| f867edb by Anon Ray at 2014-04-10 |
1 |
# -*- coding utf-8 -*- |
|
2 |
# classes/views/oauth.py |
|
3 |
|
| cffc26d by Anon Ray at 2014-06-10 |
4 |
from flask import Module, jsonify, request, render_template, current_app |
| f867edb by Anon Ray at 2014-04-10 |
5 |
|
|
6 |
from swtstore.classes import oauth |
| 1e7645a by Anon Ray at 2014-06-03 |
7 |
from swtstore.classes.models import Client, AuthorizedClients, User |
| f867edb by Anon Ray at 2014-04-10 |
8 |
|
|
9 |
|
|
10 |
Oauth = Module(__name__) |
|
11 |
|
| 427df6d by Anon Ray at 2014-05-11 |
12 |
|
| f867edb by Anon Ray at 2014-04-10 |
13 |
@Oauth.route('/authorize', methods=['GET', 'POST']) |
|
14 |
@oauth.authorize_handler |
|
15 |
def authorize(*args, **kwargs): |
|
16 |
current_user = User.getCurrentUser() |
|
17 |
if current_user is None: |
| 427df6d by Anon Ray at 2014-05-11 |
18 |
return render_template('oauth/login.html') |
| f867edb by Anon Ray at 2014-04-10 |
19 |
|
|
20 |
if request.method == 'GET': |
|
21 |
client_id = kwargs.get('client_id') |
|
22 |
client = Client.query.get(client_id) |
| 8fe0bbc by Anon Ray at 2014-05-10 |
23 |
current_app.logger.debug('In /authorize: client: %s', client) |
| f867edb by Anon Ray at 2014-04-10 |
24 |
kwargs['client'] = client |
|
25 |
kwargs['user'] = current_user |
| 8fe0bbc by Anon Ray at 2014-05-10 |
26 |
current_app.logger.debug('kwargs %s', kwargs) |
| 427df6d by Anon Ray at 2014-05-11 |
27 |
|
|
28 |
# See if this client is already authorized by user. If not then return |
|
29 |
# a HTML to allow access. |
|
30 |
authorized_clients = AuthorizedClients.getByUser(current_user) |
|
31 |
if client in authorized_clients: |
|
32 |
return render_template('oauth/authorized.html', **kwargs) |
|
33 |
else: |
|
34 |
return render_template('oauth/authorize.html', **kwargs) |
|
35 |
|
| f867edb by Anon Ray at 2014-04-10 |
36 |
confirm = request.form.get('confirm', 'no') |
| 427df6d by Anon Ray at 2014-05-11 |
37 |
authorized = request.form.get('authorized', 'no') |
| 8fe0bbc by Anon Ray at 2014-05-10 |
38 |
current_app.logger.debug('confirm authorize from user: %s', confirm) |
| 427df6d by Anon Ray at 2014-05-11 |
39 |
client = Client.query.get(request.form.get('client_id')) |
|
40 |
|
|
41 |
if authorized == 'yes': |
|
42 |
return True |
|
43 |
else: |
|
44 |
if confirm == 'yes': |
|
45 |
authorization = AuthorizedClients(user=current_user, client=client) |
|
46 |
authorization.persist() |
|
47 |
return True |
|
48 |
else: |
|
49 |
return False |
|
50 |
|
| f867edb by Anon Ray at 2014-04-10 |
51 |
|
|
52 |
@Oauth.route('/token', methods=['GET', 'POST']) |
|
53 |
@oauth.token_handler |
|
54 |
def access_token(): |
|
55 |
#print request.form |
| 8fe0bbc by Anon Ray at 2014-05-10 |
56 |
current_app.logger.debug('access token touched..') |
| f867edb by Anon Ray at 2014-04-10 |
57 |
return None |
|
58 |
|
| cffc26d by Anon Ray at 2014-06-10 |
59 |
|
| f867edb by Anon Ray at 2014-04-10 |
60 |
@Oauth.route('/errors') |
|
61 |
def error(): |
|
62 |
return jsonify(error=request.args.get('error')) |
