Even if you can modify tools.py, my suggestion is to modify your db.py
code. Remember that you can do many things sub-classing the OAuthAccount
class!
This is what I use these very days. Look what you can do in the get_user()
method. Just map any of the returned attributes from facebook onto the
required attributes of the auth table.
HTH
mic
class FaceBookAccount(OAuthAccount):
"""OAuth impl for FaceBook"""
AUTH_URL="https://graph.facebook.com/oauth/authorize";
#AUTH_URL="https://graph.facebook.com/oauth/authorize?display=popup&";
TOKEN_URL="https://graph.facebook.com/oauth/access_token";
def __init__(self):
OAuthAccount.__init__(self, None, FB_CLIENT_ID, FB_CLIENT_SECRET,
self.AUTH_URL, self.TOKEN_URL,
scope='email,user_about_me,user_activities,
user_birthday, user_education_history, user_groups, user_hometown,
user_interests, user_likes, user_location, user_relationships,
user_relationship_details, user_religion_politics, user_subscriptions,
user_work_history, user_photos, user_status, user_videos, publish_actions',
state="auth_provider=facebook",
display='popup')
self.graph = None
def get_user(self):
'''Returns the user using the Graph API.
'''
if not self.accessToken():
return None
if not self.graph:
self.graph = GraphAPI((self.accessToken()))
user = None
try:
user = self.graph.get_object("me")
except GraphAPIError, e:
session.token = None
self.graph = None
if user:
if not user.has_key('username'):
username = user['id']
else:
username = user['username']
session.my_auth_token=self.accessToken(),
return dict(first_name = user['first_name'],
last_name = user['last_name'],
username = username,
email = user['email']) )
def logout_url(self, next="/"):
graph_url =
"https://graph.facebook.com/me/permissions?method=delete&access_token=%s"; %
self.accessToken()
urllib2.urlopen(graph_url).read()
session.auth_provider = None
return super(FaceBookAccount, self).logout_url(next)
Il giorno venerdì 8 marzo 2013 18:46:14 UTC+1, Michele Comitini ha scritto:
>
> Leo,
>
> I http_x_forwarded_for was for reversed proxy web2py installations. I
> removed it until as you did until we find a better solution.
> I will look into registration_id issue as soon as I get on a desk...
>
> tnx
> mic
>
>
> 2013/3/8 Leonardo M. Rocha
> > Update,
> >
> > I found (testig with other facebook user) that the problem is not when
> > I reboot the server, but when a user tries to log in for the second
> > time.
> >
> > Following the trace I finally found that there is a call to the
> > gluon/dal.py RecordUpdater.__call__(**fields)
> > Where fields = {registration_id: u11111111111111}
> >
> > as registration_id is not in in table.fields [id, first_name,
> > last_name, username, password, registration_key] (auth_user defined in
> > helloFacebook)
> >
> > the field registration_id is erased from the dict:
> >
> > if not fieldname in table.fields or table[fieldname].type=='id':
> > del newfields[fieldname]
> >
> > and an empty call is issued to Auth.get_or_create_user(self, keys,
> > update_fields=['email']) (file in gluon/tools.py)
> > There is the reason of the error.
> >
> > BUT as I see, there is the need to have a "username" instead of a
> > registration_id for the call to be done correctly
> > and the table in my db.py is:
> >
> > auth_table = db.define_table(
> > auth.settings.table_user_name,
> > Field('first_name', length=128, default=""),
> > Field('last_name', length=128, default=""),
> > Field('username', length=128, default="", unique=True),
> > Field('password', 'password', length=256,
> > readable=False, label='Password'),
> > Field('registration_key', length=128, default= "",
> > writable=False, readable=False))
> >
> > I tried with Field('registration_id', length=128, default="",
> > unique=True), instead of username, but this time the error is that
> > there is no 'email' field
> >
> > So following the login call, again I found out that
> > RecordUpdater.__call__(**fields) is generated only when the user has
> > already logged in at least once with facebook, the question is: Why
> > does it want to update the fields??
> >
> > Checking: gluon/tools.py and gluon/dal.py
> >
> > again I found that the problem was in gluon/tools.py (line 1930) def
> > Auth.login() and in relationship with the field I do get
> > (registration_id, that I do not know where it comes, but I think is
> > from facebook)
> >
> > So this is what is in the file:
> > if self.settings.login_userfield:
> > username = self.settings.login_userfield
> > elif 'username' in table_user.fields:
> > username = 'username'
> > else:
> > username = 'email'
> > if 'username' in table_user.fields or \
> > not self.settings.login_email_validate:
> > tmpvalidator =
> IS_NOT_EMPTY(error_message=self.messages.is_empty)
> >
> > And i added for it to actually check for registration_id also
> >
> > entonces le agregue:
> > if self.settings.login_userfield:
> > username = self.settings.login_userfield
> > elif 'username' in table_user.fields:
> > username = 'username'
> > elif 'registration_id' in table_user.fields:
> > username = 'registration_id'
> > else:
> > username = 'email'
> > if 'username' in table_user.fields or 'registration_id' in
> > table_user.fields or \
> > not self.settings.login_email_validate:
> > tmpvalidator =
> IS_NOT_EMPTY(error_message=self.messages.is_empty)
> >
> >
> > This actually solves my problem, BUT, I want to know, Am I doing
> > something REALLY wrong here?
> > What would be a way to actually solve the issue but without modifying
> > the web2py framework?
> > Or it is seriously something to modify in the gluon/tools.py file?
> >
> >>
> >> Questions:
> >> Why is the system trying to update the DB when doing the login with
> OAuth?
> >> Have you got any clues on how to start solving the issue?
> > Any hints here?
> >
> >
> >> Another thing that I need to state:
> >>
> >> When first tried to login, the redirect address generated by OAuth was
> >> wrong, it gave my local personal IP address, instead of the one in the
> >> server (I don't know why), I managed to solve it modifying:
> >>
> >> gluon/contrib/login_methods/oauth20_account.py
> >>
> ------------------------------------------------------------------------------
>
>
> >> 105 r = current.request
> >> 106 #http_host = r.env.http_x_forwarded_for #THIS was making a
> >> problem getting my laptop address instead of my server address ...
> WHY???
> >> 107 http_host = r.env.http_host
> >>
> ------------------------------------------------------------------------------
>
>
> >>
> >> Reading in the book (chapter The Core) and in the ref.
> >> I do not get why we should use env.http_x_forwarded_for instead of
> >> env.http_host ,
> >> Don't we want the server address to be the redirection address?
> >> Why would we even want an address that is the client AND can be
> spoofed?
> >
> > Any hints here?
> >
> >
> >
> >
> > --
> > Ing. Leonardo Manuel Rocha
> >
> > --
> >
> > ---
> > You received this message because you are subscribed to the Google
> Groups "web2py-users" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to [email protected].
> > For more options, visit https://groups.google.com/groups/opt_out.
> >
> >
>
--
---
You received this message because you are subscribed to the Google Groups
"web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
