authentication

tauth/templates/base.html

@@ -8,8 +8,7 @@
     <meta name="viewport" content="width=device-width,initial-scale=1">
     <meta name="pronouns" content="she/her">
 
-    <link rel="icon" href="{{ config.services.common.url.pub }}/favicon/dark/{{ accent }}/">
-    <link rel="icon" href="{{ config.services.common.url.pub }}/favicon/light/{{ accent }}/" media="(prefers-color-scheme: light)">
+    <link id="favicon" rel="icon" href="{{ config.services.common.url.pub }}/favicon/dark/{{ accent }}/">
 
     {% block head %}{% endblock %}
 

tauth/templates/index.html

@@ -2,5 +2,9 @@
 
 {% block body %}
   <h1>Welcome back, {{ username }}!</h1>
-  tAuth
+  <hr>
+  <p>Available services:</p>
+  <ul class="left inline-block no-margin">
+    {% if config.services.message %}<li><a href="{{ config.services.message.url.pub }}{{ login_token }}">tMessage</a></li>{% endif %}
+  </ul>
 {% endblock %}

tauth/templates/noauth/login.html

@@ -0,0 +1,20 @@
+{% extends "base.html" %}
+
+{% block body %}
+  <h1>Log In</h1>
+  {{ error }}
+  <hr>
+  <p>
+    <form method="POST">
+      {% csrf_token %}
+      <p>
+        <div><input name="username" id="username" required type="text" pattern="[a-z0-9A-Z_][a-z0-9A-Z_\-]{0,28}[a-z0-9A-Z_]" maxlength="30" placeholder="Username"></div>
+        <div><input name="password" id="password" required type="password" placeholder="Password" maxlength="100"></div>
+      </p>
+      <p><input type="submit" value="Log In"></p>
+      {% if new_users %}
+        <p><a href="/signup/{{ login_extra }}">Don't have an account?</a></p>
+      {% endif %}
+    </form>
+  </p>
+{% endblock %}

tauth/templates/noauth/signup.html

@@ -2,7 +2,8 @@
 
 {% block body %}
   <h1>Sign Up</h1>
-  <div>tAuth</div>
+  {{ error }}
+  <hr>
   <p>
     <form method="POST">
       {% csrf_token %}
@@ -28,6 +29,7 @@
         </small></label>
       </p>
       <p><input type="submit" value="Sign Up"></p>
+      <p><a href="/login/{{ login_extra }}">Already have an account?</a></p>
     </form>
   </p>
 {% endblock %}

tauth/urls.py

@@ -1,11 +1,13 @@
 from django.contrib import admin
 from django.urls import path
 
-from .views import index, login, signup
+from .views import index, is_logged_in, login, redirect, signup
 
 urlpatterns = [
     path("", index),
     path("login/", login),
     path("signup/", signup),
-    path("django-admin/", admin.site.urls),
+    path("redirect/", redirect),
+    path("api/authenticated/", is_logged_in),
+    path("django-admin/", admin.site.urls)
 ]

tauth/views/__init__.py

@@ -1 +1,2 @@
-from .templates import index, login, signup  # noqa: F401
+from .api import is_logged_in  # noqa: F401
+from .templates import index, login, redirect, signup  # noqa: F401

tauth/views/api.py

@@ -0,0 +1,28 @@
+import json
+
+from django.core.handlers.wsgi import WSGIRequest
+from django.http import HttpResponse
+
+from tauth.settings import config
+
+
+def is_logged_in(request: WSGIRequest) -> HttpResponse:
+    try:
+        if request.GET.get("token") == config["services"][request.GET.get("service")]["token"]:
+            return HttpResponse(
+                json.dumps({
+                    "success": True,
+                    "auth": request.user.is_authenticated
+                }),
+                content_type="application/json"
+            )
+    except KeyError:
+        ...
+
+    return HttpResponse(
+        json.dumps({
+            "success": False
+        }),
+        content_type="application/json",
+        status=401
+    )

