Elaborated on error messages for the OAuth redirect endpoint

This commit is contained in:
Taizo 'Tsa6' Simpson 2017-09-22 16:13:45 -04:00
parent ad5552c37a
commit 49e508f4ad

View File

@ -12,6 +12,13 @@ import json
class LoginRedirect(View): class LoginRedirect(View):
def get(self, req): def get(self, req):
# Check request has correct arguments
request_valid = 'state' in req.GET and 'code' in req.GET
if not request_valid:
r = HttpResponse('<h1>Error</h1><p>There was an error in your request. Please <a href=/login>try again</a></p>')
r.status = 400
return r
# Check state # Check state
userstate = generateState(req) userstate = generateState(req)
if userstate == req.GET['state']: if userstate == req.GET['state']:
@ -30,7 +37,9 @@ class LoginRedirect(View):
) )
resp_json = resp.json() resp_json = resp.json()
if 'error' in resp_json: if 'error' in resp_json:
return HttpResponse('<h1>OAuth Error</h1><pre>%s</pre>'%json.dumps(resp_json)) r = HttpResponse('<h1>OAuth Error</h1><pre>%s</pre>'%json.dumps(resp_json))
r.status = 500
return r
else: else:
req.session['token'] = resp_json['access_token'] req.session['token'] = resp_json['access_token']
return HttpResponseRedirect('/') return HttpResponseRedirect('/')