diff --git a/tauth/templates/base.html b/tauth/templates/base.html index 8538d86..08b831e 100644 --- a/tauth/templates/base.html +++ b/tauth/templates/base.html @@ -8,8 +8,7 @@ - - + {% block head %}{% endblock %} diff --git a/tauth/templates/index.html b/tauth/templates/index.html index 73cc965..67b627c 100644 --- a/tauth/templates/index.html +++ b/tauth/templates/index.html @@ -2,5 +2,9 @@ {% block body %}

Welcome back, {{ username }}!

- tAuth +
+

Available services:

+ {% endblock %} diff --git a/tauth/templates/noauth/login.html b/tauth/templates/noauth/login.html new file mode 100644 index 0000000..9c0e85d --- /dev/null +++ b/tauth/templates/noauth/login.html @@ -0,0 +1,20 @@ +{% extends "base.html" %} + +{% block body %} +

Log In

+ {{ error }} +
+

+

+ {% csrf_token %} +

+

+
+

+

+ {% if new_users %} +

Don't have an account?

+ {% endif %} +
+

+{% endblock %} diff --git a/tauth/templates/noauth/signup.html b/tauth/templates/noauth/signup.html index 77b8806..6cfeea5 100644 --- a/tauth/templates/noauth/signup.html +++ b/tauth/templates/noauth/signup.html @@ -2,7 +2,8 @@ {% block body %}

Sign Up

-
tAuth
+ {{ error }} +

{% csrf_token %} @@ -28,6 +29,7 @@

+

Already have an account?

{% endblock %} diff --git a/tauth/urls.py b/tauth/urls.py index 4d69972..0f2a3c0 100644 --- a/tauth/urls.py +++ b/tauth/urls.py @@ -1,11 +1,13 @@ from django.contrib import admin from django.urls import path -from .views import index, login, signup +from .views import index, is_logged_in, login, redirect, signup urlpatterns = [ path("", index), path("login/", login), path("signup/", signup), - path("django-admin/", admin.site.urls), + path("redirect/", redirect), + path("api/authenticated/", is_logged_in), + path("django-admin/", admin.site.urls) ] diff --git a/tauth/views/__init__.py b/tauth/views/__init__.py index 2a70170..a19f9ba 100644 --- a/tauth/views/__init__.py +++ b/tauth/views/__init__.py @@ -1 +1,2 @@ -from .templates import index, login, signup # noqa: F401 +from .api import is_logged_in # noqa: F401 +from .templates import index, login, redirect, signup # noqa: F401 diff --git a/tauth/views/api.py b/tauth/views/api.py new file mode 100644 index 0000000..ad63615 --- /dev/null +++ b/tauth/views/api.py @@ -0,0 +1,28 @@ +import json + +from django.core.handlers.wsgi import WSGIRequest +from django.http import HttpResponse + +from tauth.settings import config + + +def is_logged_in(request: WSGIRequest) -> HttpResponse: + try: + if request.GET.get("token") == config["services"][request.GET.get("service")]["token"]: + return HttpResponse( + json.dumps({ + "success": True, + "auth": request.user.is_authenticated + }), + content_type="application/json" + ) + except KeyError: + ... + + return HttpResponse( + json.dumps({ + "success": False + }), + content_type="application/json", + status=401 + ) diff --git a/tauth/views/helper.py b/tauth/views/helper.py index d60faa9..17f8b45 100644 --- a/tauth/views/helper.py +++ b/tauth/views/helper.py @@ -18,9 +18,9 @@ def render_template( **context ) -> HttpResponse: c = { - "theme": "auto", "accent": random.choice(COLORS), - "config": config + "config": config, + "login_token": f"/auth/?sessionid={request.COOKIES.get('sessionid')}" } for key, val in context.items(): diff --git a/tauth/views/templates.py b/tauth/views/templates.py index 5cf989e..dc0a1dd 100644 --- a/tauth/views/templates.py +++ b/tauth/views/templates.py @@ -1,5 +1,6 @@ import re +from django.contrib.auth import authenticate from django.contrib.auth import login as set_auth from django.contrib.auth import logout as remove_auth from django.contrib.auth.models import User @@ -8,6 +9,7 @@ from django.http import HttpResponse, HttpResponseRedirect from config import ALLOW_NEW_USERS from tauth.models import TUser +from tauth.settings import config from .helper import render_template @@ -18,6 +20,7 @@ def index(request: WSGIRequest) -> HttpResponse: request, "index.html", username=request.user.get_username() ) + return render_template( request, "noauth/index.html", new_users=ALLOW_NEW_USERS @@ -49,14 +52,19 @@ def signup(request: WSGIRequest) -> HttpResponse: error = "Username already in use" else: TUser.objects.create(user=u) - set_auth(request, u) + to = request.GET.get("to") + + if to and to in config["services"] and config["services"][to]: + return HttpResponseRedirect(f"/redirect/?to={to}&reauth") + return HttpResponseRedirect("/") return render_template( request, "noauth/signup.html", title="Sign Up", error=error, + login_extra=f"?to={request.GET.get('to')}" if "to" in request.GET else "", repopulate={ "username": username } @@ -64,7 +72,8 @@ def signup(request: WSGIRequest) -> HttpResponse: return render_template( request, "noauth/signup.html", - title="Sign Up" + title="Sign Up", + login_extra=f"?to={request.GET.get('to')}" if "to" in request.GET else "" ) return render_template( @@ -72,7 +81,58 @@ def signup(request: WSGIRequest) -> HttpResponse: ) def login(request: WSGIRequest) -> HttpResponse: + if request.user.is_authenticated: + to = request.GET.get("to") + + if to and to in config["services"] and config["services"]["to"]: + return HttpResponseRedirect(f"/redirect/?to={to}&reauth") + + return HttpResponseRedirect("/") + + if request.method == "POST": + username = (request.POST.get("username") or "").lower().strip() + password = (request.POST.get("password") or "") + + user = authenticate( + request, + username=username, + password=password + ) + + if user is None: + return render_template( + request, "noauth/login.html", + title="Log In", + new_users=ALLOW_NEW_USERS, + error="Username or password is incorrect", + login_extra=f"?to={request.GET.get('to')}" if "to" in request.GET else "", + repopulate={ + "username": username + } + ) + + set_auth(request, user) + to = request.GET.get("to") + + if to and to in config["services"] and config["services"][to]: + return HttpResponseRedirect(f"/redirect/?to={to}&reauth") + + return HttpResponseRedirect("/") + + return render_template( request, "noauth/login.html", - title="Log In" + title="Log In", + new_users=ALLOW_NEW_USERS, + login_extra=f"?to={request.GET.get('to')}" if "to" in request.GET else "" ) + +def redirect(request: WSGIRequest) -> HttpResponseRedirect: + to = request.GET.get("to") + + print(request.COOKIES) + + if to and to in config["services"] and config["services"][to]: + return HttpResponseRedirect(config["services"][to]["url"]["pub"] + (f"/auth/?sessionid={request.COOKIES.get('sessionid')}" if "reauth" in request.GET else "")) + + return HttpResponseRedirect("/")