This repository has been archived on 2022-11-26. You can view files and clone it, but cannot push or open issues or pull requests.
Episodes.Community/LandingPage/views.py
2017-09-22 16:13:45 -04:00

64 lines
2.5 KiB
Python

from django.shortcuts import render
from django.views import View
from django.conf import settings
from django.http import HttpResponse
from django.http import HttpResponseRedirect
import requests
import hashlib
import json
# Create your views here.
# Redirect url should point to this view
class LoginRedirect(View):
def get(self, req):
# Check request has correct arguments
request_valid = 'state' in req.GET and 'code' in req.GET
if not request_valid:
r = HttpResponse('<h1>Error</h1><p>There was an error in your request. Please <a href=/login>try again</a></p>')
r.status = 400
return r
# Check state
userstate = generateState(req)
if userstate == req.GET['state']:
code = req.GET['code']
resp = requests.post(
settings.AUTH_TOKEN_ENDPOINT+"token",
data={
'grant_type':'authorization_code',
'code':code,
'redirect_uri':settings.AUTH_REDIRECT_URL,
'client_id':settings.AUTH_CLIENT_ID
},
headers = {
'Authorization':'Basic %s'%settings.AUTH_B64
}
)
resp_json = resp.json()
if 'error' in resp_json:
r = HttpResponse('<h1>OAuth Error</h1><pre>%s</pre>'%json.dumps(resp_json))
r.status = 500
return r
else:
req.session['token'] = resp_json['access_token']
return HttpResponseRedirect('/')
else:
return HttpResponse('<h1>Unmatching state tokens</h1><br><p>It looks like the request to login wasn\'t started by you. Try going back to the home page and logging in again.</p>', status=400)
class Login(View):
def get(self, req):
url = '%sauthorize?response_type=code&client_id=%s&redirect_uri=%s&scope=email&state=%s'%(settings.AUTH_TOKEN_ENDPOINT,settings.AUTH_CLIENT_ID,settings.AUTH_REDIRECT_URL, generateState(req))
response = HttpResponse("Redirecting you to the IcyNet auth page...")
response.status_code = 302
response['Location'] = url
return response
def generateState(request):
request.session.save()
m = hashlib.sha256()
m.update(bytearray(request.session.session_key, 'utf-8'))
m.update(bytearray(settings.SECRET_KEY, 'utf-8'))
return m.hexdigest()