Example #1
0
def login_redirect(request, uploadername):
    repoconf = UPLOADERS[uploadername]
    old_access_token = request.session.pop('github_access_token', None)
    if old_access_token:
        request.session.pop('github_uploader_scope', None)
        request.session.pop('github_uploader_uploadername', None)
        if not successful_revocation(old_access_token):
            msg = mark_safe(
                'Could not automatically revoke the old authorizations before requesting new ones. Please ' 
                '<a href="https://github.com/settings/applications">' +
                'review your application authorizations on GitHub</a> ' + 
                'and manually click Revoke for any authorizations you no longer need or do not recognize.')
            messages.warning(request, msg)
            logger.warn("Could not revoke previous access token for user %s on login.", request.user.username)
        auth.logout(request)
    state = make_random_state()
    request.session['github_uploader_oauth_state'] = state
    request.session['github_uploader_uploadername'] = uploadername
    request.session['github_uploader_scope'] = repoconf['scope']
    params = dict(
        client_id=settings.GITHUB_UPLOADER_CLIENT_ID,
        redirect_uri=request.build_absolute_uri(reverse(authorize)),
        scope=repoconf['scope'],
        state=state)
    return redirect('https://github.com/login/oauth/authorize?' + urlencode(params))
Example #2
0
def logout(request):
    if request.method == 'POST':
        revoked = successful_revocation(request.session['github_access_token'])
        if revoked:
            del request.session['github_access_token']
            logger.info("User %s logged out.", request.user.username)
            messages.success(request, 'GitHub authorizations successfully revoked.')
        else:
            msg = mark_safe(
                'Could not revoke GitHub authorizations. Please ' 
                '<a href="https://github.com/settings/applications">'
                'review your application authorizations on GitHub</a> ' 
                'and manually click Revoke for any authorizations you no longer need or do not recognize.')
            messages.error(request, msg)
            logger.warn("Could not revoke access token for user %s on logout.", request.user.username)
        auth.logout(request)
        messages.success(request, 'You are now logged out.')
        return redirect(top)
    return render(request, 'github_uploader/logout.html', dict(STATIC_URL=settings.STATIC_URL))