def login(): if request.method == 'POST': name = request.args.get("name","") email = request.args.get("email","") logging.info("name " + name +" email " + email) account = Account.query(Account.email == email).get() #create a state string state = '' for x in xrange(32): state+= random.choice(string.ascii_uppercase + string.digits) session['state'] = state storeToken = request.args.get("storeToken","") #verify store token with google servers try: oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(storeToken) except FlowExchangeError: logging.info("error with Oauth") return page_not_found(404) # once store token verified send a request for credential for gplus access_token = credentials.access_token logging.info(access_token) url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s"% access_token) h = httplib2.Http() result = json.loads(h.request(url,'GET')[1]) gplus_id = credentials.id_token['sub'] stored_credentials = session.get('credentials') stored_gplus_id = session.get('gplus_id') if account is not None: logging.info("User already logged in") account = Account.query(Account.email == email).get() account.loggedIn = True account.put() session['credentials'] = credentials session['gplus_id'] = gplus_id session['username'] = account.name session['userId'] = account.key.integer_id() session['loggedIn'] = True else: logging.info("first time logging in") session['credentials'] = credentials session['gplus_id'] = gplus_id session['username'] = name account = Account(name=name,email=email,gplusId=gplus_id,accessToken = access_token,loggedIn=True) key = account.put() session['userId'] = key.integer_id() session['loggedIn'] = True return '200' if request.method == 'GET': return page_not_found(404)
def api_login(): logging.info("api_login Type " + request.method) if request.method == 'POST': name = request.args.get("name", "") email = request.args.get("email", "") # once store token verified send a request for credential for gplus access_token = request.args.get("oauth", "") gplus_id = request.args.get("gplusid", "") #check for valid arguments if name == "" or email == "" or access_token == "" or gplus_id == "": return json_response(code=400) url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s" % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) query = Account.query(Account.email == email) account = query.get() if query.count() != 0: key = account.key return json_success({"uuid": key.integer_id()}) session['gplus_id'] = gplus_id session['username'] = name account = Account(name=name, email=email, gplusId=gplus_id, accessToken=access_token, loggedIn=True) key = account.put() session['userId'] = key.integer_id() return json_success({"uuid": key.integer_id()})
def api_login(): logging.info("api_login Type "+ request.method) if request.method == 'POST': name = request.args.get("name","") email = request.args.get("email","") # once store token verified send a request for credential for gplus access_token = request.args.get("oauth","") gplus_id = request.args.get("gplusid","") #check for valid arguments if name == "" or email == "" or access_token == "" or gplus_id == "": return json_response(code=400) url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s"% access_token) h = httplib2.Http() result = json.loads(h.request(url,'GET')[1]) query = Account.query(Account.email == email) account = query.get() if query.count() != 0: key = account.key return json_success({"uuid":key.integer_id() }) session['gplus_id'] = gplus_id session['username'] = name account = Account(name=name,email=email,gplusId=gplus_id,accessToken=access_token,loggedIn=True) key = account.put() session['userId'] = key.integer_id() return json_success({"uuid":key.integer_id()})
def api_login(): logging.info("api_login Type "+ request.method) if request.method == 'POST': name = request.args.get("name","") email = request.args.get("email","") logging.info("name " + name +" email " + email) # once store token verified send a request for credential for gplus access_token = request.args.get("storeToken","") gplus_id = request.args.get("id","") logging.info(access_token) url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s"% access_token) h = httplib2.Http() result = json.loads(h.request(url,'GET')[1]) query = Account.query(Account.email == email) account = query.get() if query.count() != 0: logging.info("Account Already Exists") key = account.key return json_success({"uuid":key.integer_id() }) logging.info("first time logging in") session['gplus_id'] = gplus_id session['username'] = name account = Account(name=name,email=email,gplusId=gplus_id,accessToken=access_token,loggedIn=True) key = account.put() session['userId'] = key.integer_id() return json_success({"uuid":key.integer_id()}) if request.method == 'GET': return page_not_found(404)
def logout(): if request.method == 'POST': name = session['username'] account = Account.query(Account.name == name).get() account.loggedIn = False account.put() logging.info("session before " + str(len(session))) logging.info("session after " + str(len(session))) session['loggedIn'] = False logging.info("session set to loggedin = false") session.clear() return '200' if request.method == 'GET': return render_template('logout.html')
def logout(): if request.method == 'POST': name = session['username'] account = Account.query(Account.name == name).get() account.loggedIn = False account.put() logging.info("session before " + str(len(session))) logging.info("session after " + str(len(session))) session['loggedIn'] = False logging.info("session set to loggedin = false") session.clear() return '200' if request.method == 'GET': return render_template('logout.html')
