def index(request): log_request(request) if request.method == 'GET': # check if we have code in parameters code = request.GET.get('code', None) if code: # get token gp = GrantPlugin(code) client = OAuthClient(OAUTH_URL, gp, CLIENT_ID, 'clientsecret', CLIENT_URL) try: tclient = client.make_token_client() except ExpiredException as ee: tokens = str(ee) verify_status = 'None, auth_code expired!' else: tokens = tclient.auth_plugin.token_raw try: verify_status = tclient.verify() except ExpiredException as ee: verify_status = str(ee) # let's render template response = render(request, 'index.html', { 'grant': code, 'tokens': tokens, 'verify_status': verify_status, }) else: # let's redirect for authorization data = {} data['response_type'] = 'code' data['client_id'] = CLIENT_ID data['redirect_uri'] = CLIENT_URL redirect_uri = OAUTH_URL + '/auth' + query_string(data) response = HttpResponseRedirect(redirect_uri) # first check if we have auth_grant in request else: response = HttpResponseNotAllowed() log.debug('response:\n' + str(response.serialize())) return response
def login_controller(request): log_request(request) if request.method == 'POST': uname = request.POST.get('uname', None) password = request.POST.get('password', None) if 'register' in request.POST: operation = 'register' elif 'login' in request.POST: operation = 'login' else: return HttpResponseBadRequest('400 Malformed request') log.debug('request to {}, uname = {} password = {}'.format( operation, uname, password)) if operation == 'login': user = authenticate(uname, password) elif operation == 'register': user = register_user(uname, password) else: return HttpResponseBadRequest("400 Malformed request.") if user: # logged in OK, let's handle oauth case oauth = oauth_params_auth(request) if oauth and oauth['response_type'] == 'code': grant = issue_grantcode(user) redirect_uri = oauth['redirect_uri'] redirect_uri += '?code=' + grant.code response = HttpResponseRedirect(redirect_uri) else: response = HttpResponseRedirect(reverse('users')) response.set_cookie('uname', uname) response.set_cookie('password', password) if operation == 'register': response.status = 201 log.debug('response:\n' + str(response.serialize())) return response else: return HttpResponse('401 Unauthorized', status=401) else: return HttpResponseBadRequest('400 Malformed request.')