def auth_social_user(request):
body = JSONParser().parse(request)
if 'recaptcha_token' in body and utils.verify_recaptcha(
None, body['recaptcha_token'],
'signin') == ResponseCodes.verify_recaptcha_failed:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.verify_recaptcha_failed),
safe=False)
post_data = {
'client_id': body['client_id'],
'client_secret': body['client_secret'],
'grant_type': 'convert_token'
}
provider = body['provider']
post_data['backend'] = provider
if provider == 'linkedin-oauth2':
post_data['token'] = get_access_token_with_code(body['token'])
else:
post_data['token'] = body['token']
response = requests.post('http://localhost:8000/auth/convert-token',
data=json.dumps(post_data),
headers={'content-type': 'application/json'})
json_res = json.loads(response.text)
log(json_res, 'e')
if 'error' in json_res:
success = False
code = ResponseCodes.invalid_credentials
else:
success = True
code = ResponseCodes.success
user = AccessToken.objects.get(token=json_res['access_token']).user
if 'first_name' in body:
user.first_name = body['first_name']
if 'last_name' in body:
user.first_name = body['last_name']
if 'photo_url' in body:
utils.save_image_file_to_user(body['photo_url'], user)
if 'user_type' in body:
user.user_type = UserType.objects.get(pk=body['user_type'])
elif user.user_type is None:
user.user_type = UserType.objects.get(name__iexact='Undefined')
user.signup_flow_completed = True
json_res['user_type'] = UserTypeSerializer(instance=user.user_type,
many=False).data
json_res['signup_flow_completed'] = user.signup_flow_completed
user.approved = True
user.last_login = timezone.now()
LoginLog.objects.create(user=user)
user.save()
if provider == 'google-oauth2':
user.is_gmail_read_ok = True
user.save()
schedule_fetcher(user.id)
return JsonResponse(create_response(data=json_res,
success=success,
error_code=code),
safe=False)
def auth_social_user(request):
body = JSONParser().parse(request)
if 'recaptcha_token' in body and utils.verify_recaptcha(
None, body['recaptcha_token'],
'signin') == ResponseCodes.verify_recaptcha_failed:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.verify_recaptcha_failed),
safe=False)
post_data = {
'client_id': body['client_id'],
'client_secret': body['client_secret'],
'grant_type': 'convert_token'
}
provider = body['provider']
post_data['backend'] = provider
if provider == 'linkedin-oauth2':
post_data['token'] = get_access_token_with_code(body['token'])
else:
post_data['token'] = body['token']
response = requests.post('http://localhost:8000/auth/convert-token',
data=json.dumps(post_data),
headers={'content-type': 'application/json'})
json_res = json.loads(response.text)
log(json_res, 'e')
if 'error' in json_res:
success = False
code = ResponseCodes.invalid_credentials
else:
success = True
code = ResponseCodes.success
user = AccessToken.objects.get(token=json_res['access_token']).user
json_res['user_type'] = user.user_type
user.save()
user.approved = True
user.save()
if provider == 'google-oauth2':
user.is_gmail_read_ok = True
user.save()
schedule_fetcher(user.id)
return JsonResponse(create_response(data=json_res,
success=success,
error_code=code),
safe=False)
def link_social_account(request):
body = request.data
if 'recaptcha_token' in body and utils.verify_recaptcha(
None, body['recaptcha_token'],
'signin') == ResponseCodes.verify_recaptcha_failed:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.verify_recaptcha_failed),
safe=False)
post_data = {
'client_id': body['client_id'],
'client_secret': body['client_secret'],
'grant_type': 'convert_token'
}
provider = body['provider']
post_data['backend'] = provider
if provider == 'linkedin-oauth2':
if request.user.social_auth.filter(
provider='linkedin-oauth2').count() == 0:
post_data['token'] = get_access_token_with_code(body['token'])
else:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.account_already_linked),
safe=False)
else:
if request.user.social_auth.filter(
provider='google-oauth2').count() == 0:
post_data['token'] = body['token']
else:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.account_already_linked),
safe=False)
response = requests.post('http://localhost:8001/auth/convert-token',
data=json.dumps(post_data),
headers={'content-type': 'application/json'})
json_res = json.loads(response.text)
log(json_res, 'e')
if 'error' in json_res:
success = False
code = ResponseCodes.invalid_credentials
else:
social_user = UserSocialAuth.objects.get(
extra_data__icontains=post_data['token'])
if social_user.user.email != request.user.email:
social_user.user.delete()
