from django.shortcuts import render from django.views import View from django.conf import settings from django.http import HttpResponse from django.http import HttpResponseRedirect import requests import hashlib import json from .models import User # Create your views here. # Redirect url should point to this view class LoginRedirect(View): def get(self, req): # Check request has correct arguments request_valid = 'state' in req.GET and 'code' in req.GET if not request_valid: r = HttpResponse('
There was an error in your request. Please try again
') r.status = 400 return r # Check state userstate = generateState(req) if userstate == req.GET['state']: code = req.GET['code'] resp = requests.post( settings.AUTH_TOKEN_ENDPOINT+"token", data={ 'grant_type':'authorization_code', 'code':code, 'redirect_uri':settings.AUTH_REDIRECT_URL, 'client_id':settings.AUTH_CLIENT_ID }, headers = { 'Authorization':'Basic %s'%settings.AUTH_B64 } ) resp_json = resp.json() if 'error' in resp_json: r = HttpResponse('%s'%json.dumps(resp_json)) r.status = 500 return r else: user_info = requests.get( settings.AUTH_TOKEN_ENDPOINT+"user", headers = { 'Authorization': 'Bearer ' + resp_json['access_token'] } ).json() req.session['user_id'] = user_info['uuid'] matches = User.objects.filter(user_id=user_info['uuid']) if not len(matches): user = User( user_id = user_info['uuid'], email = user_info['email'], display_name = user_info['display_name'] ) user.save() req.session['token'] = resp_json['access_token'] return HttpResponseRedirect('/') else: return HttpResponse('
It looks like the request to login wasn\'t started by you. Try going back to the home page and logging in again.
', status=400) class Login(View): def get(self, req): url = '%sauthorize?response_type=code&client_id=%s&redirect_uri=%s&scope=email&state=%s'%(settings.AUTH_TOKEN_ENDPOINT,settings.AUTH_CLIENT_ID,settings.AUTH_REDIRECT_URL, generateState(req)) response = HttpResponse("Redirecting you to the IcyNet auth page...") response.status_code = 302 response['Location'] = url return response def generateState(request): request.session.save() m = hashlib.sha256() m.update(bytearray(request.session.session_key, 'utf-8')) m.update(bytearray(settings.SECRET_KEY, 'utf-8')) return m.hexdigest()