"""

Create user from login_session data and return user's id

"""

newUser = User(name=login_session['username'], email=login_session['email'])

session.add(newUser)

session.commit()

user = session.query(User).filter_by(email=login_session['email']).one()

"""

Return user object

"""

user = session.query(User).filter_by(id=user_id).one()

"""

Return user id or None

"""

try:

user = session.query(User).filter_by(email=email).one()

return user.id

except:

"""

Show login page and generate session.

"""

state = ''.join(random.choice(string.ascii_uppercase + string.digits) for x in xrange(32))

login_session['state'] = state

"""

Authenticate through Google OAuth API function.

Get post-request object.

Return HTML with callback JS function

"""

# Validate state token

if request.args.get('state') != login_session['state']:

response = make_response(json.dumps('Invalid state parameter'), 401)

response.headers['Content-Type'] = 'application/json'

return response

code = request.data

try:

# Upgrade authorization code into credentials object

oauth_flow = flow_from_clientsecrets('client_secret.json', scope='')

oauth_flow.redirect_uri = 'postmessage'

credentials = oauth_flow.step2_exchange(code)

except FlowExchangeError:

response = make_response(json.dumps('Failed to upgrade the authorization code.'), 401)

response.headers['Content-Type'] = 'application/json'

return response

access_token = credentials.access_token

url = ('https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=%s' % access_token)

h = httplib2.Http()

result = json.loads(h.request(url, 'GET')[1])

# If there was an error in the access token info, abort

if result.get('error') is not None:

response = make_response(json.dumps(result.get('error')), 500)

response.headers['Content-Type'] = 'application/json'

# Verify that the access token is used for the intended user

gplus_id = credentials.id_token['sub']

if result['user_id'] != gplus_id:

response = make_response(json.dumps("Token's user ID doesn't match given user ID."), 401)

response.headers['Content-Type'] = 'application/json'

return response

# Verify that the access token is valid for this app

if result['issued_to'] != CLIENT_ID:

response = make_response(json.dumps("Token's client ID doesn't match app's."), 401)

print("Token's client ID doesn't match app's.")

response.headers['Content-Type'] = 'application/json'

return response

# Check to see if user is already logged in

stored_credentials = login_session.get('credentials')

stored_gplus_id = login_session.get('gplus_id')

if stored_credentials is not None and gplus_id == stored_gplus_id:

response = make_response(json.dumps('Current user is already connected.'), 200)

response.headers['Content-Type'] = 'application/json'

# Store access token in session for later use

# Store just token (for resolve JSON error bug in Flask)

login_session['credentials'] = credentials.access_token

login_session['gplus_id'] = gplus_id

# Get credentials from session

credentials = AccessTokenCredentials(login_session['credentials'], 'user-agent-value')

login_session['provider'] = 'google'

# Get user info

userinfo_url = "https://www.googleapis.com/oauth2/v1/userinfo"

params = {'access_token': credentials.access_token, 'alt': 'json'}

answer = requests.get(userinfo_url, params=params)

data = json.loads(answer.text)

login_session['username'] = data['name']

login_session['email'] = data['email']

# if users exists, doesn't make a new one

user_id = getUserID(login_session['email'])

if not user_id:

user_id = createUser(login_session)

login_session['user_id'] = user_id

output = ''

output += '<h1>Welcome, '

output += login_session['username']

output += '!</h1>'

flash("You are now logged in as %s" % login_session['username'])

"""

Revoke user token and reset login_session

"""

# Use AccessTokenCredentials for fix bug in Flask

credentials = AccessTokenCredentials(login_session['credentials'], 'user-agent-value')

if credentials is None:

response = make_response(json.dumps("Current user not connected."), 401)

response.headers['Content-Type'] = 'application/json'

return response

# Execute HTTP GET to revoke token

access_token = credentials.access_token

url = 'https://accounts.google.com/o/oauth2/revoke?token=%s' % access_token

h = httplib2.Http()

result = h.request(url, 'GET')[0]

if result['status'] == '200':

response = make_response(json.dumps('Successfully disconnected!'), 200)

response.headers['Content-Type'] = 'application/json'

return response

else:

response = make_response(json.dumps('Failed to revoke token for given user'), 400)

response.headers['Content-Type'] = 'application/json'

"""

Handle AJAX callback from login page

And authenticate through Facebook API

"""

if request.args.get('state') != login_session['state']:

response = make_response(json.dumps('Invalid state parameter.'), 401)

response.headers['Content-Type'] = 'application/json'

return response

access_token = request.data

app_id = json.loads(open('fbclientsecrets.json', 'r').read())['web']['app_id']

app_secret = json.loads(open('fbclientsecrets.json', 'r').read())['web']['app_secret']

url = 'https://graph.facebook.com/oauth/access_token?grant_type=fb_exchange_token&client_id=%s&client_secret=%s&fb_exchange_token=%s' % \

(app_id, app_secret, access_token)

h = httplib2.Http()

result = h.request(url, 'GET')[1]

