting timeseries permissions.' for resource in ['timeseries']: for perm_name in ['view', 'add', 'change', 'delete']: perm = Permission.objects.get( codename="esmond_api.{0}_{1}".format(perm_name, resource)) u.user_permissions.add(perm) u.save() try: key = ApiKey.objects.get(user=u) print 'User {0} already has api key, skipping creation'.format(user) except ApiKey.DoesNotExist: print 'User {0} does not have an api key - creating'.format(user) u_apikey = ApiKey(user=u) u_apikey.key = u_apikey.generate_key() u_apikey.save() u.save() key = ApiKey.objects.get(user=u) print 'Key: {0}'.format(key)
def register(self, request=None, **kwargs): ''' will try and register the user we expect here an email and a password sent as post params @return: 201 if user is created 500 failed to send emails 409 conflict with existing account ''' #get params post = simplejson.loads(request.body) password = post.get('password') email = post.get('email') #create the username api_key = ApiKey() username = api_key.generate_key()[0:30] #set the request post to contain email password and username post_values = {} post_values['username'] = username post_values['password1'] = password post_values['password2'] = password post_values['email'] = email #is the email already exists? try: user = User.objects.get(email=email) return self.create_response(request, { 'success': False, 'message': 'User with this mail address already exists', }, HttpConflict ) except: pass #validation success user_form = UserCreateForm(post_values) if user_form.is_valid(): #create the user username = user_form.clean_username() password = user_form.clean_password2() user_form.save() user = authenticate(username=username, password=password) login(request, user) #creathe the email hash email_hash = api_key.generate_key() user_profile = user.profile user_profile.email_hash = email_hash user_profile.save() #send the verification mail if is_send_grid(): user.is_active = False user.save() t = get_template('emails/verify_email_mail.html') html = t.render(Context({'hash': user_profile.email_hash, 'url': os.environ['CLIENT_SITE_URL'] + '#/verify-email/', 'email': email})) text_content = strip_tags(html) msg = EmailMultiAlternatives('Nerdeez account activation', text_content, settings.FROM_EMAIL_ADDRESS, [email]) msg.attach_alternative(html, "text/html") try: msg.send() except SMTPSenderRefused, e: return self.create_response(request, { 'success': False, 'message': 'Failed to send activation mail', }, HttpApplicationError ) #return the status code return self.create_response(request, { 'success': True, 'message': 'Successfully created the account, Verification mail was sent to your mail address', }, HttpCreated )