def _get_auth_token(self): """Get AuthorizationToken. Actually gets the authorization token and secret from the service. The token and secret are stored in our database, and the auth token is returned. """ response = self.make_request(self.request_url) result = self._extract_credentials(response) auth_token = result["token"] auth_secret = result["secret"] # Save the auth token and secret in our database. auth = AuthToken(service=self.service_name, token=auth_token, secret=auth_secret) auth.put() # Add the secret to memcache as well. memcache.set(self._get_memcache_auth_key(auth_token), auth_secret, time=20*60) return auth_token
def post(self): self.response.headers['Content-Type'] = 'application/json' login_data = json.loads(self.request.body) username = login_data.get('username') password = login_data.get('password') account = Account.query(Account.username == username, Account.password == password).get() if account: self.session['auth'] = uuid.uuid1().hex token = AuthToken.query(AuthToken.account == account.key, ancestor=account.key).get() if token: token.token = self.session['auth'] else: token = AuthToken(account=account.key, token=self.session['auth'], parent=account.key) token.put() result = {'auth': token.token, 'account_id': account.key.id(), 'username': account.username} self.response.out.write(json.dumps(result)) else: result = {'error': 'Invalid credentials', 'message': 'Invalid credentials'} self.response.set_status(401, json.dumps(result)) self.response.out.write(json.dumps(result))