# Use token to get user info from API

userinfo_url = "https://graph.facebook.com/v2.2/me"

# strip expire tag from access token

token = result.split("&")[0]

url = 'https://graph.facebook.com/v2.2/me?%s' % token

h = httplib2.Http()

result = h.request(url, 'GET')[1]

data = json.loads(result)

login_session['provider'] = 'facebook'

login_session['username'] = data['name']

login_session['email'] = data['email']

login_session['facebook_id'] = data['id']

# The token must be stored in the login_session in order to properly logout,

# let's strip out the information before the equals sign in our token

stored_token = token.split('=')[1]

login_session['access_token'] = stored_token

# see if user exists

user_id = getUserID(login_session['email'])

if not user_id:

user_id = createUser(login_session)

login_session['user_id'] = user_id

output = ''

output += '<h1>Welcome, '

output += login_session['username']

output += '!</h1>'

flash("Now logged in as %s" % login_session['username'])

"""

Revoke user's token if he's logged from through facebook API

"""

facebook_id = login_session['facebook_id']

url = 'https://graph.facebook.com/%s/permissions' % (facebook_id)

h = httplib2.Http()

"""

Logout user and delete login_session's objects

"""

if 'provider' in login_session:

if login_session['provider'] == 'google':

# Disconect from google

gdisconnect()

del login_session['gplus_id']

del login_session['credentials']

if login_session['provider'] == 'facebook':

# Disconnect from facebook

fbdisconnect()

del login_session['facebook_id']

del login_session['username']

del login_session['email']

del login_session['user_id']

del login_session['provider']

flash("You have successfully been logged out")

return redirect('')

else:

flash("You were not logged in to begin with")

"""

Return items and categories as JSON list

"""

categories = session.query(Category).all()

categories_list = []

for category in categories:

list = []

items = session.query(Item).filter_by(category_id=category.id)

for item in items:

list.append({"title" : item.name, "id" : item.id, "description" : item.description,

"cat_id": item.category_id})

categories_list.append({"id": category.id, "name": category.name, "Items": list})

@wraps(f)

def decorated_function(*args, **kwargs):

if 'username' not in login_session:

return redirect('/login')

return f(*args, **kwargs)

"""

Show all categories and ten latest added items

"""

categories = session.query(Category).all()

items = session.query(Item).order_by(Item.created_date).slice(0, 10)

if 'username' not in login_session:

return render_template('publicindex.html', categories=categories, items=items)

else:

"""

Show item in specific category

:param category_name: name of category

"""

categories = session.query(Category).all()

category = session.query(Category).filter_by(id=category_id).one()

items = session.query(Item).filter_by(category_id=category.id).all()

"""

Return one item in category.

:param category_name: category name

:param item_name: item name

"""

categories = session.query(Category).all()

category = session.query(Category).filter_by(name=category_name).one()

item = session.query(Item).filter_by(id=item_id, category_id=category.id).one()

creator = getUserInfo(item.user_id)

"""

Create new item

"""

# if 'username' not in login_session:

# return redirect('/login')

if request.method == 'POST':

category = session.query(Category).filter_by(name=request.form['category']).one()

old_items = session.query(Item).filter_by(category_id=category.id, name=request.form['title']).all()

if old_items == []:

new_item = Item(name = request.form['title'], user_id = login_session['user_id'],

description=request.form['description'], category_id=category.id, category=category)

session.add(new_item)

session.commit()

flash('New item %s successfully created' % new_item.name)

return redirect(url_for('showLatest'))

else:

flash('Item with this name %s exist. Try again!' % request.form['title'])

return redirect(url_for('showLatest'))

else:

categories = session.query(Category).all()

"""

Edit item page. Show edit item apge and process editing.

:param item_name: name of item to edit

"""

# if 'username' not in login_session:

# return redirect('/login')

editedItem = session.query(Item).filter_by(id=item_id).one()

categories = session.query(Category).all()

if login_session['user_id'] != editedItem.user_id:

return "<script>function myFunction() {alert('You are not authorized to edit this item. Please create your own.');}</script><body onload='myFunction()''>"

if request.method == 'POST':

if request.form['title']:

editedItem.name = request.form['title']

if request.form['description']:

editedItem.description = request.form['description']

if request.form['category']:

category = session.query(Category).filter_by(name=request.form['category']).one()

editedItem.category_id = category.id

editedItem.category = category

session.add(editedItem)

session.commit()

flash('Item edited successfully!')

return redirect(url_for('showLatest'))

else:

"""

Delete item page. End process deleting of item.

:param item_name: name of item to delete

"""

# if 'username' not in login_session:

# return redirect('/login')

deletedItems = session.query(Item).filter_by(id=item_id).one()

if login_session['user_id'] != deletedItems.user_id:

return "<script>function myFunction() {alert('You are not authorized to edit this item. Please create your own.');}</script><body onload='myFunction()''>"

if request.method == 'POST':

session.delete(deletedItems)

session.commit()

flash('Item deleted successfully!')

return redirect(url_for('showLatest'))

else: