next step polar

rowers/views/importviews.py

@@ -200,7 +200,7 @@ def rower_strava_authorize(request): # pragma: no cover
 
 # Polar Authorization
 @login_required()
-def rower_polar_authorize(request):
+def rower_polar_authorize(request): # pragma: no cover
 
     state = str(uuid4())
 
@@ -413,14 +413,14 @@ def rower_process_polarcallback(request):
 
     error = request.GET.get('error','no error')
     dologging('polar.log','Callback: {error}'.format(error=error))
-    if error != 'no error':
+    if error != 'no error': # pragma: no cover
         messages.error(request,error)
         url = reverse('rower_exportsettings_view')
         return HttpResponseRedirect(url)
 
     try:
         code = request.GET['code']
-    except MultiValueDictKeyError:
+    except MultiValueDictKeyError: # pragma: no cover
         try:
             message = request.GET['error']
         except MultiValueDictKeyError:
@@ -432,6 +432,15 @@ def rower_process_polarcallback(request):
         return HttpResponseRedirect(url)
 
     access_token, expires_in, user_id = polarstuff.get_token(code)
+    polar_user_data = polarstuff.register_user(request.user)
+
+    try:
+        user_id2 = polar_user_data['polar-user-id']
+    except KeyError:
+        user_id2 = 0
+
+    if user_id2 != user_id:
+        messages.error(request,'Polar User ID error')
 
     expirydatetime = timezone.now()+datetime.timedelta(seconds=expires_in)
 
@@ -442,8 +451,11 @@ def rower_process_polarcallback(request):
 
     r.save()
 
-    successmessage = "Tokens stored. Good to go. Please check your import/export settings"
-    messages.info(request,successmessage)
+    if user_id2 == user_id:
+        successmessage = "Tokens stored. Good to go. Please check your import/export settings"
+        messages.info(request,successmessage)
+    else:
+        messages.error(request,"Please contact support@rowsandall.com for help.")
     url = reverse('rower_exportsettings_view')
     return HttpResponseRedirect(url)