tauth/views/helper.py

@@ -18,9 +18,9 @@ def render_template(
     **context
 ) -> HttpResponse:
     c = {
-        "theme": "auto",
         "accent": random.choice(COLORS),
-        "config": config
+        "config": config,
+        "login_token": f"/auth/?sessionid={request.COOKIES.get('sessionid')}"
     }
 
     for key, val in context.items():

tauth/views/templates.py

@@ -1,5 +1,6 @@
 import re
 
+from django.contrib.auth import authenticate
 from django.contrib.auth import login as set_auth
 from django.contrib.auth import logout as remove_auth
 from django.contrib.auth.models import User
@@ -8,6 +9,7 @@ from django.http import HttpResponse, HttpResponseRedirect
 
 from config import ALLOW_NEW_USERS
 from tauth.models import TUser
+from tauth.settings import config
 
 from .helper import render_template
 
@@ -18,6 +20,7 @@ def index(request: WSGIRequest) -> HttpResponse:
             request, "index.html",
             username=request.user.get_username()
         )
+
     return render_template(
         request, "noauth/index.html",
         new_users=ALLOW_NEW_USERS
@@ -49,14 +52,19 @@ def signup(request: WSGIRequest) -> HttpResponse:
                     error = "Username already in use"
                 else:
                     TUser.objects.create(user=u)
-
                     set_auth(request, u)
+                    to = request.GET.get("to")
+
+                    if to and to in config["services"] and config["services"][to]:
+                        return HttpResponseRedirect(f"/redirect/?to={to}&reauth")
+
                     return HttpResponseRedirect("/")
 
             return render_template(
                 request, "noauth/signup.html",
                 title="Sign Up",
                 error=error,
+                login_extra=f"?to={request.GET.get('to')}" if "to" in request.GET else "",
                 repopulate={
                     "username": username
                 }
@@ -64,7 +72,8 @@ def signup(request: WSGIRequest) -> HttpResponse:
 
         return render_template(
             request, "noauth/signup.html",
-            title="Sign Up"
+            title="Sign Up",
+            login_extra=f"?to={request.GET.get('to')}" if "to" in request.GET else ""
         )
 
     return render_template(
@@ -72,7 +81,58 @@ def signup(request: WSGIRequest) -> HttpResponse:
     )
 
 def login(request: WSGIRequest) -> HttpResponse:
+    if request.user.is_authenticated:
+        to = request.GET.get("to")
+
+        if to and to in config["services"] and config["services"]["to"]:
+            return HttpResponseRedirect(f"/redirect/?to={to}&reauth")
+
+        return HttpResponseRedirect("/")
+
+    if request.method == "POST":
+        username = (request.POST.get("username") or "").lower().strip()
+        password = (request.POST.get("password") or "")
+
+        user = authenticate(
+            request,
+            username=username,
+            password=password
+        )
+
+        if user is None:
+            return render_template(
+                request, "noauth/login.html",
+                title="Log In",
+                new_users=ALLOW_NEW_USERS,
+                error="Username or password is incorrect",
+                login_extra=f"?to={request.GET.get('to')}" if "to" in request.GET else "",
+                repopulate={
+                    "username": username
+                }
+            )
+
+        set_auth(request, user)
+        to = request.GET.get("to")
+
+        if to and to in config["services"] and config["services"][to]:
+            return HttpResponseRedirect(f"/redirect/?to={to}&reauth")
+
+        return HttpResponseRedirect("/")
+
+
     return render_template(
         request, "noauth/login.html",
-        title="Log In"
+        title="Log In",
+        new_users=ALLOW_NEW_USERS,
+        login_extra=f"?to={request.GET.get('to')}" if "to" in request.GET else ""
     )
+
+def redirect(request: WSGIRequest) -> HttpResponseRedirect:
+    to = request.GET.get("to")
+
+    print(request.COOKIES)
+
+    if to and to in config["services"] and config["services"][to]:
+        return HttpResponseRedirect(config["services"][to]["url"]["pub"] + (f"/auth/?sessionid={request.COOKIES.get('sessionid')}" if "reauth" in request.GET else ""))
+
+    return HttpResponseRedirect("/")