| 1 |
# -*- coding utf-8 -*- |
| 2 |
# classes/views/users.py |
| 3 |
|
| 4 |
import requests |
| 5 |
|
| 6 |
from flask import Module, jsonify, request, render_template, session,\ |
| 7 |
make_response, url_for, redirect |
| 8 |
import json |
| 9 |
|
| 10 |
from swtstore.classes.models.um import User |
| 11 |
|
| 12 |
from swtstore.classes.utils.httputils import make_cross_origin_headers |
| 13 |
from swtstore.config import DefaultConfig |
| 14 |
|
| 15 |
|
| 16 |
config = DefaultConfig() |
| 17 |
|
| 18 |
user = Module(__name__) |
| 19 |
|
| 20 |
@user.route('/login', methods=['POST']) |
| 21 |
def login(): |
| 22 |
|
| 23 |
response = make_response() |
| 24 |
#response = make_cross_origin_headers(response) |
| 25 |
|
| 26 |
if 'assertion' not in request.form: |
| 27 |
response.status_code = 400 |
| 28 |
return response |
| 29 |
|
| 30 |
print request.remote_addr |
| 31 |
data = {'assertion': request.form['assertion'], 'audience': |
| 32 |
config.SWTSTORE_URL} |
| 33 |
|
| 34 |
resp = requests.post(config.MOZ_PERSONA_VERIFIER, data=data, verify=True) |
| 35 |
print resp.status_code |
| 36 |
print resp.json() |
| 37 |
|
| 38 |
if resp.ok: |
| 39 |
verified_data = json.loads(resp.content) |
| 40 |
if verified_data['status'] == 'okay': |
| 41 |
user_email = verified_data['email'] |
| 42 |
# check if this user exists in our system |
| 43 |
current_user = User.query.filter_by(email=user_email).first() |
| 44 |
# user doesn't exist; create her |
| 45 |
if current_user is None: |
| 46 |
print 'user with email ' + user_email + ' doesn\'t exist;' |
| 47 |
print 'creating new user:' + user_email |
| 48 |
new_user = User('', user_email) |
| 49 |
new_user.persist() |
| 50 |
current_user = new_user |
| 51 |
|
| 52 |
#session.update({'email': verified_data['email']}) |
| 53 |
print 'logging in user with email' + user_email |
| 54 |
session['email'] = current_user.email |
| 55 |
|
| 56 |
response.status_code = 200 |
| 57 |
response.data = {'email': user_email} |
| 58 |
return response |
| 59 |
|
| 60 |
response.status_code = 500 |
| 61 |
return response |
| 62 |
|
| 63 |
@user.route('/logout', methods=['POST']) |
| 64 |
def logout(): |
| 65 |
|
| 66 |
response = make_response() |
| 67 |
#response = make_cross_origin_headers(response) |
| 68 |
|
| 69 |
if 'email' in session: |
| 70 |
print 'logging out ' |
| 71 |
print session['email'] |
| 72 |
session.pop('email') |
| 73 |
|
| 74 |
response.status_code = 200 |
| 75 |
return response |
| 76 |
|
| 77 |
@user.route('/me', methods=['GET', 'POST']) |
| 78 |
def profile(): |
| 79 |
|
| 80 |
current_user = User.getCurrentUser() |
| 81 |
if current_user is None: |
| 82 |
return redirect(url_for('frontend.index')) |
| 83 |
|
| 84 |
if request.method == 'GET': |
| 85 |
return render_template('me.html', user=current_user) |
| 86 |
|
| 87 |
username = request.form.get('username') |
| 88 |
print username |
| 89 |
current_user.update(username=username) |
| 90 |
|
| 91 |
return redirect(url_for('profile')) |
