def auth_social_user(request): body = JSONParser().parse(request) if 'recaptcha_token' in body and utils.verify_recaptcha( None, body['recaptcha_token'], 'signin') == ResponseCodes.verify_recaptcha_failed: return JsonResponse(create_response( data=None, success=False, error_code=ResponseCodes.verify_recaptcha_failed), safe=False) post_data = { 'client_id': body['client_id'], 'client_secret': body['client_secret'], 'grant_type': 'convert_token' } provider = body['provider'] post_data['backend'] = provider if provider == 'linkedin-oauth2': post_data['token'] = get_access_token_with_code(body['token']) else: post_data['token'] = body['token'] response = requests.post('http://localhost:8000/auth/convert-token', data=json.dumps(post_data), headers={'content-type': 'application/json'}) json_res = json.loads(response.text) log(json_res, 'e') if 'error' in json_res: success = False code = ResponseCodes.invalid_credentials else: success = True code = ResponseCodes.success user = AccessToken.objects.get(token=json_res['access_token']).user if 'first_name' in body: user.first_name = body['first_name'] if 'last_name' in body: user.first_name = body['last_name'] if 'photo_url' in body: utils.save_image_file_to_user(body['photo_url'], user) if 'user_type' in body: user.user_type = UserType.objects.get(pk=body['user_type']) elif user.user_type is None: user.user_type = UserType.objects.get(name__iexact='Undefined') user.signup_flow_completed = True json_res['user_type'] = UserTypeSerializer(instance=user.user_type, many=False).data json_res['signup_flow_completed'] = user.signup_flow_completed user.approved = True user.last_login = timezone.now() LoginLog.objects.create(user=user) user.save() if provider == 'google-oauth2': user.is_gmail_read_ok = True user.save() schedule_fetcher(user.id) return JsonResponse(create_response(data=json_res, success=success, error_code=code), safe=False)
def auth_social_user(request): body = JSONParser().parse(request) if 'recaptcha_token' in body and utils.verify_recaptcha( None, body['recaptcha_token'], 'signin') == ResponseCodes.verify_recaptcha_failed: return JsonResponse(create_response( data=None, success=False, error_code=ResponseCodes.verify_recaptcha_failed), safe=False) post_data = { 'client_id': body['client_id'], 'client_secret': body['client_secret'], 'grant_type': 'convert_token' } provider = body['provider'] post_data['backend'] = provider if provider == 'linkedin-oauth2': post_data['token'] = get_access_token_with_code(body['token']) else: post_data['token'] = body['token'] response = requests.post('http://localhost:8000/auth/convert-token', data=json.dumps(post_data), headers={'content-type': 'application/json'}) json_res = json.loads(response.text) log(json_res, 'e') if 'error' in json_res: success = False code = ResponseCodes.invalid_credentials else: success = True code = ResponseCodes.success user = AccessToken.objects.get(token=json_res['access_token']).user json_res['user_type'] = user.user_type user.save() user.approved = True user.save() if provider == 'google-oauth2': user.is_gmail_read_ok = True user.save() schedule_fetcher(user.id) return JsonResponse(create_response(data=json_res, success=success, error_code=code), safe=False)
def link_social_account(request): body = request.data if 'recaptcha_token' in body and utils.verify_recaptcha( None, body['recaptcha_token'], 'signin') == ResponseCodes.verify_recaptcha_failed: return JsonResponse(create_response( data=None, success=False, error_code=ResponseCodes.verify_recaptcha_failed), safe=False) post_data = { 'client_id': body['client_id'], 'client_secret': body['client_secret'], 'grant_type': 'convert_token' } provider = body['provider'] post_data['backend'] = provider if provider == 'linkedin-oauth2': if request.user.social_auth.filter( provider='linkedin-oauth2').count() == 0: post_data['token'] = get_access_token_with_code(body['token']) else: return JsonResponse(create_response( data=None, success=False, error_code=ResponseCodes.account_already_linked), safe=False) else: if request.user.social_auth.filter( provider='google-oauth2').count() == 0: post_data['token'] = body['token'] else: return JsonResponse(create_response( data=None, success=False, error_code=ResponseCodes.account_already_linked), safe=False) response = requests.post('http://localhost:8001/auth/convert-token', data=json.dumps(post_data), headers={'content-type': 'application/json'}) json_res = json.loads(response.text) log(json_res, 'e') if 'error' in json_res: success = False code = ResponseCodes.invalid_credentials else: social_user = UserSocialAuth.objects.get( extra_data__icontains=post_data['token']) if