f867edb by Anon Ray at 2014-04-10 |
1 |
# -*- coding utf-8 -*- |
|
2 |
# classes/views/oauth.py |
|
3 |
|
8fe0bbc by Anon Ray at 2014-05-10 |
4 |
from flask import Module, jsonify, request, render_template, redirect,\ |
|
5 |
url_for, current_app |
427df6d by Anon Ray at 2014-05-11 |
6 |
import requests |
f867edb by Anon Ray at 2014-04-10 |
7 |
|
|
8 |
from swtstore.classes import oauth |
|
9 |
from swtstore.classes.models.um import User |
427df6d by Anon Ray at 2014-05-11 |
10 |
from swtstore.classes.models import Client, AuthorizedClients |
f867edb by Anon Ray at 2014-04-10 |
11 |
|
|
12 |
|
|
13 |
Oauth = Module(__name__) |
|
14 |
|
427df6d by Anon Ray at 2014-05-11 |
15 |
|
f867edb by Anon Ray at 2014-04-10 |
16 |
@Oauth.route('/authorize', methods=['GET', 'POST']) |
|
17 |
@oauth.authorize_handler |
|
18 |
def authorize(*args, **kwargs): |
|
19 |
current_user = User.getCurrentUser() |
|
20 |
if current_user is None: |
427df6d by Anon Ray at 2014-05-11 |
21 |
return render_template('oauth/login.html') |
f867edb by Anon Ray at 2014-04-10 |
22 |
|
|
23 |
if request.method == 'GET': |
|
24 |
client_id = kwargs.get('client_id') |
|
25 |
client = Client.query.get(client_id) |
8fe0bbc by Anon Ray at 2014-05-10 |
26 |
current_app.logger.debug('In /authorize: client: %s', client) |
f867edb by Anon Ray at 2014-04-10 |
27 |
kwargs['client'] = client |
|
28 |
kwargs['user'] = current_user |
8fe0bbc by Anon Ray at 2014-05-10 |
29 |
current_app.logger.debug('kwargs %s', kwargs) |
427df6d by Anon Ray at 2014-05-11 |
30 |
|
|
31 |
# See if this client is already authorized by user. If not then return |
|
32 |
# a HTML to allow access. |
|
33 |
authorized_clients = AuthorizedClients.getByUser(current_user) |
|
34 |
if client in authorized_clients: |
|
35 |
return render_template('oauth/authorized.html', **kwargs) |
|
36 |
else: |
|
37 |
return render_template('oauth/authorize.html', **kwargs) |
|
38 |
|
f867edb by Anon Ray at 2014-04-10 |
39 |
|
|
40 |
confirm = request.form.get('confirm', 'no') |
427df6d by Anon Ray at 2014-05-11 |
41 |
authorized = request.form.get('authorized', 'no') |
8fe0bbc by Anon Ray at 2014-05-10 |
42 |
current_app.logger.debug('confirm authorize from user: %s', confirm) |
427df6d by Anon Ray at 2014-05-11 |
43 |
client = Client.query.get(request.form.get('client_id')) |
|
44 |
|
|
45 |
if authorized == 'yes': |
|
46 |
return True |
|
47 |
else: |
|
48 |
if confirm == 'yes': |
|
49 |
authorization = AuthorizedClients(user=current_user, client=client) |
|
50 |
authorization.persist() |
|
51 |
return True |
|
52 |
else: |
|
53 |
return False |
|
54 |
|
f867edb by Anon Ray at 2014-04-10 |
55 |
|
|
56 |
@Oauth.route('/token', methods=['GET', 'POST']) |
|
57 |
@oauth.token_handler |
|
58 |
def access_token(): |
|
59 |
#print request.form |
8fe0bbc by Anon Ray at 2014-05-10 |
60 |
current_app.logger.debug('access token touched..') |
f867edb by Anon Ray at 2014-04-10 |
61 |
return None |
|
62 |
|
|
63 |
@Oauth.route('/errors') |
|
64 |
def error(): |
|
65 |
return jsonify(error=request.args.get('error')) |
8fe0bbc by Anon Ray at 2014-05-10 |
66 |
|