def register(): """Register the user directly (not through a social account).""" if current_user.is_authenticated(): return redirect(url_for('mod_feed.index')) form = RegisterForm() if form.validate_on_submit(): # Register User into database user = User(email=form.email.data, password=form.password.data) db.session.add(user) db.session.commit() # Send email to confirm user token = user.generate_confirmation_token() send_email(user.email, 'Confirm your Account', 'auth/email/confirm', user=user, token=token) # Create a `Saved` magazine magazine = Magazine(name='Saved', public=False, user_id=user.id, removable=False) db.session.add(magazine) db.session.commit() user.saved_magazine = magazine.id flash('An activation email has been sent to your account') return redirect(url_for('mod_feed.index')) return render_template('auth/register.html', form=form)
def facebook_authorized(response): """Authorize the Facebook account. :param response: The response from Facebook """ next_url = request.args.get('next') or url_for('mod_feed.index') if not response: flash('You denied the request to sign in') return redirect(next_url) # Store the token so we can access it later from tokengetter session['facebook_access_token'] = (response['access_token'], '') fbme = facebook.get('/me') email = fbme.data['email'] # If the user is not registered, add him user = User.query.filter_by(email=email).first() if not user: user = User(email=email, register_with_provider=True, confirmed=True) db.session.add(user) db.session.commit() # In any case we update the authentication token in the db # If the user has revoked access we will have new token here connection = Connection.query.filter_by( user_id=user.id, provider_id=provider_id['FACEBOOK']).first() if not connection: connection = Connection( user_id=user.id, provider_id=provider_id['FACEBOOK'], provider_user_id=fbme.data['id'], display_name=fbme.data['name'], image_url='https://graph.facebook.com/%s/picture?type=large' % \ (fbme.data['id']), user=user) db.session.add(connection) connection.oauth_token = response['access_token'] # Create a `Saved` magazine if not Magazine.query.filter_by(name='Saved').first(): magazine = Magazine(name='Saved', public=False, user_id=user.id) db.session.add(magazine) db.session.commit() user.saved_magazine = magazine.id login_user(user) return redirect(next_url)
def google_authorized(response): """Authorize the Google account :param response: The response from Google's authorization service """ access_token = response['access_token'] session['google_token'] = (access_token, '') headers = {'Authorization': 'OAuth '+ access_token} req = Request('https://www.googleapis.com/oauth2/v1/userinfo', None, headers) try: res = urlopen(req) except URLError as err: if err.code == 401: # Unauthorized - bad token session.pop('google_token', None) flash('You denied the request to sign in') return redirect(url_for('mod_auth.login')) flash('Something bad happened when signing with Google') return redirect(url_for('mod_auth.login')) user_info = json.loads(res.read()) user = User.query.filter_by(email=user_info['email']).first() if not user: user = User(email=user_info['email'], register_with_provider=True, confirmed=True) db.session.add(user) db.session.commit() connection = Connection.query.filter_by( user_id=user.id, provider_id=provider_id['GOOGLE']).first() if not connection: connection = Connection( user_id=user.id, provider_id=provider_id['GOOGLE'], provider_user_id=user_info['id'], display_name=user_info['name'], image_url=user_info['picture'], user=user) connection.oauth_token = access_token db.session.add(connection) # Create a `Saved` magazine if not Magazine.query.filter_by(name='Saved').first(): magazine = Magazine(name='Saved', public=False, user_id=user.id) db.session.add(magazine) db.session.commit() user.saved_magazine = magazine.id login_user(user) return redirect(session.get('google_auth_next_url'))