aesmail/gist:813612

## gistfile1.py
class FacebookMiddleware():
	def process_request(self, request):
		api_key = settings.FACEBOOK_API_KEY
		secret_key = settings.FACEBOOK_SECRET_KEY
		request.facebook = Facebook(api_key=api_key, secret_key=secret_key, request=request)
		if request.facebook.is_logged_in():
			username = request.facebook.get_uid()
			try:
				curr_user = User.objects.get(username=username)
				try:
					curr_user.get_profile()
				except Exception, e:
					salt = str(int(time.time() * 1000000))
					profile = UserProfile(user=curr_user, password_salt=salt)
					profile.save()
					password = curr_user.username + profile.password_salt
					curr_user.set_password(password)
					curr_user.save()
				password = curr_user.username + curr_user.get_profile().password_salt
				user = authenticate(username=curr_user.username, password=password)
				# This should always be true. Needs better algorithm.
				if user:
					login(request, user)
				else:
					# just in case authentication fails (VERY unlikely),
					# make sure to clean up sensitive information.
					request.facebook.IS_LOGGED_IN = False
					request.facebook.SESSION_KEY = None
					request.facebook.UID = None
					logout(request)
					print 'Authentication failed for UID=%s' % username
					print 'Should investigate failure.'
			except Exception, e:
				salt = str(int(time.time() * 1000000))
				password = username + salt
				user = User(username=username)
				user.set_password(password)
				try:
					# profile depends on user to be an existing record.
					user.save()
					profile = UserProfile(user=user, password_salt=salt)
					profile.save()
				except Exception, e:
					print 'New User/UserProfile could not be saved: UID=%s' % username
		else:
			# log user out of Django's authentication system if not connected through facebook.
			if request.user.is_authenticated():
				if not request.user.is_superuser and not request.user.is_staff:
					logout(request)
		return None
	class FacebookMiddleware():
	def process_request(self, request):
	api_key = settings.FACEBOOK_API_KEY
	secret_key = settings.FACEBOOK_SECRET_KEY
	request.facebook = Facebook(api_key=api_key, secret_key=secret_key, request=request)
	if request.facebook.is_logged_in():
	username = request.facebook.get_uid()
	try:
	curr_user = User.objects.get(username=username)
	try:
	curr_user.get_profile()
	except Exception, e:
	salt = str(int(time.time() * 1000000))
	profile = UserProfile(user=curr_user, password_salt=salt)
	profile.save()
	password = curr_user.username + profile.password_salt
	curr_user.set_password(password)
	curr_user.save()
	password = curr_user.username + curr_user.get_profile().password_salt
	user = authenticate(username=curr_user.username, password=password)
	# This should always be true. Needs better algorithm.
	if user:
	login(request, user)
	else:
	# just in case authentication fails (VERY unlikely),
	# make sure to clean up sensitive information.
	request.facebook.IS_LOGGED_IN = False
	request.facebook.SESSION_KEY = None
	request.facebook.UID = None
	logout(request)
	print 'Authentication failed for UID=%s' % username
	print 'Should investigate failure.'
	except Exception, e:
	salt = str(int(time.time() * 1000000))
	password = username + salt
	user = User(username=username)
	user.set_password(password)
	try:
	# profile depends on user to be an existing record.
	user.save()
	profile = UserProfile(user=user, password_salt=salt)
	profile.save()
	except Exception, e:
	print 'New User/UserProfile could not be saved: UID=%s' % username
	else:
	# log user out of Django's authentication system if not connected through facebook.
	if request.user.is_authenticated():
	if not request.user.is_superuser and not request.user.is_staff:
	logout(request)
	return None