From af16e083c95de84f396cfcfb17dbd9ef9601f705 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E8=BD=A6=E4=BA=AE=E4=BA=AE?= <liangliangyy@gmail.com>
Date: Wed, 15 Feb 2017 20:57:01 +0800
Subject: [PATCH] =?UTF-8?q?=E8=B0=B7=E6=AD=8Coauth?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 DjangoBlog/settings.py | 19 ++++++++++--------
 oauth/models.py        |  7 +++++++
 oauth/oauthmanager.py  | 45 ++++++++++++++++++++++++++++++++++++++++++
 oauth/urls.py          |  4 +++-
 oauth/views.py         | 37 +++++++++++++++++++++++++++++++++-
 5 files changed, 102 insertions(+), 10 deletions(-)

diff --git a/DjangoBlog/settings.py b/DjangoBlog/settings.py
index ca70276..ee65c96 100644
--- a/DjangoBlog/settings.py
+++ b/DjangoBlog/settings.py
@@ -22,8 +22,8 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 SECRET_KEY = '&3g0bdza#c%dm1lf%5gi&0-*53p3t0m*hmcvo29cn^$ji7je(c'
 
 # SECURITY WARNING: don't run with debug turned on in production!
-# DEBUG = True
-DEBUG = False
+DEBUG = True
+# DEBUG = False
 
 # ALLOWED_HOSTS = []
 ALLOWED_HOSTS = ['www.lylinux.net', '127.0.0.1']
@@ -197,6 +197,11 @@ OAHUTH = {
         'appkey': '3161614143',
         'appsecret': 'ee17c099317f872eeddb25204ea46721',
         'callbackurl': 'http://blog.lylinux.org/oauth/weibo'
+    },
+    'google': {
+        'appkey': os.environ.get('GOOGLE_APP_KEY'),
+        'appsecret': os.environ.get('GOOGLE_APP_SECRET'),
+        'callbackurl': 'http://www.lylinux.net/oauth/googleauthorize'
     }
 }
 
@@ -274,22 +279,20 @@ LOGGING = {
     }
 }
 
-
-
 STATICFILES_FINDERS = (
     'django.contrib.staticfiles.finders.FileSystemFinder',
     'django.contrib.staticfiles.finders.AppDirectoriesFinder',
-    #other
+    # other
     'compressor.finders.CompressorFinder',
 )
 COMPRESS_ENABLED = True
-COMPRESS_OFFLINE = True
+# COMPRESS_OFFLINE = True
 
 
 COMPRESS_CSS_FILTERS = [
-    #creates absolute urls from relative ones
+    # creates absolute urls from relative ones
     'compressor.filters.css_default.CssAbsoluteFilter',
-    #css minimizer
+    # css minimizer
     'compressor.filters.cssmin.CSSMinFilter'
 ]
 COMPRESS_JS_FILTERS = [
diff --git a/oauth/models.py b/oauth/models.py
index db2fa82..76a10b0 100644
--- a/oauth/models.py
+++ b/oauth/models.py
@@ -9,6 +9,7 @@ class BaseModel(models.Model):
     openid = models.CharField(max_length=50)
     nikename = models.CharField(max_length=50, verbose_name='昵称')
     token = models.CharField(max_length=50)
+    picture = models.CharField(max_length=50, blank=True, null=True)
 
