Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import facebook
- from flask.ext.security.decorators import anonymous_user_required
- from flask.ext.social.utils import get_provider_or_404
- from flask.ext.social.views import _security, login_handler
- @app.route('/login_social/<provider_id>', methods=['GET', 'POST'])
- @anonymous_user_required
- def login_social(provider_id=None):
- """
- Login via credentials from a social network. For now only supports
- Facebook.
- """
- # TODO: add support for other providers
- if not provider_id or provider_id != 'facebook':
- abort(404)
- if request.json:
- form_data = MultiDict(request.json)
- else:
- form_data = request.form
- form = LoginSocialForm(form_data)
- if form.validate_on_submit():
- access_token = form_data['token']
- provider = get_provider_or_404(provider_id)
- # validate/debug the token
- graph = facebook.GraphAPI(access_token)
- token_info = graph.get_object("/debug_token?input_token=%s" %
- access_token)
- debug("Got token info: %s", token_info)
- def validate_token_info(token_info):
- # We got a response
- if not token_info:
- return False
- # We can read it
- if not token_info['data']:
- return False
- # The token is valid
- if not token_info['data']['is_valid']:
- return False
- # The app ID matches
- if token_info['data']['app_id'] != provider.consumer_key:
- return False
- return True
- if not validate_token_info(token_info):
- do_flash('Invalid token for %s' % provider.name, 'error')
- return _security.login_manager.unauthorized(), None
- # look for a connection
- query = dict(
- provider_user_id=token_info['data']['user_id'],
- provider_id=provider_id)
- # login, or fail back to register workflow. The first argument, the
- # oauth response, is probably unused and anyway we don't really have
- # one.
- return login_handler(None, provider, query)
- if request.json:
- return _render_json(form)
- return render_template('login_social.html', form=form, provider=provider_id)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement