def get_auth_info():
"""
Get user's identity
Verify the interity of token from the OAuth provider,
then look up the database check if user exist or not.
If the user does not exist, create a new user instead.
:return: user instance
"""
if 'Access-Token' not in request.headers:
return None
access_token = request.headers['Access-Token']
if access_token is not None:
# For development purpose only
if access_token in app.config['TEST_TOKEN'].keys():
user = MongoUtil.find_user(app.config['TEST_TOKEN'][access_token])
else:
# Check that the Access Token is valid.
url = ('https://www.googleapis.com/oauth2/v3/tokeninfo?access_token=%s'
% access_token)
result = requests.get(url).json()
if result.get('error_description') is not None:
app.logger.debug('User {} failed to access the server'.format(access_token))
return None
user = MongoUtil.find_user(result['email'])
if user is None:
# if user does not exist, create a new user instead
app.logger.info('Create User: {}'.format(user))
first_name, last_name = get_user_profile(access_token)
user = MongoUtil.create_user(result['email'], first_name, last_name)
return user
评论列表
文章目录
