1 
# -*- coding utf-8 -*-
2 
# classes/views/users.py
3 





4

import requests





5






6

# flask imports





7

from flask import Module, request, render_template, session,\





8

    make_response, url_for, redirect, json, current_app





9






10

# swtstore imports





11

from swtstore.classes.models import User, Sweet, Context, Client,\





12

    AuthorizedClients





13






14

from swtstore.config import DefaultConfig





15






16






17

config = DefaultConfig()





18






19

user = Module(__name__)





20






21






22

@user.route('/login', methods=['POST'])





23

def login():





24






25

    response = make_response()





26

    #response = makeCORSHeaders(response)





27






28

    if 'assertion' not in request.form:





29

        response.status_code = 400





30

        return response





31






32

    current_app.logger.debug('remote address of request for user login %s',





33

                             request.remote_addr)





34






35

    data = {'assertion': request.form['assertion'], 'audience':





36

            config.SWTSTORE_URL}





37






38

    resp = requests.post(config.MOZ_PERSONA_VERIFIER, data=data, verify=True)





39

    current_app.logger.debug('Response code from MOZ_PERSONA_VERIFIER %s',





40

                             resp.status_code)





41

    current_app.logger.debug('Response body: %s', resp.json())





42






43

    if resp.ok:





44

        verified_data = json.loads(resp.content)





45

        if verified_data['status'] == 'okay':





46

            user_email = verified_data['email']





47

            # check if this user exists in our system





48

            current_user = User.query.filter_by(email=user_email).first()





49

            # user doesn't exist; create her





50

            if current_user is None:





51

                current_app.logger.info('user with email %s doesn\'t exist',





52

                                        user_email)





53

                current_app.logger.info('creating new user: %s', user_email)





54






55

                new_user = User('', user_email)





56

                new_user.persist()





57

                current_user = new_user





58






59

            #session.update({'email': verified_data['email']})





60

            current_app.logger.info('logging in user with email %s',





61

                                    user_email)





62

            session['email'] = current_user.email





63






64

            response.status_code = 200





65

            response.data = {'email': user_email}





66

            return response





67






68

    response.status_code = 500





69

    return response





70






71






72

@user.route('/logout', methods=['POST'])





73

def logout():





74






75

    response = make_response()





76

    #response = makeCORSHeaders(response)





77






78

    if 'email' in session:





79

        current_app.logger.info('logging out user %s', session['email'])





80

        session.pop('email')





81






82

    response.status_code = 200





83

    return response





84






85






86

@user.route('/me', methods=['GET', 'POST'])





87

def profile():





88






89

    current_user = User.getCurrentUser()





90

    if current_user is None:





91

        return redirect(url_for('frontend.index'))





92






93

    if request.method == 'GET':





94

        return render_template('user/me.html', user=current_user.to_dict())





95






96

    # else POST request





97

    username = request.form.get('username')





98






99

    current_app.logger.debug('Updating username of %s to %s',





100

                             current_user.username, username)





101






102

    current_user.update(username=username)





103






104

    return redirect(url_for('profile'))





105






106






107

@user.route('/me/sweets', methods=['GET'])





108

def mySweets():





109






110

    user = User.getCurrentUser()





111

    if user is None:





112

        return redirect(url_for('frontend.index'))





113






114

    swts = Sweet.getByCreator(user)





115

    swts = [swt.to_dict() for swt in swts]





116

    return render_template('user/sweets.html', sweets=swts)





117






118






119

@user.route('/me/contexts', methods=['GET'])





120

def myContexts():





121






122

    user = User.getCurrentUser()





123

    if user is None:





124

        return redirect(url_for('frontend.index'))





125






126

    contexts = Context.getByCreator(user.id)





127

    return render_template('user/contexts.html', contexts=contexts)





128






129






130

@user.route('/me/apps', methods=['GET'])





131

def myApps():





132






133

    # make a decorator out of this repetative code





134

    user = User.getCurrentUser()





135

    if user is None:





136

        return redirect(url_for('frontend.index'))





137






138

    apps = Client.getClientsByCreator(user.id)





139

    return render_template('user/apps.html', apps=apps)





140






141






142

@user.route('/me/authorized_apps', methods=['GET', 'POST'])





143

def authorizedApps():





144






145

    user = User.getCurrentUser()





146

    if user is None:





147

        return redirect(url_for('frontend.index'))





148






149

    if request.method == 'GET':





150

        authorized_clients = AuthorizedClients.getByUser(user)





151

        return render_template('user/authorized_apps.html',





152

                        authorized_clients=authorized_clients)





153






154

    # else POST request





155

    client_id = request.form.get('revoke-id', '')





156

    if client_id:





157

        client = Client.query.get(client_id)





158

        current_app.logger.info('user %s revoking access to %s', user, client)





159

        AuthorizedClients.revoke(user=user, client=client)





160






161

    return redirect(url_for('authorizedApps'))