social_user.user = request.user
social_user.save()
post_data = {
'token': json_res['access_token'],
'client_id': body['client_id'],
'client_secret': body['client_secret']
}
headers = {'content-type': 'application/json'}
response = requests.post('http://localhost:8001/auth/revoke-token',
data=json.dumps(post_data),
headers=headers)
log(str(response), 'e')
if provider == 'google-oauth2':
request.user.is_gmail_read_ok = True
request.user.save()
return JsonResponse(create_response(
data=ProfileSerializer(instance=request.user, many=False).data),
safe=False)
return JsonResponse(create_response(data=None,
success=success,
error_code=code),
safe=False)
def register(request):
# Get form values
body = JSONParser().parse(request)
if 'recaptcha_token' in body and utils.verify_recaptcha(
None, body['recaptcha_token'],
'signup') == ResponseCodes.verify_recaptcha_failed:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.verify_recaptcha_failed),
safe=False)
first_name = ''
last_name = ''
linkedin_auth_code = None
google_access_token = None
if 'first_name' in body:
first_name = body['first_name']
if 'last_name' in body:
last_name = body['last_name']
if 'linkedin_auth_code' in body:
linkedin_auth_code = body['linkedin_auth_code']
if 'google_access_token' in body:
google_access_token = body['google_access_token']
user_type, new = UserType.objects.get_or_create(name__iexact='Employer')
username = body['username']
email = body['email']
password = body['password']
password2 = body['password2']
if '@' in username:
return JsonResponse(create_response(
data=None,
success=False,
error_code=ResponseCodes.invalid_username),
safe=False)
# Check if passwords match
if password == password2:
# Check username
if User.objects.filter(username__iexact=username).exists():
success = False
code = ResponseCodes.username_exists
else:
if User.objects.filter(email__iexact=email).exists():
success = False
code = ResponseCodes.email_exists
else:
# Looks good
user = User.objects.create_user(username=username,
password=password,
email=email,
first_name=first_name,
user_type=user_type,
last_name=last_name,
approved=False,
activation_key=None,
key_expires=None)
user.save()
if linkedin_auth_code is None and google_access_token is None:
activation_key, expiration_time = utils.generate_activation_key_and_expiredate(
body['username'])
user.activation_key = activation_key
user.key_expires = expiration_time
user.save()
utils.send_email(user.email, activation_key, 'activate')
post_data = {
'client_id': body['client_id'],
'client_secret': body['client_secret'],
'grant_type': 'password',
'username': username,
'password': password
}
response = requests.post(
'http://localhost:8001/auth/token',
data=json.dumps(post_data),
headers={'content-type': 'application/json'})
json_res = json.loads(response.text)
if 'error' in json_res:
success = False
code = ResponseCodes.couldnt_login
else:
success = True
code = ResponseCodes.success
json_res['user_type'] = UserTypeSerializer(
instance=user.user_type, many=False).data
json_res[
'signup_flow_completed'] = user.signup_flow_completed
return JsonResponse(create_response(data=json_res,
success=success,
error_code=code),
safe=False)
else:
post_data = {
'client_id': body['client_id'],
'client_secret': body['client_secret'],
'grant_type': 'convert_token'
}
if linkedin_auth_code is not None:
post_data['backend'] = 'linkedin-oauth2'
post_data['token'] = get_access_token_with_code(
body['linkedin_auth_code'])
else:
post_data['backend'] = 'google-oauth2'
post_data['token'] = body['google_access_token']
response = requests.post(
'http://localhost:8001/auth/convert-token',
data=json.dumps(post_data),
headers={'content-type': 'application/json'})
jsonres = json.loads(response.text)
log(jsonres, 'e')
if 'error' in jsonres:
success = False
code = ResponseCodes.invalid_credentials
else:
social_user = UserSocialAuth.objects.get(
extra_data__icontains=post_data['token'])
if social_user.user.email != user.email:
social_user.user.delete()
social_user.user = user
social_user.save()
success = True
code = ResponseCodes.success
user = AccessToken.objects.get(
token=jsonres['access_token']).user
jsonres['user_type'] = UserTypeSerializer(
instance=user.user_type, many=False).data
jsonres[
'signup_flow_completed'] = user.signup_flow_completed
user.approved = True
user.save()
return JsonResponse(create_response(data=jsonres,
success=success,
error_code=code),
safe=False)
else:
success = False
code = ResponseCodes.passwords_do_not_match
return JsonResponse(create_response(data=None,
success=success,
error_code=code),
safe=False)