From 8b4a14ffa394e873f0d249b6ff812b61af14cc20 Mon Sep 17 00:00:00 2001 From: Danielle McLean Date: Sun, 29 Oct 2017 16:16:27 +1100 Subject: [PATCH] On approving an IndieAuth request, actually generate an auth code and redirect --- lemonauth/migrations/0001_initial.py | 28 +++++++++++++++++++++++++++ lemonauth/migrations/__init__.py | 0 lemonauth/models.py | 29 ++++++++++++++++++++++++++++ lemonauth/views/indie.py | 14 +++++++++++--- 4 files changed, 68 insertions(+), 3 deletions(-) create mode 100644 lemonauth/migrations/0001_initial.py create mode 100644 lemonauth/migrations/__init__.py create mode 100644 lemonauth/models.py diff --git a/lemonauth/migrations/0001_initial.py b/lemonauth/migrations/0001_initial.py new file mode 100644 index 0000000..f9b1a7f --- /dev/null +++ b/lemonauth/migrations/0001_initial.py @@ -0,0 +1,28 @@ +# -*- coding: utf-8 -*- +# Generated by Django 1.11.6 on 2017-10-29 05:05 +from __future__ import unicode_literals + +from django.db import migrations, models + + +class Migration(migrations.Migration): + + initial = True + + dependencies = [ + ] + + operations = [ + migrations.CreateModel( + name='IndieAuthCode', + fields=[ + ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')), + ('code', models.CharField(max_length=64, unique=True)), + ('me', models.CharField(max_length=255)), + ('client_id', models.CharField(max_length=255)), + ('redirect_uri', models.CharField(max_length=255)), + ('response_type', models.CharField(choices=[('id', 'id'), ('code', 'code')], default='id', max_length=4)), + ('scope', models.CharField(blank=True, max_length=200)), + ], + ), + ] diff --git a/lemonauth/migrations/__init__.py b/lemonauth/migrations/__init__.py new file mode 100644 index 0000000..e69de29 diff --git a/lemonauth/models.py b/lemonauth/models.py new file mode 100644 index 0000000..1225811 --- /dev/null +++ b/lemonauth/models.py @@ -0,0 +1,29 @@ +from django.db import models +from secrets import token_hex + + +class IndieAuthCodeManager(models.Manager): + def create_from_dict(self, d): + code = self.create( + me=d['me'], + client_id=d['client_id'], + redirect_uri=d['redirect_uri'], + response_type=d.get('response_type', 'id'), + scope=d.get('scope', ''), + ) + code.code = token_hex(32) + return code + + +class IndieAuthCode(models.Model): + objects = IndieAuthCodeManager() + code = models.CharField(max_length=64, unique=True) + me = models.CharField(max_length=255) + client_id = models.CharField(max_length=255) + redirect_uri = models.CharField(max_length=255) + response_type = models.CharField( + max_length=4, + choices=(('id', 'id'), ('code', 'code')), + default='id', + ) + scope = models.CharField(max_length=200, blank=True) diff --git a/lemonauth/views/indie.py b/lemonauth/views/indie.py index a7d584c..d899a67 100644 --- a/lemonauth/views/indie.py +++ b/lemonauth/views/indie.py @@ -3,12 +3,14 @@ import mf2py from annoying.decorators import render_to from django.contrib.auth.decorators import login_required from django.http import HttpResponseForbidden, HttpResponseBadRequest -from django.http import JsonResponse +from django.shortcuts import redirect from django.utils.decorators import method_decorator from django.views.generic import TemplateView from django.views.decorators.http import require_POST from lemoncurry import breadcrumbs, utils -from urllib.parse import urljoin, urlunparse, urlparse +from urllib.parse import urlencode, urljoin, urlunparse, urlparse + +from ..models import IndieAuthCode breadcrumbs.add('lemonauth:indie', label='indieauth', parent='home:index') @@ -70,4 +72,10 @@ class IndieView(TemplateView): @login_required @require_POST def approve(request): - return JsonResponse(request.POST) + post = request.POST.dict() + code = IndieAuthCode.objects.create_from_dict(post) + code.save() + params = {'code': code.code, 'me': code.me} + if 'state' in post: + params['state'] = post['state'] + return redirect(code.redirect_uri + '?' + urlencode(params))