Added login enpoints /login and /login/redirect

2017-09-22 16:00:24 -04:00 · 2017-09-22 16:00:24 -04:00 · e0ef46ca91
commit e0ef46ca91
parent cb296bd565
3 changed files with 63 additions and 1 deletions
--- a/EpisodesCommunity/urls.py
+++ b/EpisodesCommunity/urls.py
@ -13,9 +13,10 @@ Including another URLconf
    1. Import the include() function: from django.conf.urls import url, include
    2. Add a URL to urlpatterns:  url(r'^blog/', include('blog.urls'))
 """
-from django.conf.urls import url
+from django.conf.urls import url, include
 from django.contrib import admin

 urlpatterns = [
    url(r'^admin/', admin.site.urls),
+    url(r'^', include('LandingPage.urls'))
 ]
--- a/LandingPage/urls.py
+++ b/LandingPage/urls.py
@ -0,0 +1,9 @@
+from django.conf.urls import url
+
+from . import views
+
+urlpatterns = [
+    url(r'^login/redirect$', views.LoginRedirect.as_view()),
+    url(r'^login$', views.Login.as_view()),
+]
+
--- a/LandingPage/views.py
+++ b/LandingPage/views.py
@ -1,3 +1,55 @@
 from django.shortcuts import render
+from django.views import View
+from django.conf import settings
+from django.http import HttpResponse
+from django.http import HttpResponseRedirect
+import requests
+import hashlib
+import json

 # Create your views here.
+# Redirect url should point to this view
+class LoginRedirect(View):
+    def get(self, req):
+        
+        # Check state
+        userstate = generateState(req)
+        if userstate == req.GET['state']:
+            code = req.GET['code']
+            resp = requests.post(
+                    settings.AUTH_TOKEN_ENDPOINT+"token",
+                    data={
+                        'grant_type':'authorization_code',
+                        'code':code,
+                        'redirect_uri':settings.AUTH_REDIRECT_URL,
+                        'client_id':settings.AUTH_CLIENT_ID
+                    },
+                    headers = {
+                        'Authorization':'Basic %s'%settings.AUTH_B64
+                    }
+            )
+            print((settings.AUTH_B64))
+            resp_json = resp.json()
+            if 'error' in resp_json:
+                return HttpResponse('<h1>OAuth Error</h1><pre>%s</pre>'%json.dumps(resp_json))
+            else:
+                req.session['token'] = resp_json['access_token']
+                return HttpResponseRedirect('/')
+        else:
+            return HttpResponse('<h1>Unmatching state tokens</h1><br><p>It looks like the request to login wasn\'t started by you.  Try going back to the home page and logging in again.</p>', status=400)
+
+class Login(View):
+    def get(self, req):
+        url = '%sauthorize?response_type=code&client_id=%s&redirect_uri=%s&scope=email&state=%s'%(settings.AUTH_TOKEN_ENDPOINT,settings.AUTH_CLIENT_ID,settings.AUTH_REDIRECT_URL, generateState(req))
+        response = HttpResponse("Redirecting you to the IcyNet auth page...")
+        response.status_code = 302
+        response['Location'] = url
+        return response
+
+def generateState(request):
+    request.session.save()
+
+    m = hashlib.sha256()
+    m.update(bytearray(request.session.session_key, 'utf-8'))
+    m.update(bytearray(settings.SECRET_KEY, 'utf-8'))
+    return m.hexdigest()