d120774 by Anon Ray at 2014-03-08 |
1 |
# -*- coding utf-8 -*- |
|
2 |
# classes/views/users.py |
|
3 |
|
|
4 |
import requests |
|
5 |
|
|
6 |
from flask import Module, jsonify, request, render_template, session,\ |
|
7 |
make_response, url_for, redirect |
|
8 |
import json |
|
9 |
|
|
10 |
from swtstore.classes.models.um import User |
|
11 |
|
|
12 |
from swtstore.classes.utils.httputils import make_cross_origin_headers |
|
13 |
from swtstore.config import DefaultConfig |
|
14 |
|
|
15 |
|
|
16 |
config = DefaultConfig() |
|
17 |
|
|
18 |
user = Module(__name__) |
|
19 |
|
|
20 |
@user.route('/login', methods=['POST']) |
|
21 |
def login(): |
|
22 |
|
|
23 |
response = make_response() |
f867edb by Anon Ray at 2014-04-10 |
24 |
#response = make_cross_origin_headers(response) |
d120774 by Anon Ray at 2014-03-08 |
25 |
|
|
26 |
if 'assertion' not in request.form: |
|
27 |
response.status_code = 400 |
|
28 |
return response |
|
29 |
|
|
30 |
print request.remote_addr |
|
31 |
data = {'assertion': request.form['assertion'], 'audience': |
f867edb by Anon Ray at 2014-04-10 |
32 |
config.SWTSTORE_URL} |
d120774 by Anon Ray at 2014-03-08 |
33 |
|
|
34 |
resp = requests.post(config.MOZ_PERSONA_VERIFIER, data=data, verify=True) |
|
35 |
print resp.status_code |
|
36 |
print resp.json() |
|
37 |
|
|
38 |
if resp.ok: |
|
39 |
verified_data = json.loads(resp.content) |
|
40 |
if verified_data['status'] == 'okay': |
|
41 |
user_email = verified_data['email'] |
|
42 |
# check if this user exists in our system |
|
43 |
current_user = User.query.filter_by(email=user_email).first() |
|
44 |
# user doesn't exist; create her |
|
45 |
if current_user is None: |
|
46 |
print 'user with email ' + user_email + ' doesn\'t exist;' |
|
47 |
print 'creating new user:' + user_email |
|
48 |
new_user = User('', user_email) |
|
49 |
new_user.persist() |
|
50 |
current_user = new_user |
|
51 |
|
|
52 |
#session.update({'email': verified_data['email']}) |
|
53 |
print 'logging in user with email' + user_email |
|
54 |
session['email'] = current_user.email |
|
55 |
|
|
56 |
response.status_code = 200 |
|
57 |
response.data = {'email': user_email} |
|
58 |
return response |
|
59 |
|
|
60 |
response.status_code = 500 |
|
61 |
return response |
|
62 |
|
|
63 |
@user.route('/logout', methods=['POST']) |
|
64 |
def logout(): |
|
65 |
|
|
66 |
response = make_response() |
f867edb by Anon Ray at 2014-04-10 |
67 |
#response = make_cross_origin_headers(response) |
d120774 by Anon Ray at 2014-03-08 |
68 |
|
|
69 |
if 'email' in session: |
|
70 |
print 'logging out ' |
|
71 |
print session['email'] |
|
72 |
session.pop('email') |
|
73 |
|
|
74 |
response.status_code = 200 |
|
75 |
return response |
|
76 |
|
|
77 |
@user.route('/me', methods=['GET', 'POST']) |
|
78 |
def profile(): |
|
79 |
|
|
80 |
current_user = User.getCurrentUser() |
|
81 |
if current_user is None: |
|
82 |
return redirect(url_for('frontend.index')) |
|
83 |
|
|
84 |
if request.method == 'GET': |
|
85 |
return render_template('me.html', user=current_user) |
|
86 |
|
|
87 |
username = request.form.get('username') |
|
88 |
print username |
|
89 |
current_user.update(username=username) |
|
90 |
|
|
91 |
return redirect(url_for('profile')) |
|
92 |
|
f867edb by Anon Ray at 2014-04-10 |
93 |
|