def _get_auth_token(self):
"""Get AuthorizationToken.
Actually gets the authorization token and secret from the service. The
token and secret are stored in our database, and the auth token is
returned.
"""
response = self.make_request(self.request_url)
result = self._extract_credentials(response)
auth_token = result["token"]
auth_secret = result["secret"]
# Save the auth token and secret in our database.
auth = AuthToken(service=self.service_name,
token=auth_token,
secret=auth_secret)
auth.put()
# Add the secret to memcache as well.
memcache.set(self._get_memcache_auth_key(auth_token), auth_secret,
time=20*60)
return auth_token
def post(self):
self.response.headers['Content-Type'] = 'application/json'
login_data = json.loads(self.request.body)
username = login_data.get('username')
password = login_data.get('password')
account = Account.query(Account.username == username, Account.password == password).get()
if account:
self.session['auth'] = uuid.uuid1().hex
token = AuthToken.query(AuthToken.account == account.key, ancestor=account.key).get()
if token:
token.token = self.session['auth']
else:
token = AuthToken(account=account.key, token=self.session['auth'], parent=account.key)
token.put()
result = {'auth': token.token, 'account_id': account.key.id(), 'username': account.username}
self.response.out.write(json.dumps(result))
else:
result = {'error': 'Invalid credentials', 'message': 'Invalid credentials'}
self.response.set_status(401, json.dumps(result))
self.response.out.write(json.dumps(result))