     def __str__(self):
         return self.nikename
@@ -27,3 +28,9 @@ class QQUserInfo(BaseModel):
     class Meta:
         verbose_name = "QQ"
         verbose_name_plural = verbose_name
+
+
+class GoogleUserInfo(BaseModel):
+    class Meta:
+        verbose_name = "Google"
+        verbose_name_plural = verbose_name
diff --git a/oauth/oauthmanager.py b/oauth/oauthmanager.py
index 42bbc3c..5d76151 100644
--- a/oauth/oauthmanager.py
+++ b/oauth/oauthmanager.py
@@ -115,3 +115,48 @@ class WBOauthManager(BaseManager):
         }
         rsp = self.do_get(self.API_URL, params)
         print(rsp)
+
+
+class GoogleOauthManager(BaseManager):
+    AUTH_URL = 'https://accounts.google.com/o/oauth2/v2/auth'
+    TOKEN_URL = 'https://www.googleapis.com/oauth2/v4/token'
+    API_URL = 'https://www.googleapis.com/oauth2/v3/userinfo'
+
+    def __init__(self, client_id, client_secret, callback_url, access_token=None, openid=None):
+        super(GoogleOauthManager, self).__init__(client_id=client_id, client_secret=client_secret,
+                                                 callback_url=callback_url, access_token=access_token, openid=openid)
+
+    def get_authorization_url(self):
+        params = {
+            'client_id': self.client_id,
+            'response_type': 'code',
+            'redirect_uri': self.callback_url,
+            'scope': 'openid email',
+        }
+        url = self.AUTH_URL + "?" + urllib.parse.urlencode(params, quote_via=urllib.parse.quote)
+        return url
+
+    def get_access_token_by_code(self, code):
+        params = {
+            'client_id': self.client_id,
+            'client_secret': self.client_secret,
+            'grant_type': 'authorization_code',
+            'code': code,
+
+            'redirect_uri': self.callback_url
+        }
+        rsp = self.do_post(self.TOKEN_URL, params)
+        print(rsp)
+        obj = json.loads(rsp)
+        self.access_token = str(obj['access_token'])
+        self.openid = str(obj['id_token'])
+
+    def get_oauth_userinfo(self):
+        if not self.is_authorized:
+            return None
+        params = {
+            'access_token': self.access_token
+        }
+        rsp = self.do_get(self.API_URL, params)
+        print(rsp)
+        return json.loads(rsp)
diff --git a/oauth/urls.py b/oauth/urls.py
index a5d4906..b980ec2 100644
--- a/oauth/urls.py
+++ b/oauth/urls.py
@@ -19,6 +19,8 @@ from . import views
 
 urlpatterns = [
     url(r'^oauth/wbauthorize/(?P<sitename>\w+)$', views.wbauthorize),
-
     url(r'^oauth/wboauthurl$', views.wboauthurl),
+    # url(r'^oauth/wbauthorize/(?P<sitename>\w+)$', views.wbauthorize),
+    url(r'^oauth/googleoauthurl', views.googleoauthurl),
+    url(r'^oauth/googleauthorize', views.googleauthorize),
 ]
diff --git a/oauth/views.py b/oauth/views.py
index 560b2b6..a88051f 100644
--- a/oauth/views.py
+++ b/oauth/views.py
@@ -1,9 +1,11 @@
 from django.shortcuts import render
 
 # Create your views here.
-from .oauthmanager import WBOauthManager
+from .oauthmanager import WBOauthManager, GoogleOauthManager
 from django.conf import settings
 from django.http import HttpResponse
+from django.contrib.auth import get_user_model
+from .models import GoogleUserInfo
 
 
 def wbauthorize(request, sitename):
@@ -22,3 +24,36 @@ def wboauthurl(request):
                              callback_url=settings.OAHUTH['sina']['callbackurl'])
     url = manager.get_authorization_url()
     return HttpResponse(url)
+
+
+def googleoauthurl(request):
+    manager = GoogleOauthManager(client_id=settings.OAHUTH['google']['appkey'],
+                                 client_secret=settings.OAHUTH['google']['appsecret'],
+                                 callback_url=settings.OAHUTH['google']['callbackurl'])
+    url = manager.get_authorization_url()
+    return HttpResponse(url)
+
+
+def googleauthorize(request):
+    manager = GoogleOauthManager(client_id=settings.OAHUTH['google']['appkey'],
+                                 client_secret=settings.OAHUTH['google']['appsecret'],
+                                 callback_url=settings.OAHUTH['google']['callbackurl'])
+    code = request.GET.get('code', None)
+    rsp = manager.get_access_token_by_code(code)
+    print(rsp)
+    user = manager.get_oauth_userinfo()
+    if user:
+        email = user['email']
+        author = get_user_model().objects.get(email=email)
+        if not author:
+            author = get_user_model().objects.create_user(username=user["name"], email=email, password=None,
+                                                          nikename=user["name"])
+        if not GoogleUserInfo.objects.filter(author_id=author.pk):
+            userinfo = GoogleUserInfo()
+            userinfo.author = author
+            userinfo.picture = user["picture"]
+            userinfo.token = manager.access_token
+            userinfo.openid = manager.openid
+            userinfo.nikename = user["name"]
+            userinfo.save()
+    return HttpResponse(rsp)