def handle_third_party(self, request):
if third_party_settings.ACCESS_TOKEN_SESSION_KEY not in request.session:
return HANDLE_THIRD_PARTY_RESULT.NO_ACCESS_TOKEN
access_token_uid = request.session[
third_party_settings.ACCESS_TOKEN_SESSION_KEY]
cache_key = third_party_settings.ACCESS_TOKEN_CACHE_KEY % access_token_uid
cached_data = cache.get(cache_key)
if cached_data is None:
access_token = prototypes.AccessTokenPrototype.get_by_uid(
access_token_uid)
if access_token is None:
if request.user.is_authenticated():
accounts_logic.logout_user(request)
request.session[
third_party_settings.
ACCESS_TOKEN_SESSION_KEY] = access_token_uid
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_REJECTED__LOGOUT
else:
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_REJECTED
else:
cached_data = access_token.cache_data()
cache.set(cache_key, cached_data,
third_party_settings.ACCESS_TOKEN_CACHE_TIMEOUT)
account_id = cached_data['account_id']
if account_id is None:
if request.user.is_authenticated():
accounts_logic.logout_user(request)
# resave token, since it will be removed on logout
request.session[third_party_settings.
ACCESS_TOKEN_SESSION_KEY] = access_token_uid
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_NOT_ACCEPTED_YET
if not request.user.is_authenticated(
) or request.user.id != account_id:
account = AccountPrototype.get_by_id(account_id)
accounts_logic.force_login_user(request, account._model)
# resave token, since it will be removed on login
request.session[third_party_settings.
ACCESS_TOKEN_SESSION_KEY] = access_token_uid
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_ACCEPTED__USER_LOGED_IN
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_ACCEPTED
def handle_third_party(self, request):
if third_party_settings.ACCESS_TOKEN_SESSION_KEY not in request.session:
return HANDLE_THIRD_PARTY_RESULT.NO_ACCESS_TOKEN
access_token_uid = request.session[third_party_settings.ACCESS_TOKEN_SESSION_KEY]
cache_key = third_party_settings.ACCESS_TOKEN_CACHE_KEY % access_token_uid
cached_data = cache.get(cache_key)
if cached_data is None:
access_token = prototypes.AccessTokenPrototype.get_by_uid(access_token_uid)
if access_token is None:
if request.user.is_authenticated():
accounts_logic.logout_user(request)
request.session[third_party_settings.ACCESS_TOKEN_SESSION_KEY] = access_token_uid
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_REJECTED__LOGOUT
else:
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_REJECTED
else:
cached_data = access_token.cache_data()
cache.set(cache_key, cached_data, third_party_settings.ACCESS_TOKEN_CACHE_TIMEOUT)
account_id = cached_data['account_id']
if account_id is None:
if request.user.is_authenticated():
accounts_logic.logout_user(request)
# resave token, since it will be removed on logout
request.session[third_party_settings.ACCESS_TOKEN_SESSION_KEY] = access_token_uid
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_NOT_ACCEPTED_YET
if not request.user.is_authenticated() or request.user.id != account_id:
account = AccountPrototype.get_by_id(account_id)
accounts_logic.force_login_user(request, account._model)
# resave token, since it will be removed on login
request.session[third_party_settings.ACCESS_TOKEN_SESSION_KEY] = access_token_uid
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_ACCEPTED__USER_LOGED_IN
return HANDLE_THIRD_PARTY_RESULT.ACCESS_TOKEN_ACCEPTED
def processed_view(self, resource):
if resource.account.is_authenticated() and self.task.account.id != resource.account.id:
logic.logout_user(resource.request)
def processed_view(self, resource):
if resource.account.is_authenticated(
) and self.task.account.id != resource.account.id:
logic.logout_user(resource.request)