def authorized(resp):
if resp is None:
flash( 'Access denied: reason=%s error=%s' % (
request.args['error_reason'],
request.args['error_description']), 'error')
return redirect(url_for('login'))
flash('Logged In.', 'welcome')
app.logger.info( str(resp) )
session['google_token'] = (resp['access_token'], '')
session['id_token'] = resp['id_token']
future = datetime.datetime.now() + datetime.timedelta(seconds=int(resp['expires_in']))
session['expires'] = future.strftime("%s")
if 'refresh_token' in resp:
session['refresh_token'] = resp['refresh_token']
me = google.get('userinfo')
me.data['google_token'] = session['google_token']
app.logger.info(me.data)
app.logger.info(me.data['id'])
session['user_data'] = { 'name': me.data['name'],
'id': u_man.hash_id( me.data['id'] ),
'email':me.data['email'],
'picture':me.data['picture']}
session['user_data']['registered'] = u_man.user_registered(session['user_data']['id'])
session['user_data']['active'] = u_man.user_active(session['user_data']['id'])
if session['user_data']['registered'] and not session['user_data']['active']:
flash("You are registered but not active.", 'info')
app.logger.debug(str(me.data))
return redirect(url_for('index'))
def refresh_token():
from tcdiracweb.views import google
expires = 0
if 'expires' in session:
expires = int(session['expires']) - int(datetime.datetime.now().strftime("%s"))
app.logger.info( 'session expires %i sec' % expires )
if expires < 10*60 and 'refresh_token' in session:#expires within 10 minutes
url = 'https://accounts.google.com/o/oauth2/token'
request = {'refresh_token': session['refresh_token'],
'client_id' :app.config.get('GOOGLE_ID'),
'client_secret': app.config.get('GOOGLE_SECRET'),
'grant_type':'refresh_token'}
data = urllib.urlencode(request)
app.logger.info(data)
req = urllib2.Request(url, data)
response = urllib2.urlopen(req)
app.logger.info( response )
the_page = response.read()
resp = json.loads(the_page)
app.logger.info(the_page)
session.pop('google_token', None)
session.pop('id_token', None)
session.pop('user_data', None)
session['google_token'] = (resp['access_token'], '')
session['id_token'] = resp['id_token']
future = datetime.datetime.now() + datetime.timedelta(seconds=int(resp['expires_in']))
session['expires'] = future.strftime("%s")
me = google.get('userinfo')
session['user_data'] = { 'name': me.data['name'],
'id': u_man.hash_id( me.data['id'] ),
'email':me.data['email'],
'picture':me.data['picture']}
session['user_data']['registered'] = u_man.user_registered(session['user_data']['id'])
session['user_data']['active'] = u_man.user_active(session['user_data']['id'])
def decorated_function( *args, **kwargs ):
status = 401
refresh_token()
msg = {'status':'error',
'data' : '',
'message' : 'Authentication Error. Please login' }
error = False
app.logger.debug("Session: %r" %session)
if 'user_data' not in session:
app.logger.warning('session missing user_data')
app.logger.warning('%r' % session)
error = True
elif u_man.user_registered(session['user_data']['id']):
if u_man.user_active(session['user_data']['id']):
if check_id():
return f(*args, **kwargs)
else:
app.logger.warning('check_id failed')
app.logger.warning('%r' %session )
error = True
else:
error = True
msg['message'] = 'User not active. Contact [email protected]' +\
' to activate.'
else:
msg['message'] = 'User Not Registered'
flash('Not Registered. Click Register.')
error = True
if error:
return Response( json.dumps( msg ), mimetype='application/json',
status = status )
def decorated_function( *args, **kwargs ):
refresh_token()
if 'user_data' not in session:
flash('Credentials corrupted', 'error')
app.logger.warning('session missing user_data')
app.logger.warning('%r' % session)
return redirect(url_for('logout'))
if u_man.user_registered(session['user_data']['id']):
if u_man.user_active(session['user_data']['id']):
if check_id():
return f(*args, **kwargs)
else:
app.logger.warning('check_id failed')
app.logger.warning('%r' %session )
flash('Credentials corrupted', 'error')
return redirect(url_for('logout'))
else:
flash(('User not active. Contact [email protected]'
' to activate.'), 'warning')
else:
flash('Not Registered. Click Register.')
return redirect(url_for('login'))