-
Notifications
You must be signed in to change notification settings - Fork 0
/
where_app.py
83 lines (68 loc) · 2.79 KB
/
where_app.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
# fb_call, main routine taken from the Heroku sample Facebook app
import os
import json
import requests
from flask import Flask, request, render_template, abort, redirect
from conf import group_number, data_root, access_exceptions
def get_data(relative_path):
return open(data_root + relative_path, 'r').read()
def fb_call(call, args=None):
url = "https://graph.facebook.com/{0}".format(call)
r = requests.get(url, params=args)
return json.loads(r.text)
def access_allowed(access_token):
try:
r = fb_call('me/groups', {'access_token': access_token})
for group in r.get('data', []):
if (('id' in group) and (group_number == int(group['id']))):
# In the group with the right id
return True
r = fb_call('me', {'access_token': access_token})
if (('id' in r) and (int(r['id']) in access_exceptions)):
return True
except requests.exceptions.RequestException:
pass
return False
app = Flask(__name__)
intern_data = get_data('intern_data.js')
map_credentials = get_data('map_credentials.js')
@app.route('/channel.html', methods=['GET', 'POST'])
def get_channel():
return render_template('channel.html')
def should_redirect_https(request):
"""Calculate whether we need to redirect. This accommodates a
Heroku-specific quirk wherein we can appear to be servicing HTTP
while really be servicing HTTPS (e.g. base_url will be HTTP).
Heroku has base_url always starting with http and sets
X-Forwarded-Proto. Non-Heroku will have a faithful beginning of
base_url (or this code needs to be modified for the service).
"""
base_url = request.base_url
proto_header = request.headers.get('X-Forwarded-Proto', None)
return ((proto_header != 'https') and
(not base_url.startswith('https')))
@app.route('/')
def index():
# print(request.headers)
base_url = request.base_url
if not base_url.startswith('https'):
assert(base_url.startswith('http'))
base_url = 'https' + base_url[4:]
if (should_redirect_https(request)):
# base_url has been made secure already
return redirect(base_url)
if ('access_token' not in request.args):
return render_template('my_index.html', base_url=base_url)
else:
access_token = request.args['access_token']
if access_allowed(access_token):
return render_template('where_app.html',
access_token=access_token,
intern_data=intern_data,
map_credentials=map_credentials)
else:
abort(403)
return render_template('my_index.html')
if __name__ == '__main__':
port = int(os.environ.get("PORT", 5000))
app.run(host='0.0.0.0', port=port)