def index(request):
log_request(request)
if request.method == 'GET':
# check if we have code in parameters
code = request.GET.get('code', None)
if code:
# get token
gp = GrantPlugin(code)
client = OAuthClient(OAUTH_URL, gp, CLIENT_ID, 'clientsecret',
CLIENT_URL)
try:
tclient = client.make_token_client()
except ExpiredException as ee:
tokens = str(ee)
verify_status = 'None, auth_code expired!'
else:
tokens = tclient.auth_plugin.token_raw
try:
verify_status = tclient.verify()
except ExpiredException as ee:
verify_status = str(ee)
# let's render template
response = render(request, 'index.html', {
'grant': code,
'tokens': tokens,
'verify_status': verify_status,
})
else:
# let's redirect for authorization
data = {}
data['response_type'] = 'code'
data['client_id'] = CLIENT_ID
data['redirect_uri'] = CLIENT_URL
redirect_uri = OAUTH_URL + '/auth' + query_string(data)
response = HttpResponseRedirect(redirect_uri)
# first check if we have auth_grant in request
else:
response = HttpResponseNotAllowed()
log.debug('response:\n' + str(response.serialize()))
return response
def login_controller(request):
log_request(request)
if request.method == 'POST':
uname = request.POST.get('uname', None)
password = request.POST.get('password', None)
if 'register' in request.POST:
operation = 'register'
elif 'login' in request.POST:
operation = 'login'
else:
return HttpResponseBadRequest('400 Malformed request')
log.debug('request to {}, uname = {} password = {}'.format(
operation, uname, password))
if operation == 'login':
user = authenticate(uname, password)
elif operation == 'register':
user = register_user(uname, password)
else:
return HttpResponseBadRequest("400 Malformed request.")
if user:
# logged in OK, let's handle oauth case
oauth = oauth_params_auth(request)
if oauth and oauth['response_type'] == 'code':
grant = issue_grantcode(user)
redirect_uri = oauth['redirect_uri']
redirect_uri += '?code=' + grant.code
response = HttpResponseRedirect(redirect_uri)
else:
response = HttpResponseRedirect(reverse('users'))
response.set_cookie('uname', uname)
response.set_cookie('password', password)
if operation == 'register':
response.status = 201
log.debug('response:\n' + str(response.serialize()))
return response
else:
return HttpResponse('401 Unauthorized', status=401)
else:
return HttpResponseBadRequest('400 Malformed request.')
