Add wechat registration code to schemas

api/auth/authproviders.py

@@ -196,10 +196,11 @@ class WechatOAuthProvider(AuthProvider):
         }
 
     def ensure_user_exists(self, openid, registration_code=None):
+        config.log.debug('openid is {} and reg code is {}'.format(openid, registration_code))
         if registration_code:
             user = config.db.users.find_one({'wechat.registration_code': registration_code})
             if user is None:
-                raise APIUnknownUserException('Invalid registration code.')
+                raise APIUnknownUserException('Invalid or expired registration code.')
             update = {
                 '$set': {
                     'wechat.openid': openid

api/handlers/userhandler.py

@@ -23,7 +23,12 @@ class UserHandler(base.RequestHandler):
     def get(self, _id):
         user = self._get_user(_id)
         permchecker = userauth.default(self, user)
-        result = permchecker(self.storage.exec_op)('GET', _id, projection={'api_key': 0, 'wechat': 0} or None)
+        projection = {'api_key': 0}
+        if self.superuser_request:
+            projection['wechat.openid'] = 0
+        else:
+            projection['wechat'] = 0
+        result = permchecker(self.storage.exec_op)('GET', _id, projection=projection or None)
         if result is None:
             self.abort(404, 'User does not exist')
         return result
@@ -39,7 +44,12 @@ class UserHandler(base.RequestHandler):
 
     def get_all(self):
         permchecker = userauth.list_permission_checker(self)
-        result = permchecker(self.storage.exec_op)('GET', projection={'preferences': 0, 'api_key': 0, 'wechat': 0})
+        projection = {'preferences': 0, 'api_key': 0}
+        if self.superuser_request:
+            projection['wechat.openid'] = 0
+        else:
+            projection['wechat'] = 0
+        result = permchecker(self.storage.exec_op)('GET', projection=projection)
         if result is None:
             self.abort(404, 'Not found')
         return result
@@ -63,8 +73,6 @@ class UserHandler(base.RequestHandler):
         user = self._get_user(_id)
         permchecker = userauth.default(self, user)
         payload = self.request.json_body
-        if self.is_true('wechat'):
-            payload['wechat'] = {'registration_code': base64.urlsafe_b64encode(os.urandom(42))}
         mongo_schema_uri = validators.schema_uri('mongo', 'user.json')
         mongo_validator = validators.decorator_from_schema_path(mongo_schema_uri)
         payload_schema_uri = validators.schema_uri('input', 'user-update.json')
@@ -81,6 +89,8 @@ class UserHandler(base.RequestHandler):
         """Add user"""
         permchecker = userauth.default(self)
         payload = self.request.json_body
+        if self.is_true('wechat'):
+            payload['wechat'] = {'registration_code': base64.urlsafe_b64encode(os.urandom(42))}
         mongo_schema_uri = validators.schema_uri('mongo', 'user.json')
         mongo_validator = validators.decorator_from_schema_path(mongo_schema_uri)
         payload_schema_uri = validators.schema_uri('input', 'user-new.json')

api/web/base.py

@@ -173,6 +173,7 @@ class RequestHandler(webapp2.RequestHandler):
         """
 
         payload = self.request.json_body
+        config.log.debug(payload)
         if 'code' not in payload or 'auth_type' not in payload:
             self.abort(400, 'Auth code and type required for login')
 
@@ -182,7 +183,8 @@ class RequestHandler(webapp2.RequestHandler):
         except NotImplementedError as e:
             self.abort(400, str(e))
 
-        token_entry = auth_provider.validate_code(payload['code'])
+        registration_code = payload.get('registration_code')
+        token_entry = auth_provider.validate_code(payload['code'], registration_code=registration_code)
         timestamp = datetime.datetime.utcnow()
 
         # If this is the first time they've logged in, record that

raml/schemas/definitions/user.json

@@ -35,6 +35,7 @@
                           "title": "Preferences",
                           "type": "object"
                         },
+    "wechat": {},
     "api_key":{
       "type":"object",
       "properties":{
@@ -55,7 +56,8 @@
         "avatars":{"$ref":"#/definitions/avatars"},
         "root":{"$ref":"#/definitions/root"},
         "disabled":{"$ref":"#/definitions/disabled"},
-        "preferences":{"$ref":"#/definitions/preferences"}
+        "preferences":{"$ref":"#/definitions/preferences"},
+        "wechat":{"$ref":"#/definitions/wechat"}
       },
       "additionalProperties":false
     },
@@ -71,6 +73,7 @@
         "root":{"$ref":"#/definitions/root"},
         "disabled":{"$ref":"#/definitions/disabled"},
         "preferences":{"$ref":"#/definitions/preferences"},
+        "wechat":{"$ref":"#/definitions/wechat"},
         "created":{"$ref":"../definitions/created-modified.json#/definitions/created"},
         "modified":{"$ref":"../definitions/created-modified.json#/definitions/modified"}
       },

raml/schemas/output/user-self.json

@@ -13,7 +13,8 @@
     "preferences":{"$ref":"../definitions/user.json#/definitions/preferences"},
     "created":{"$ref":"../definitions/created-modified.json#/definitions/created"},
     "modified":{"$ref":"../definitions/created-modified.json#/definitions/modified"},
-    "api_key":{"$ref":"../definitions/user.json#/definitions/api_key"}
+    "api_key":{"$ref":"../definitions/user.json#/definitions/api_key"},
+    "wechat":{"$ref":"../definitions/user.json#/definitions/wechat"}
   },
   "additionalProperties":false,
   "required":[