social_user.user.email != request.user.email: social_user.user.delete() social_user.user = request.user social_user.save() post_data = { 'token': json_res['access_token'], 'client_id': body['client_id'], 'client_secret': body['client_secret'] } headers = {'content-type': 'application/json'} response = requests.post('http://localhost:8001/auth/revoke-token', data=json.dumps(post_data), headers=headers) log(str(response), 'e') if provider == 'google-oauth2': request.user.is_gmail_read_ok = True request.user.save() return JsonResponse(create_response( data=ProfileSerializer(instance=request.user, many=False).data), safe=False) return JsonResponse(create_response(data=None, success=success, error_code=code), safe=False)
def register(request): # Get form values body = JSONParser().parse(request) if 'recaptcha_token' in body and utils.verify_recaptcha( None, body['recaptcha_token'], 'signup') == ResponseCodes.verify_recaptcha_failed: return JsonResponse(create_response( data=None, success=False, error_code=ResponseCodes.verify_recaptcha_failed), safe=False) first_name = '' last_name = '' linkedin_auth_code = None google_access_token = None if 'first_name' in body: first_name = body['first_name'] if 'last_name' in body: last_name = body['last_name'] if 'linkedin_auth_code' in body: linkedin_auth_code = body['linkedin_auth_code'] if 'google_access_token' in body: google_access_token = body['google_access_token'] user_type, new = UserType.objects.get_or_create(name__iexact='Employer') username = body['username'] email = body['email'] password = body['password'] password2 = body['password2'] if '@' in username: return JsonResponse(create_response( data=None, success=False, error_code=ResponseCodes.invalid_username), safe=False) # Check if passwords match if password == password2: # Check username if User.objects.filter(username__iexact=username).exists(): success = False code = ResponseCodes.username_exists else: if User.objects.filter(email__iexact=email).exists(): success = False code = ResponseCodes.email_exists else: # Looks good user = User.objects.create_user(username=username, password=password, email=email, first_name=first_name, user_type=user_type, last_name=last_name, approved=False, activation_key=None, key_expires=None) user.save() if linkedin_auth_code is None and google_access_token is None: activation_key, expiration_time = utils.generate_activation_key_and_expiredate( body['username']) user.activation_key = activation_key user.key_expires = expiration_time user.save() utils.send_email(user.email, activation_key, 'activate') post_data = { 'client_id': body['client_id'], 'client_secret': body['client_secret'], 'grant_type': 'password', 'username': username, 'password': password } response = requests.post( 'http://localhost:8001/auth/token', data=json.dumps(post_data), headers={'content-type': 'application/json'}) json_res = json.loads(response.text) if 'error' in json_res: success = False code = ResponseCodes.couldnt_login else: success = True code = ResponseCodes.success json_res['user_type'] = UserTypeSerializer( instance=user.user_type, many=False).data json_res[ 'signup_flow_completed'] = user.signup_flow_completed return JsonResponse(create_response(data=json_res, success=success, error_code=code), safe=False) else: post_data = { 'client_id': body['client_id'], 'client_secret': body['client_secret'], 'grant_type': 'convert_token' } if linkedin_auth_code is not None: post_data['backend'] = 'linkedin-oauth2' post_data['token'] = get_access_token_with_code( body['linkedin_auth_code']) else: post_data['backend'] = 'google-oauth2' post_data['token'] = body['google_access_token'] response = requests.post( 'http://localhost:8001/auth/convert-token', data=json.dumps(post_data), headers={'content-type': 'application/json'}) jsonres = json.loads(response.text) log(jsonres, 'e') if 'error' in jsonres: success = False code = ResponseCodes.invalid_credentials else: social_user = UserSocialAuth.objects.get( extra_data__icontains=post_data['token']) if social_user.user.email != user.email: social_user.user.delete() social_user.user = user social_user.save() success = True code = ResponseCodes.success user = AccessToken.objects.get( token=jsonres['access_token']).user jsonres['user_type'] = UserTypeSerializer( instance=user.user_type, many=False).data jsonres[ 'signup_flow_completed'] = user.signup_flow_completed user.approved = True user.save() return JsonResponse(create_response(data=jsonres, success=success, error_code=code), safe=False) else: success = False code = ResponseCodes.passwords_do_not_match return JsonResponse(create_response(data=None, success=success, error_code=code), safe=False)