On approving an IndieAuth request, actually generate an auth code and redirect

This commit is contained in:
Danielle McLean 2017-10-29 16:16:27 +11:00
parent 221d548e4a
commit 8b4a14ffa3
Signed by untrusted user: 00dani
GPG key ID: 5A5D2D1AFF12EEC5
4 changed files with 68 additions and 3 deletions

View file

@ -0,0 +1,28 @@
# -*- coding: utf-8 -*-
# Generated by Django 1.11.6 on 2017-10-29 05:05
from __future__ import unicode_literals
from django.db import migrations, models
class Migration(migrations.Migration):
initial = True
dependencies = [
]
operations = [
migrations.CreateModel(
name='IndieAuthCode',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('code', models.CharField(max_length=64, unique=True)),
('me', models.CharField(max_length=255)),
('client_id', models.CharField(max_length=255)),
('redirect_uri', models.CharField(max_length=255)),
('response_type', models.CharField(choices=[('id', 'id'), ('code', 'code')], default='id', max_length=4)),
('scope', models.CharField(blank=True, max_length=200)),
],
),
]

View file

29
lemonauth/models.py Normal file
View file

@ -0,0 +1,29 @@
from django.db import models
from secrets import token_hex
class IndieAuthCodeManager(models.Manager):
def create_from_dict(self, d):
code = self.create(
me=d['me'],
client_id=d['client_id'],
redirect_uri=d['redirect_uri'],
response_type=d.get('response_type', 'id'),
scope=d.get('scope', ''),
)
code.code = token_hex(32)
return code
class IndieAuthCode(models.Model):
objects = IndieAuthCodeManager()
code = models.CharField(max_length=64, unique=True)
me = models.CharField(max_length=255)
client_id = models.CharField(max_length=255)
redirect_uri = models.CharField(max_length=255)
response_type = models.CharField(
max_length=4,
choices=(('id', 'id'), ('code', 'code')),
default='id',
)
scope = models.CharField(max_length=200, blank=True)

View file

@ -3,12 +3,14 @@ import mf2py
from annoying.decorators import render_to from annoying.decorators import render_to
from django.contrib.auth.decorators import login_required from django.contrib.auth.decorators import login_required
from django.http import HttpResponseForbidden, HttpResponseBadRequest from django.http import HttpResponseForbidden, HttpResponseBadRequest
from django.http import JsonResponse from django.shortcuts import redirect
from django.utils.decorators import method_decorator from django.utils.decorators import method_decorator
from django.views.generic import TemplateView from django.views.generic import TemplateView
from django.views.decorators.http import require_POST from django.views.decorators.http import require_POST
from lemoncurry import breadcrumbs, utils from lemoncurry import breadcrumbs, utils
from urllib.parse import urljoin, urlunparse, urlparse from urllib.parse import urlencode, urljoin, urlunparse, urlparse
from ..models import IndieAuthCode
breadcrumbs.add('lemonauth:indie', label='indieauth', parent='home:index') breadcrumbs.add('lemonauth:indie', label='indieauth', parent='home:index')
@ -70,4 +72,10 @@ class IndieView(TemplateView):
@login_required @login_required
@require_POST @require_POST
def approve(request): def approve(request):
return JsonResponse(request.POST) post = request.POST.dict()
code = IndieAuthCode.objects.create_from_dict(post)
code.save()
params = {'code': code.code, 'me': code.me}
if 'state' in post:
params['state'] = post['state']
return redirect(code.redirect_uri + '?' + urlencode(params))