Untitled

import facebook
from flask.ext.security.decorators import anonymous_user_required
from flask.ext.social.utils import get_provider_or_404
from flask.ext.social.views import _security, login_handler

@app.route('/login_social/<provider_id>', methods=['GET', 'POST'])
@anonymous_user_required
def login_social(provider_id=None):
    """
    Login via credentials from a social network.  For now only supports
    Facebook.
    """
    # TODO: add support for other providers
    if not provider_id or provider_id != 'facebook':
        abort(404)

    if request.json:
        form_data = MultiDict(request.json)
    else:
        form_data = request.form

    form = LoginSocialForm(form_data)

    if form.validate_on_submit():
        access_token = form_data['token']
        provider = get_provider_or_404(provider_id)

        # validate/debug the token
        graph = facebook.GraphAPI(access_token)
        token_info = graph.get_object("/debug_token?input_token=%s" %
                                      access_token)
        debug("Got token info: %s", token_info)

        def validate_token_info(token_info):
            # We got a response
            if not token_info:
                return False

            # We can read it
            if not token_info['data']:
                return False

            # The token is valid
            if not token_info['data']['is_valid']:
                return False

            # The app ID matches
            if token_info['data']['app_id'] != provider.consumer_key:
                return False

            return True

        if not validate_token_info(token_info):
            do_flash('Invalid token for %s' % provider.name, 'error')
            return _security.login_manager.unauthorized(), None

        # look for a connection
        query = dict(
            provider_user_id=token_info['data']['user_id'],
            provider_id=provider_id)

        # login, or fail back to register workflow.  The first argument, the
        # oauth response, is probably unused and anyway we don't really have
        # one.
        return login_handler(None, provider, query)

    if request.json:
        return _render_json(form)

    return render_template('login_social.html', form=form, provider=provider_id)