Home Explore Help
Sign In
221V
/
Misago
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 0.30.0.dev
Branches Tags
Misago
/
misago
/
oauth2
/
views.py

views.py 2.6 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798 
  1. from functools import wraps
    2. 

  2. from logging import getLogger
    3. 

  3. 

  4. from django.contrib.auth import get_user_model, login
    5. 

  5. from django.http import Http404
    6. 

  6. from django.shortcuts import redirect, render
    7. 

  7. from django.urls import reverse
    8. 

  8. from django.views.decorators.cache import never_cache
    9. 

  9. 

  10. from ..core.exceptions import Banned
    11. 

  11. from ..users.bans import get_user_ban
    12. 

  12. from ..users.decorators import deny_banned_ips
    13. 

  13. from ..users.registration import send_welcome_email
    14. 

  14. from .client import (
    15. 

  15.     create_login_url,
    16. 

  16.     get_access_token,
    17. 

  17.     get_code_grant,
    18. 

  18.     get_user_data,
    19. 

  19. )
    20. 

  20. from .exceptions import (
    21. 

  21.     OAuth2Error,
    22. 

  22.     OAuth2UserAccountDeactivatedError,
    23. 

  23.     OAuth2UserDataValidationError,
    24. 

  24. )
    25. 

  25. from .user import get_user_from_data
    26. 

  26. 

  27. logger = getLogger("misago.oauth2")
    28. 

  28. 

  29. User = get_user_model()
    30. 

  30. 

  31. 

  32. def oauth2_view(f):
    33. 

  33.     f = deny_banned_ips(f)
    34. 

  34. 

  35.     @wraps(f)
    36. 

  36.     @never_cache
    37. 

  37.     def wrapped_oauth2_view(request):
    38. 

  38.         if not request.settings.enable_oauth2_client:
    39. 

  39.             raise Http404()
    40. 

  40. 

  41.         return f(request)
    42. 

  42. 

  43.     return wrapped_oauth2_view
    44. 

  44. 

  45. 

  46. @oauth2_view
    47. 

  47. def oauth2_login(request):
    48. 

  48.     redirect_to = create_login_url(request)
    49. 

  49.     return redirect(redirect_to)
    50. 

  50. 

  51. 

  52. @oauth2_view
    53. 

  53. def oauth2_complete(request):
    54. 

  54.     try:
    55. 

  55.         code_grant = get_code_grant(request)
    56. 

  56.         token = get_access_token(request, code_grant)
    57. 

  57.         user_data = get_user_data(request, token)
    58. 

  58.         user, created = get_user_from_data(request, user_data)
    59. 

  59. 

  60.         if not user.is_active:
    61. 

  61.             raise OAuth2UserAccountDeactivatedError()
    62. 

  62. 

  63.         if not user.is_staff:
    64. 

  64.             if user_ban := get_user_ban(user, request.cache_versions):
    65. 

  65.                 raise Banned(user_ban)
    66. 

  66.     except OAuth2UserDataValidationError as error:
    67. 

  67.         logger.exception(
    68. 

  68.             "OAuth2 Profile Error",
    69. 

  69.             extra={
    70. 

  70.                 f"error[{error_index}]": str(error_msg)
    71. 

  71.                 for error_index, error_msg in enumerate(error.error_list)
    72. 

  72.             },
    73. 

  73.         )
    74. 

  74.         return render(
    75. 

  75.             request,
    76. 

  76.             "misago/errorpages/oauth2_profile.html",
    77. 

  77.             {
    78. 

  78.                 "error": error,
    79. 

  79.                 "error_list": error.error_list,
    80. 

  80.             },
    81. 

  81.             status=400,
    82. 

  82.         )
    83. 

  83.     except OAuth2Error as error:
    84. 

  84.         logger.exception("OAuth2 Error")
    85. 

  85.         return render(
    86. 

  86.             request,
    87. 

  87.             "misago/errorpages/oauth2.html",
    88. 

  88.             {"error": error},
    89. 

  89.             status=400,
    90. 

  90.         )
    91. 

  91. 

  92.     if created and request.settings.oauth2_send_welcome_email:
    93. 

  93.         send_welcome_email(request, user)
    94. 

  94. 

  95.     if not user.requires_activation:
    96. 

  96.         login(request, user)
    97. 

  97. 

  98.     return redirect(reverse("misago:index"))
    99.