def authorize(request): """ OAuth authorization. Exchange request token for an access token, login user and store token in user session. """ # request token request_token = request.session.get("request_token", None) if not request_token: return http.HttpResponse("No un-authed token cookie") del request.session["request_token"] # exchange request token for access token client = OAuthClient(request.application) client.set_token_from_string(request_token) verifier = request.GET.get("oauth_verifier") access_token = client.fetch_access_token(verifier=verifier) # authorize and login user from typepadapp.auth import authenticate, login authed_user = authenticate(oauth_client=client) login(request, authed_user) # store the token key / secret in the database so we can recover # it later if the session expires # store the token key / secret in the database so we can recover # it later if the session expires sst = request.GET["session_sync_token"] token = Token.get(sst) if token is None: token = Token() token.session_sync_token = sst token.key = access_token.key token.secret = access_token.secret token.save() created = True else: created = False if created: # this is a new user or at least a new session sync token signals.member_joined.send(sender=authorize, instance=authed_user, group=request.group, token=token) else: # update token with current access token token.key = access_token.key token.secret = access_token.secret token.save() # oauth token in authed user session request.session["oauth_token"] = token # go to the welcome url, next url, or home. abs_home_url = request.build_absolute_uri(HOME_URL) next_url = request.GET.get("next", abs_home_url) if settings.WELCOME_URL is not None: if not next_url or next_url == abs_home_url: next_url = settings.WELCOME_URL return http.HttpResponseRedirect(next_url)