def mapAdmin(mapid=-1, email=""): if mapid <= 0: return json_response(code=400) if email == "": return json_response(code=400) map = Map.get_by_id(mapid) if map is None: return json_response(code=400) adminAccount = Account.query(Account.email == email).get() if adminAccount is None: return json_response(code=400) userid = adminAccount.key.integer_id() if request.method == 'POST': if userid not in map.adminIds: map.adminIds.append(userid) map.put() else: return json_success(adminAccount.Get()) if mapid not in adminAccount.adminMaps: adminAccount.adminMaps.append(mapid) adminAccount.put() return json_success(adminAccount.Get()) if request.method == 'DELETE': logging.info("delete") if userid not in map.adminIds: return json_response(code=400) if mapid not in adminAccount.adminMaps: return json_response(code=400) if adminAccount.key.integer_id() == map.creatorId: return json_response(code=400) map.adminIds.remove(userid) adminAccount.adminMaps.remove(mapid) map.put() adminAccount.put() return json_response(code=200)
def mapAdmin(mapid=-1,email=""): if mapid <= 0: return json_response(code=400) if email == "": return json_response(code=400) map = Map.get_by_id(mapid) if map is None: return json_response(code=400) adminAccount = Account.query(Account.email == email).get() if adminAccount is None: return json_response(code=400) userid = adminAccount.key.integer_id() if request.method == 'POST': if userid not in map.adminIds: map.adminIds.append(userid) map.put() else: return json_success(adminAccount.Get()) if mapid not in adminAccount.adminMaps: adminAccount.adminMaps.append(mapid) adminAccount.put() return json_success(adminAccount.Get()) if request.method == 'DELETE': logging.info("delete") if userid not in map.adminIds: return json_response(code=400) if mapid not in adminAccount.adminMaps: return json_response(code=400) if adminAccount.key.integer_id() == map.creatorId: return json_response(code=400) map.adminIds.remove(userid) adminAccount.adminMaps.remove(mapid) map.put() adminAccount.put() return json_response(code=200)
def admin_add(mapId,email): if request.method == 'POST': logging.info("email="+email) user = session['username'] uid = session['userId'] map = Map.get_by_id(mapId) adminAccount = Account.query(Account.email == email).get() if adminAccount == None: return json_response(message="No Account with that email exists",code=400) adminId = adminAccount.key.integer_id() if adminId not in map.adminIds: map.adminIds.append(adminId) map.put() if mapId not in adminAccount.adminMaps: adminAccount.adminMaps.append(mapId) adminAccount.put() return '200'
def admin_add(mapId, email): if request.method == 'POST': logging.info("email=" + email) user = session['username'] uid = session['userId'] map = Map.get_by_id(mapId) adminAccount = Account.query(Account.email == email).get() if adminAccount == None: return json_response(message="No Account with that email exists", code=400) adminId = adminAccount.key.integer_id() if adminId not in map.adminIds: map.adminIds.append(adminId) map.put() if mapId not in adminAccount.adminMaps: adminAccount.adminMaps.append(mapId) adminAccount.put() return '200'
def api_login(): logging.info("api_login Type " + request.method) if request.method == 'POST': name = request.args.get("name", "") email = request.args.get("email", "") logging.info("name " + name + " email " + email) # once store token verified send a request for credential for gplus access_token = request.args.get("storeToken", "") gplus_id = request.args.get("id", "") logging.info(access_token) url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s" % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) query = Account.query(Account.email == email) account = query.get() if query.count() != 0: logging.info("Account Already Exists") key = account.key return json_success({"uuid": key.integer_id()}) logging.info("first time logging in") session['gplus_id'] = gplus_id session['username'] = name account = Account(name=name, email=email, gplusId=gplus_id, accessToken=access_token, loggedIn=True) key = account.put() session['userId'] = key.integer_id() return json_success({"uuid": key.integer_id()}) if request.method == 'GET': return page_not_found(404)
def login(): if request.method == 'POST': name = request.args.get("name", "") email = request.args.get("email", "") logging.info("name " + name + " email " + email) account = Account.query(Account.email == email).get() #create a state string state = '' for x in xrange(32): state += random.choice(string.ascii_uppercase + string.digits) session['state'] = state storeToken = request.args.get("storeToken", "") #verify store token with google servers try: oauth_flow = flow_from_clientsecrets('client_secrets.json', scope='') oauth_flow.redirect_uri = 'postmessage' credentials = oauth_flow.step2_exchange(storeToken) except FlowExchangeError: logging.info("error with Oauth") return page_not_found(404) # once store token verified send a request for credential for gplus access_token = credentials.access_token logging.info(access_token) url = ("https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s" % access_token) h = httplib2.Http() result = json.loads(h.request(url, 'GET')[1]) gplus_id = credentials.id_token['sub'] stored_credentials = session.get('credentials') stored_gplus_id = session.get('gplus_id') if account is not None: logging.info("User already logged in") account = Account.query(Account.email == email).get() account.loggedIn = True account.put() session['credentials'] = credentials session['gplus_id'] = gplus_id session['username'] = account.name session['userId'] = account.key.integer_id() session['loggedIn'] = True else: logging.info("first time logging in") session['credentials'] = credentials session['gplus_id'] = gplus_id session['username'] = name account = Account(name=name, email=email, gplusId=gplus_id, accessToken=access_token, loggedIn=True) key = account.put() session['userId'] = key.integer_id() session['loggedIn'] = True return '200' if request.method == 'GET': return page_not_found(404)