diff --git a/docker-compose.yml b/docker-compose.yml index c36aa77..f4d3d88 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,6 +7,8 @@ services: - db volumes: - ./markdownblog:/markdownblog + # mount lets encrypt cert pem file + - ./cloud-cdaut-de-chain.pem:/le_cert.pem ports: - "8000:8000" env_file: diff --git a/markdownblog/markdownblog/templates/registration/login.html b/markdownblog/markdownblog/templates/registration/login.html index 75ef8be..61a4b01 100644 --- a/markdownblog/markdownblog/templates/registration/login.html +++ b/markdownblog/markdownblog/templates/registration/login.html @@ -27,7 +27,7 @@ {% for auth_method in AUTHLIB_OAUTH_CLIENTS %}
- +

Log in via {{ auth_method }}

diff --git a/markdownblog/markdownblog/urls.py b/markdownblog/markdownblog/urls.py index 459e7f6..33ae98f 100644 --- a/markdownblog/markdownblog/urls.py +++ b/markdownblog/markdownblog/urls.py @@ -1,6 +1,6 @@ from django.contrib import admin from django.urls import path, include -from markdownblog.views import login_view +from markdownblog.views import login_view, oauth_view, oauth_authorize import django_2fa.urls @@ -10,4 +10,6 @@ urlpatterns = [ path('accounts/login/', login_view), path('accounts/', include('django.contrib.auth.urls')), path('accounts/2fa/', include(django_2fa.urls)), + path('accounts/oauth//', oauth_view, name='oauth'), + path('accounts/oauth//authorize/',oauth_authorize, name='oauth_authorize') ] diff --git a/markdownblog/markdownblog/views.py b/markdownblog/markdownblog/views.py index 2c64880..8305fc8 100644 --- a/markdownblog/markdownblog/views.py +++ b/markdownblog/markdownblog/views.py @@ -2,7 +2,9 @@ from django.conf import settings from django.contrib.auth.views import LoginView from django.shortcuts import render, redirect from django.contrib.auth import authenticate, login +from authlib.integrations.django_client import OAuth +oauth = OAuth() def login_view(request): context = {'AUTHLIB_OAUTH_CLIENTS': settings.AUTHLIB_OAUTH_CLIENTS, 'form': LoginView.authentication_form} @@ -23,3 +25,24 @@ def login_view(request): context['error'] = "Invalid credentials" return render(request, 'registration/login.html', context) + + +def oauth_view(request, provider): + context = {'AUTHLIB_OAUTH_CLIENTS': settings.AUTHLIB_OAUTH_CLIENTS, 'form': LoginView.authentication_form} + + if provider == 'nextcloud': + oauth.register("nextcloud") + redirect_uri = request.build_absolute_uri("/accounts/oauth/nextcloud/authorize/") + return oauth.nextcloud.authorize_redirect(request, redirect_uri) + else: + context['error'] = f'Unknown oauth provider \"{provider}\"' + return render(request, 'registration/login.html', context) + +def oauth_authorize(request, provider): + if provider == 'nextcloud': + token = oauth.nextcloud.authorize_access_token(request) + resp = oauth.nextcloud.get('user', token=token) + resp.raise_for_status() + profile = resp.json() + # do something with the token and profile + return '...' \ No newline at end of file diff --git a/markdownblog/requirements.txt b/markdownblog/requirements.txt index 96ce682..24fee6a 100644 --- a/markdownblog/requirements.txt +++ b/markdownblog/requirements.txt @@ -9,4 +9,5 @@ django-extensions==3.1.5 Werkzeug==2.1.2 pyOpenSSL==22.0.0 authlib==1.2.0 -requests==2.28.1 \ No newline at end of file +requests==2.28.1 +certifi==2022.12.7 \ No newline at end of file