Commit a809b72c1f69607ed86db950e564b3edfc6cb731

Anon Ray
Wed Jul 02 19:12:34 IST 2014

Tree SHA1: 6f26375
Parent SHA1: cc12727 (Fix UI issues and add suggestions in the tags interface)
raw diff | raw patch

Fix user forced to clear cookies after access tokens gets expired

  Previously after access tokens were expired, the application was not checking
that. As a result users were forced to manually delete their cookies. Adding
checking of expiry of the tokens on the server side.

swtr/server.py 34 --++++++++++++++++++++++++++++++++

Diff rendering mode:
inline
side by side

swtr/server.py

 #!/usr/bin/python
+# -*- coding: utf8 -*-
 import flask
 from flask import session
 import config
 import requests
 import json
+from datetime import datetime, timedelta
 app = flask.Flask(__name__)
 app.config['SECRET_KEY'] = config.secret_key
-…
 @app.route('/', methods=['GET'])
 def index():
     auth_tok = None
+    # check if ?code param is there
     if flask.request.args.get('code'):
+        # prepare the payload
         payload = {
             'scopes': 'email sweet',
             'client_secret': config.app_secret,
-…
         oauth_token_x_endpoint = config.swtstoreURL + '/oauth/token'
         resp = requests.post(oauth_token_x_endpoint, data=payload)
         auth_tok = json.loads(resp.text)
+        print 'recvd auth token from swtstore'
         print auth_tok
         if 'error' in auth_tok:
             print auth_tok['error']
             return flask.make_response(auth_tok['error'], 200)
+        # set sessions et al
         session['auth_tok'] = auth_tok
+        session['auth_tok']['issued'] = datetime.utcnow()
+    # else if session is already existing..
     if 'auth_tok' in session:
         auth_tok = session['auth_tok']
+        # check if it has expired
+        oauth_token_expires_in_endpoint = config.swtstoreURL +\
+            '/oauth/token-expires-in'
+        resp = requests.get(oauth_token_expires_in_endpoint)
+        expires_in = json.loads(resp.text)['expires_in']
+        # added for backwared compatibility. previous session stores did not
+        # have issued key
+        try:
+            check = datetime.utcnow() - auth_tok['issued']
+            if check > timedelta(seconds=expires_in):
+                print 'access token expired'
+                # TODO: try to refresh the token before signing out the user
+                auth_tok = {'access_token': '', 'refresh_token': ''}
+            else:
+                print 'access token did not expire'
+        # if issued key is not there, reset the session
+        except KeyError:
+            auth_tok = {'access_token': '', 'refresh_token': ''}
     else:
         auth_tok = {'access_token': '', 'refresh_token': ''}
     print auth_tok
+    #print 'existing tokens'
+    #print auth_tok
     return flask.render_template('index.html',
                                  access_token=auth_tok['access_token'],
                                  refresh_token=auth_tok['refresh_token'],

Commit a809b72c1f69607ed86db950e564b3edfc6cb731

swtr/server.py

Gitorious