def authorized():
if request.method == 'POST':
token = AuthToken.objects.get(id=request.form['revoke'])
token.delete()
#todo: delete client if no outstanding tokens
tokens = AuthToken.objects()
return render_template('authorized.html', tokens=tokens)
def authorized():
if request.method == 'POST':
token = AuthToken.objects.get(id=request.form['revoke'])
token.delete()
#todo: delete client if no outstanding tokens
tokens = AuthToken.objects()
return render_template('authorized.html', tokens=tokens)
def save_token(token_data, request, *args, **kwargs):
client = load_client(request.client.client_id)
# make sure that every client has only one token
existing_tokens = AuthToken.objects(client=client)
for token in existing_tokens:
token.delete()
expires_in = token_data.pop('expires_in')
expires = datetime.utcnow() + timedelta(seconds=expires_in)
token = AuthToken()
token.access_token = token_data['access_token']
#token.refresh_token=token_data['refresh_token']
token.token_type = token_data['token_type']
token._scopes = urllib.unquote_plus(token_data['scope'])
token.expires = expires
token.client = client
token.save()
return token
def load_token(access_token=None, refresh_token=None):
if access_token:
return AuthToken.objects(access_token=access_token)[0]
elif refresh_token:
return AuthToken.objects(refresh_token=refresh_token)[0]
