This repository has been archived by the owner on Feb 8, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 309
/
Copy pathassociate.spt
65 lines (49 loc) · 2.11 KB
/
associate.spt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
from base64 import b64decode
import json
from aspen import log, resources, Response
from gittip import canonical_scheme, canonical_host
from gittip.models.participant import NeedConfirmation
[-----------------------------]
platform = getattr(website.platforms, path['platform'], None)
if platform is None:
raise Response(404)
# Get the query id from the querystring
query_id = platform.get_query_id(qs)
# Check that we have a cookie that matches the query id (CSRF prevention)
cookie_name = (platform.name+'_'+query_id).encode('ascii')
try:
query_data, action, then, action_user_name = \
json.loads(b64decode(request.headers.cookie[cookie_name].value))
except KeyError:
raise Response(400, 'Missing cookie')
# Finish the auth process, the returned session is ready to use
url = canonical_scheme+'://'+canonical_host+request.line.uri.raw
sess = platform.handle_auth_callback(url, query_id, query_data)
# Get the user's info from the platform's API and upsert it in the DB
account = platform.upsert(platform.get_user_self_info(sess))
if action_user_name and account.user_name != action_user_name:
then = '/on/%s/%s/failure.html?action=%s'
request.redirect(then % (platform.name, action_user_name, action))
log('%s user "%s" wants to %s' % (platform.name, account.user_name, action))
if action == 'opt-in':
if platform not in website.signin_platforms:
raise Response(400)
# set 'user' to give them a session :/
user, newly_claimed = account.opt_in(account.user_name)
elif action == 'connect':
if user.ANON:
raise Response(403)
try:
user.participant.take_over((platform.name, account.user_id))
except NeedConfirmation, obstacles:
# XXX Eep! Internal redirect! Really?!
request.internally_redirected_from = request.fs
request.fs = website.www_root + '/on/confirm.html.spt'
request.resource = resources.get(request)
raise request.resource.respond(request)
elif action in {'lock', 'unlock'}:
account.set_is_locked(action == 'lock')
else:
raise Response(400)
request.redirect(then)
[-----------------------------] text/plain