add oidc allow_code to views
This commit is contained in:
parent
df9c0c2361
commit
addc4fe0f7
|
@ -1,6 +1,8 @@
|
|||
import logging
|
||||
import smtplib
|
||||
import datetime
|
||||
import requests
|
||||
import json
|
||||
|
||||
from django.conf import settings
|
||||
from django.contrib import messages
|
||||
|
@ -20,6 +22,7 @@ from django.views.generic.list import ListView
|
|||
from requests.exceptions import HTTPError
|
||||
|
||||
from . import get_version
|
||||
from . import api
|
||||
from .auth import login as auth_login
|
||||
from .auth import logout as auth_logout
|
||||
from .forms import LoginForm, MailboxChangePasswordForm, MailboxCreateForm, MailboxUpdateForm, MailForm
|
||||
|
@ -33,6 +36,7 @@ from .utils import get_bootstraped_percent
|
|||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
|
||||
class DashboardView(CustomContextMixin, UserTokenRequiredMixin, TemplateView):
|
||||
template_name = "musician/dashboard.html"
|
||||
extra_context = {
|
||||
|
@ -535,6 +539,61 @@ class DomainDetailView(CustomContextMixin, UserTokenRequiredMixin, DetailView):
|
|||
return domain
|
||||
|
||||
|
||||
class AllowCodeView(RedirectView):
|
||||
"""
|
||||
Log in the user with OAuth2.
|
||||
"""
|
||||
permanent = False
|
||||
success_url = reverse_lazy('musician:dashboard')
|
||||
userinfo = None
|
||||
|
||||
def get_token(self):
|
||||
url = "http://localhost:5000/oauth/token"
|
||||
client_id = settings.CLIENT_ID
|
||||
client_secret = settings.CLIENT_SECRET
|
||||
self.code = self.request.GET.get('code')
|
||||
data = {'grant_type': 'authorization_code', 'code': self.code}
|
||||
auth = (client_id, client_secret)
|
||||
msg = requests.post(url, data=data, auth=auth)
|
||||
self.token = msg.text
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
"""
|
||||
Logs in the user.
|
||||
"""
|
||||
self.get_token()
|
||||
# self.get_user_info()
|
||||
orchestra = api.Orchestra(token=self.token)
|
||||
self.orchestra_token = orchestra.auth_token
|
||||
self.user = orchestra.retrieve_profile()
|
||||
username = self.user.username
|
||||
auth_login(self.request, username, self.orchestra_token)
|
||||
|
||||
# set user language as active language
|
||||
user_language = self.user.language
|
||||
translation.activate(user_language)
|
||||
|
||||
response = HttpResponseRedirect(self.get_success_url())
|
||||
response.set_cookie(settings.LANGUAGE_COOKIE_NAME, user_language)
|
||||
|
||||
return response
|
||||
# return super().get(*args, **kwargs)
|
||||
|
||||
def get_success_url(self):
|
||||
url = self.get_redirect_url()
|
||||
return url or self.success_url
|
||||
|
||||
def get_redirect_url(self):
|
||||
"""Return the user-originating redirect URL if it's safe."""
|
||||
redirect_to = self.success_url
|
||||
url_is_safe = is_safe_url(
|
||||
url=redirect_to,
|
||||
allowed_hosts={self.request.get_host()},
|
||||
require_https=self.request.is_secure(),
|
||||
)
|
||||
return redirect_to if url_is_safe else ''
|
||||
|
||||
|
||||
class LoginView(FormView):
|
||||
template_name = 'auth/login.html'
|
||||
form_class = LoginForm
|
||||
|
@ -551,6 +610,16 @@ class LoginView(FormView):
|
|||
kwargs['request'] = self.request
|
||||
return kwargs
|
||||
|
||||
def get_oidc_url(self):
|
||||
client_id = settings.CLIENT_ID
|
||||
domain = settings.OIDC_PROVIDER
|
||||
if not client_id or not domain:
|
||||
return
|
||||
|
||||
url = f'{domain}/oauth/authorize?client_id={client_id}'
|
||||
url += '&scope=openid+profile&response_type=code&nonce=abc'
|
||||
return url
|
||||
|
||||
def form_valid(self, form):
|
||||
"""Security check complete. Log the user in."""
|
||||
auth_login(self.request, form.username, form.token)
|
||||
|
@ -585,6 +654,7 @@ class LoginView(FormView):
|
|||
context = super().get_context_data(**kwargs)
|
||||
context.update({
|
||||
self.redirect_field_name: self.get_redirect_url(),
|
||||
'oidc_provider': self.get_oidc_url(),
|
||||
**(self.extra_context or {})
|
||||
})
|
||||
return context
|
||||
|
|
Loading…
Reference in a new issue