lrettig/auth.py

## auth.py
import facebook
from flask.ext.security.decorators import anonymous_user_required
from flask.ext.social.utils import get_provider_or_404
from flask.ext.social.views import _security, login_handler

@app.route('/login_social/<provider_id>', methods=['GET', 'POST'])
@anonymous_user_required
def login_social(provider_id=None):
    """
    Login via credentials from a social network.  For now only supports
    Facebook.
    """
    # TODO: add support for other providers
    if not provider_id or provider_id != 'facebook':
        abort(404)

    if request.json:
        form_data = MultiDict(request.json)
    else:
        form_data = request.form

    form = LoginSocialForm(form_data)

    if form.validate_on_submit():
        access_token = form_data['token']
        provider = get_provider_or_404(provider_id)

        # validate/debug the token
        graph = facebook.GraphAPI(access_token)
        token_info = graph.get_object("/debug_token?input_token=%s" %
                                      access_token)
        debug("Got token info: %s", token_info)

        def validate_token_info(token_info):
            # We got a response
            if not token_info:
                return False

            # We can read it
            if not token_info['data']:
                return False

            # The token is valid
            if not token_info['data']['is_valid']:
                return False

            # The app ID matches
            if token_info['data']['app_id'] != provider.consumer_key:
                return False

            return True

        if not validate_token_info(token_info):
            do_flash('Invalid token for %s' % provider.name, 'error')
            return _security.login_manager.unauthorized(), None

        # look for a connection
        query = dict(
            provider_user_id=token_info['data']['user_id'],
            provider_id=provider_id)

        # login, or fail back to register workflow.  The first argument, the
        # oauth response, is probably unused and anyway we don't really have
        # one.
        return login_handler(None, provider, query)

    if request.json:
        return _render_json(form)

    return render_template('login_social.html', form=form, provider=provider_id)
	import facebook
	from flask.ext.security.decorators import anonymous_user_required
	from flask.ext.social.utils import get_provider_or_404
	from flask.ext.social.views import _security, login_handler

	@app.route('/login_social/<provider_id>', methods=['GET', 'POST'])
	@anonymous_user_required
	def login_social(provider_id=None):
	"""
	Login via credentials from a social network. For now only supports
	Facebook.
	"""
	# TODO: add support for other providers
	if not provider_id or provider_id != 'facebook':
	abort(404)

	if request.json:
	form_data = MultiDict(request.json)
	else:
	form_data = request.form

	form = LoginSocialForm(form_data)

	if form.validate_on_submit():
	access_token = form_data['token']
	provider = get_provider_or_404(provider_id)

	# validate/debug the token
	graph = facebook.GraphAPI(access_token)
	token_info = graph.get_object("/debug_token?input_token=%s" %
	access_token)
	debug("Got token info: %s", token_info)

	def validate_token_info(token_info):
	# We got a response
	if not token_info:
	return False

	# We can read it
	if not token_info['data']:
	return False

	# The token is valid
	if not token_info['data']['is_valid']:
	return False

	# The app ID matches
	if token_info['data']['app_id'] != provider.consumer_key:
	return False

	return True

	if not validate_token_info(token_info):
	do_flash('Invalid token for %s' % provider.name, 'error')
	return _security.login_manager.unauthorized(), None

	# look for a connection
	query = dict(
	provider_user_id=token_info['data']['user_id'],
	provider_id=provider_id)

	# login, or fail back to register workflow. The first argument, the
	# oauth response, is probably unused and anyway we don't really have
	# one.
	return login_handler(None, provider, query)

	if request.json:
	return _render_json(form)

	return render_template('login_social.html', form=form, provider=provider_id)