began working on oauth auth flow

2022-12-16 23:10:18 +01:00 · 2022-12-16 23:10:18 +01:00 · 0aa132b43f
commit 0aa132b43f
parent dba4e12032
5 changed files with 31 additions and 3 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -7,6 +7,8 @@ services:
      - db
    volumes:
      - ./markdownblog:/markdownblog
+      # mount lets encrypt cert pem file
+      - ./cloud-cdaut-de-chain.pem:/le_cert.pem
    ports:
      - "8000:8000"
    env_file:
--- a/markdownblog/markdownblog/templates/registration/login.html
+++ b/markdownblog/markdownblog/templates/registration/login.html
@ -27,7 +27,7 @@
        </form>
        {% for auth_method in AUTHLIB_OAUTH_CLIENTS %}
            <div class="row mt-3">
-                <a href="#">
+                <a href="{% url 'oauth' provider=auth_method %}">
                    <div class="col s6 z-depth-3 round-corner oauth-option">
                        <p class="oauth-option">Log in via {{ auth_method }}</p>
                    </div>
--- a/markdownblog/markdownblog/urls.py
+++ b/markdownblog/markdownblog/urls.py
@ -1,6 +1,6 @@
 from django.contrib import admin
 from django.urls import path, include
-from markdownblog.views import login_view
+from markdownblog.views import login_view, oauth_view, oauth_authorize

 import django_2fa.urls

@ -10,4 +10,6 @@ urlpatterns = [
    path('accounts/login/', login_view),
    path('accounts/', include('django.contrib.auth.urls')),
    path('accounts/2fa/', include(django_2fa.urls)),
+    path('accounts/oauth/<str:provider>/', oauth_view, name='oauth'),
+    path('accounts/oauth/<str:provider>/authorize/',oauth_authorize, name='oauth_authorize')
 ]
--- a/markdownblog/markdownblog/views.py
+++ b/markdownblog/markdownblog/views.py
@ -2,7 +2,9 @@ from django.conf import settings
 from django.contrib.auth.views import LoginView
 from django.shortcuts import render, redirect
 from django.contrib.auth import authenticate, login
+from authlib.integrations.django_client import OAuth

+oauth = OAuth()

 def login_view(request):
    context = {'AUTHLIB_OAUTH_CLIENTS': settings.AUTHLIB_OAUTH_CLIENTS, 'form': LoginView.authentication_form}
@ -23,3 +25,24 @@ def login_view(request):
                context['error'] = "Invalid credentials"

    return render(request, 'registration/login.html', context)
+
+
+def oauth_view(request, provider):
+    context = {'AUTHLIB_OAUTH_CLIENTS': settings.AUTHLIB_OAUTH_CLIENTS, 'form': LoginView.authentication_form}
+
+    if provider == 'nextcloud':
+        oauth.register("nextcloud")
+        redirect_uri = request.build_absolute_uri("/accounts/oauth/nextcloud/authorize/")
+        return oauth.nextcloud.authorize_redirect(request, redirect_uri)
+    else:
+        context['error'] = f'Unknown oauth provider \"{provider}\"'
+        return render(request, 'registration/login.html', context)
+
+def oauth_authorize(request, provider):
+    if provider == 'nextcloud':
+        token = oauth.nextcloud.authorize_access_token(request)
+        resp = oauth.nextcloud.get('user', token=token)
+    resp.raise_for_status()
+    profile = resp.json()
+    # do something with the token and profile
+    return '...'
--- a/markdownblog/requirements.txt
+++ b/markdownblog/requirements.txt
@ -9,4 +9,5 @@ django-extensions==3.1.5
 Werkzeug==2.1.2
 pyOpenSSL==22.0.0
 authlib==1.2.0
-requests==2.28.1
+requests==2.28.1
+certifi==2022.12.7