Gitorious

d120774 by Anon Ray at 2014-03-08	1	# -- coding utf-8 --
	2	# classes/views/users.py
	3
	4	import requests
	5
8fe0bbc by Anon Ray at 2014-05-10	6	# flask imports
d120774 by Anon Ray at 2014-03-08	7	from flask import Module, jsonify, request, render_template, session,\
8fe0bbc by Anon Ray at 2014-05-10	8	make_response, url_for, redirect, json, current_app
d120774 by Anon Ray at 2014-03-08	9
8fe0bbc by Anon Ray at 2014-05-10	10	# swtstore imports
d120774 by Anon Ray at 2014-03-08	11	from swtstore.classes.models.um import User
427df6d by Anon Ray at 2014-05-11	12	from swtstore.classes.models import Sweet, Context, Client, AuthorizedClients
d120774 by Anon Ray at 2014-03-08	13
8fe0bbc by Anon Ray at 2014-05-10	14	from swtstore.classes.utils.httputils import makeCORSHeaders
d120774 by Anon Ray at 2014-03-08	15	from swtstore.config import DefaultConfig
	16
	17
	18	config = DefaultConfig()
	19
	20	user = Module(__name__)
	21
	22	@user.route('/login', methods=['POST'])
	23	def login():
	24
	25	response = make_response()
8fe0bbc by Anon Ray at 2014-05-10	26	#response = makeCORSHeaders(response)
d120774 by Anon Ray at 2014-03-08	27
	28	if 'assertion' not in request.form:
	29	response.status_code = 400
	30	return response
	31
8fe0bbc by Anon Ray at 2014-05-10	32	current_app.logger.debug('remote address of request for user login %s',
	33	request.remote_addr)
	34
d120774 by Anon Ray at 2014-03-08	35	data = {'assertion': request.form['assertion'], 'audience':
f867edb by Anon Ray at 2014-04-10	36	config.SWTSTORE_URL}
d120774 by Anon Ray at 2014-03-08	37
	38	resp = requests.post(config.MOZ_PERSONA_VERIFIER, data=data, verify=True)
8fe0bbc by Anon Ray at 2014-05-10	39	current_app.logger.debug('Response code from MOZ_PERSONA_VERIFIER %s',
	40	resp.status_code)
	41	current_app.logger.debug('Response body: %s', resp.json())
d120774 by Anon Ray at 2014-03-08	42
	43	if resp.ok:
	44	verified_data = json.loads(resp.content)
	45	if verified_data['status'] == 'okay':
	46	user_email = verified_data['email']
	47	# check if this user exists in our system
	48	current_user = User.query.filter_by(email=user_email).first()
	49	# user doesn't exist; create her
	50	if current_user is None:
8fe0bbc by Anon Ray at 2014-05-10	51	current_app.logger.info('user with email %s doesn\'t exist',
	52	user_email)
	53	current_app.logger.info('creating new user: %s', user_email)
	54
d120774 by Anon Ray at 2014-03-08	55	new_user = User('', user_email)
	56	new_user.persist()
	57	current_user = new_user
	58
	59	#session.update({'email': verified_data['email']})
8fe0bbc by Anon Ray at 2014-05-10	60	current_app.logger.info('logging in user with email %s',
	61	user_email)
d120774 by Anon Ray at 2014-03-08	62	session['email'] = current_user.email
	63
	64	response.status_code = 200
	65	response.data = {'email': user_email}
	66	return response
	67
	68	response.status_code = 500
	69	return response
	70
	71	@user.route('/logout', methods=['POST'])
	72	def logout():
	73
	74	response = make_response()
8fe0bbc by Anon Ray at 2014-05-10	75	#response = makeCORSHeaders(response)
d120774 by Anon Ray at 2014-03-08	76
	77	if 'email' in session:
8fe0bbc by Anon Ray at 2014-05-10	78	current_app.logger.info('logging out user %s', session['email'])
d120774 by Anon Ray at 2014-03-08	79	session.pop('email')
	80
	81	response.status_code = 200
	82	return response
	83
	84	@user.route('/me', methods=['GET', 'POST'])
	85	def profile():
	86
	87	current_user = User.getCurrentUser()
	88	if current_user is None:
	89	return redirect(url_for('frontend.index'))
	90
	91	if request.method == 'GET':
427df6d by Anon Ray at 2014-05-11	92	return render_template('user/me.html', user=current_user)
d120774 by Anon Ray at 2014-03-08	93
427df6d by Anon Ray at 2014-05-11	94	# else POST request
d120774 by Anon Ray at 2014-03-08	95	username = request.form.get('username')
8fe0bbc by Anon Ray at 2014-05-10	96
	97	current_app.logger.debug('Updating username of %s to %s',
	98	current_user.username, username)
	99
d120774 by Anon Ray at 2014-03-08	100	current_user.update(username=username)
	101
	102	return redirect(url_for('profile'))
	103
f867edb by Anon Ray at 2014-04-10	104
8fe0bbc by Anon Ray at 2014-05-10	105	@user.route('/me/sweets', methods=['GET'])
	106	def mySweets():
	107
	108	user = User.getCurrentUser()
	109	if user is None:
	110	return redirect(url_for('frontend.index'))
	111
	112	swts = Sweet.getByCreator(user)
427df6d by Anon Ray at 2014-05-11	113	return render_template('user/sweets.html', sweets=swts)
8fe0bbc by Anon Ray at 2014-05-10	114
	115
	116	@user.route('/me/contexts', methods=['GET'])
	117	def myContexts():
	118
	119	user = User.getCurrentUser()
	120	if user is None:
	121	return redirect(url_for('frontend.index'))
	122
	123	contexts = Context.getByCreator(user.id)
427df6d by Anon Ray at 2014-05-11	124	return render_template('user/contexts.html', contexts=contexts)
8fe0bbc by Anon Ray at 2014-05-10	125
	126
	127	@user.route('/me/apps', methods=['GET'])
	128	def myApps():
	129
	130	# make a decorator out of this repetative code
	131	user = User.getCurrentUser()
	132	if user is None:
	133	return redirect(url_for('frontend.index'))
	134
	135	apps = Client.getClientsByCreator(user.id)
427df6d by Anon Ray at 2014-05-11	136	return render_template('user/apps.html', apps=apps)
8fe0bbc by Anon Ray at 2014-05-10	137
427df6d by Anon Ray at 2014-05-11	138	@user.route('/me/authorized_apps', methods=['GET', 'POST'])
	139	def authorizedApps():
	140
	141	user = User.getCurrentUser()
	142	if user is None:
	143	return redirect(url_for('frontend.index'))
	144
	145	if request.method == 'GET':
	146	authorized_clients = AuthorizedClients.getByUser(user)
	147	return render_template('user/authorized_apps.html',
	148	authorized_clients=authorized_clients)
	149
	150	# else POST request
	151	client_id = request.form.get('revoke-id', '')
	152	if client_id:
	153	client = Client.query.get(client_id)
	154	current_app.logger.info('user %s revoking access to %s', user, client)
	155	AuthorizedClients.revoke(user=user, client=client)
	156
	157	return redirect(url_for('authorizedApps'))
8fe0bbc by Anon Ray at 2014-05-10	158