Implement the auth-code verification step, producing a complete IndieAuth implementation for 'id' type (nothing for 'code' type yet tho)
This commit is contained in:
parent
8b4a14ffa3
commit
acce72e90e
4 changed files with 47 additions and 1 deletions
1
Pipfile
1
Pipfile
|
@ -30,6 +30,7 @@ django-push = "*"
|
||||||
pyyaml = "*"
|
pyyaml = "*"
|
||||||
django-annoying = "*"
|
django-annoying = "*"
|
||||||
django-shorturls = "*"
|
django-shorturls = "*"
|
||||||
|
accept-types = "*"
|
||||||
|
|
||||||
|
|
||||||
[dev-packages]
|
[dev-packages]
|
||||||
|
|
8
Pipfile.lock
generated
8
Pipfile.lock
generated
|
@ -1,7 +1,7 @@
|
||||||
{
|
{
|
||||||
"_meta": {
|
"_meta": {
|
||||||
"hash": {
|
"hash": {
|
||||||
"sha256": "3f9a75dcd0609cd38fc01d23b8f2e198e494f5ab7120e5bb8af08b909a16ea52"
|
"sha256": "c9835b77b96ade2202ff84521a2cda6a3c04679d448cc434a49f3ce07d6befcf"
|
||||||
},
|
},
|
||||||
"host-environment-markers": {
|
"host-environment-markers": {
|
||||||
"implementation_name": "cpython",
|
"implementation_name": "cpython",
|
||||||
|
@ -27,6 +27,12 @@
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
"default": {
|
"default": {
|
||||||
|
"accept-types": {
|
||||||
|
"hashes": [
|
||||||
|
"sha256:9ae86512bf3a3eaad6a2793617a34eb15b384593e6c28697bef9b15ac237017a"
|
||||||
|
],
|
||||||
|
"version": "==0.3.0"
|
||||||
|
},
|
||||||
"beautifulsoup4": {
|
"beautifulsoup4": {
|
||||||
"hashes": [
|
"hashes": [
|
||||||
"sha256:7015e76bf32f1f574636c4288399a6de66ce08fb7b2457f628a8d70c0fbabb11",
|
"sha256:7015e76bf32f1f574636c4288399a6de66ce08fb7b2457f628a8d70c0fbabb11",
|
||||||
|
|
|
@ -3,9 +3,11 @@ import mf2py
|
||||||
from annoying.decorators import render_to
|
from annoying.decorators import render_to
|
||||||
from django.contrib.auth.decorators import login_required
|
from django.contrib.auth.decorators import login_required
|
||||||
from django.http import HttpResponseForbidden, HttpResponseBadRequest
|
from django.http import HttpResponseForbidden, HttpResponseBadRequest
|
||||||
|
from django.http import JsonResponse
|
||||||
from django.shortcuts import redirect
|
from django.shortcuts import redirect
|
||||||
from django.utils.decorators import method_decorator
|
from django.utils.decorators import method_decorator
|
||||||
from django.views.generic import TemplateView
|
from django.views.generic import TemplateView
|
||||||
|
from django.views.decorators.csrf import csrf_exempt
|
||||||
from django.views.decorators.http import require_POST
|
from django.views.decorators.http import require_POST
|
||||||
from lemoncurry import breadcrumbs, utils
|
from lemoncurry import breadcrumbs, utils
|
||||||
from urllib.parse import urlencode, urljoin, urlunparse, urlparse
|
from urllib.parse import urlencode, urljoin, urlunparse, urlparse
|
||||||
|
@ -26,6 +28,7 @@ def canonical(url):
|
||||||
return urlunparse((scheme, loc, path, params, q, fragment))
|
return urlunparse((scheme, loc, path, params, q, fragment))
|
||||||
|
|
||||||
|
|
||||||
|
@method_decorator(csrf_exempt, name='dispatch')
|
||||||
class IndieView(TemplateView):
|
class IndieView(TemplateView):
|
||||||
template_name = 'lemonauth/indie.html'
|
template_name = 'lemonauth/indie.html'
|
||||||
required_params = ('me', 'client_id', 'redirect_uri')
|
required_params = ('me', 'client_id', 'redirect_uri')
|
||||||
|
@ -68,6 +71,25 @@ class IndieView(TemplateView):
|
||||||
|
|
||||||
return {'app': app, 'me': me, 'params': params, 'title': 'indieauth'}
|
return {'app': app, 'me': me, 'params': params, 'title': 'indieauth'}
|
||||||
|
|
||||||
|
def post(self, request):
|
||||||
|
post = request.POST.dict()
|
||||||
|
try:
|
||||||
|
code = IndieAuthCode.objects.get(
|
||||||
|
code=post['code'],
|
||||||
|
client_id=post['client_id'],
|
||||||
|
redirect_uri=post['redirect_uri']
|
||||||
|
)
|
||||||
|
except IndieAuthCode.DoesNotExist:
|
||||||
|
return HttpResponseForbidden(
|
||||||
|
'invalid auth code {0}'.format(post['code']),
|
||||||
|
content_type='text/plain'
|
||||||
|
)
|
||||||
|
code.delete()
|
||||||
|
return utils.choose_type(request, {'me': code.me}, {
|
||||||
|
'application/json': JsonResponse,
|
||||||
|
'application/x-www-form-urlencoded': utils.form_encoded_response,
|
||||||
|
})
|
||||||
|
|
||||||
|
|
||||||
@login_required
|
@login_required
|
||||||
@require_POST
|
@require_POST
|
||||||
|
|
|
@ -1,7 +1,10 @@
|
||||||
import json
|
import json
|
||||||
|
from accept_types import get_best_match
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
|
from django.http import HttpResponse
|
||||||
from os.path import join
|
from os.path import join
|
||||||
from types import SimpleNamespace
|
from types import SimpleNamespace
|
||||||
|
from urllib.parse import urlencode
|
||||||
|
|
||||||
cache = SimpleNamespace(package_json=None)
|
cache = SimpleNamespace(package_json=None)
|
||||||
|
|
||||||
|
@ -20,3 +23,17 @@ def origin(request):
|
||||||
|
|
||||||
def uri(request):
|
def uri(request):
|
||||||
return origin(request) + request.path
|
return origin(request) + request.path
|
||||||
|
|
||||||
|
|
||||||
|
def choose_type(request, content, reps):
|
||||||
|
type = get_best_match(request.META.get('HTTP_ACCEPT'), reps.keys())
|
||||||
|
if type:
|
||||||
|
return reps[type](content)
|
||||||
|
return HttpResponse(status=406)
|
||||||
|
|
||||||
|
|
||||||
|
def form_encoded_response(content):
|
||||||
|
return HttpResponse(
|
||||||
|
urlencode(content),
|
||||||
|
content_type='application/x-www-form-urlencoded'
|
||||||
|
)
|
||||||
|
|
Loading…
Reference in a new issue