Episodes.Community/LandingPage/views.py

from django.shortcuts import render
from django.views import View
from django.conf import settings
from django.http import HttpResponse
from django.http import HttpResponseRedirect
import requests
import hashlib
import json

# Create your views here.
# Redirect url should point to this view
class LoginRedirect(View):
    def get(self, req):
        
        # Check request has correct arguments
        request_valid = 'state' in req.GET and 'code' in req.GET
        if not request_valid:
            r = HttpResponse('<h1>Error</h1><p>There was an error in your request.  Please <a href=/login>try again</a></p>')
            r.status = 400
            return r

        # Check state
        userstate = generateState(req)
        if userstate == req.GET['state']:
            code = req.GET['code']
            resp = requests.post(
                    settings.AUTH_TOKEN_ENDPOINT+"token",
                    data={
                        'grant_type':'authorization_code',
                        'code':code,
                        'redirect_uri':settings.AUTH_REDIRECT_URL,
                        'client_id':settings.AUTH_CLIENT_ID
                    },
                    headers = {
                        'Authorization':'Basic %s'%settings.AUTH_B64
                    }
            )
            resp_json = resp.json()
            if 'error' in resp_json:
                r = HttpResponse('<h1>OAuth Error</h1><pre>%s</pre>'%json.dumps(resp_json))
                r.status = 500
                return r
            else:
                req.session['token'] = resp_json['access_token']
                return HttpResponseRedirect('/')
        else:
            return HttpResponse('<h1>Unmatching state tokens</h1><br><p>It looks like the request to login wasn\'t started by you.  Try going back to the home page and logging in again.</p>', status=400)

class Login(View):
    def get(self, req):
        url = '%sauthorize?response_type=code&client_id=%s&redirect_uri=%s&scope=email&state=%s'%(settings.AUTH_TOKEN_ENDPOINT,settings.AUTH_CLIENT_ID,settings.AUTH_REDIRECT_URL, generateState(req))
        response = HttpResponse("Redirecting you to the IcyNet auth page...")
        response.status_code = 302
        response['Location'] = url
        return response

def generateState(request):
    request.session.save()

    m = hashlib.sha256()
    m.update(bytearray(request.session.session_key, 'utf-8'))
    m.update(bytearray(settings.SECRET_KEY, 'utf-8'))
    return m.hexdigest()
Initialized apps 2017-08-25 18:03:37 +00:00			`from django.shortcuts import render`
Added login enpoints /login and /login/redirect 2017-09-22 20:00:24 +00:00			`from django.views import View`
			`from django.conf import settings`
			`from django.http import HttpResponse`
			`from django.http import HttpResponseRedirect`
			`import requests`
			`import hashlib`
			`import json`
Initialized apps 2017-08-25 18:03:37 +00:00
			`# Create your views here.`
Added login enpoints /login and /login/redirect 2017-09-22 20:00:24 +00:00			`# Redirect url should point to this view`
			`class LoginRedirect(View):`
			`def get(self, req):`

Elaborated on error messages for the OAuth redirect endpoint 2017-09-22 20:13:45 +00:00			`# Check request has correct arguments`
			`request_valid = 'state' in req.GET and 'code' in req.GET`
			`if not request_valid:`
			`r = HttpResponse('<h1>Error</h1><p>There was an error in your request. Please <a href=/login>try again</a></p>')`
			`r.status = 400`
			`return r`

Added login enpoints /login and /login/redirect 2017-09-22 20:00:24 +00:00			`# Check state`
			`userstate = generateState(req)`
			`if userstate == req.GET['state']:`
			`code = req.GET['code']`
			`resp = requests.post(`
			`settings.AUTH_TOKEN_ENDPOINT+"token",`
			`data={`
			`'grant_type':'authorization_code',`
			`'code':code,`
			`'redirect_uri':settings.AUTH_REDIRECT_URL,`
			`'client_id':settings.AUTH_CLIENT_ID`
			`},`
			`headers = {`
			`'Authorization':'Basic %s'%settings.AUTH_B64`
			`}`
			`)`
			`resp_json = resp.json()`
			`if 'error' in resp_json:`
Elaborated on error messages for the OAuth redirect endpoint 2017-09-22 20:13:45 +00:00			`r = HttpResponse('<h1>OAuth Error</h1><pre>%s</pre>'%json.dumps(resp_json))`
			`r.status = 500`
			`return r`
Added login enpoints /login and /login/redirect 2017-09-22 20:00:24 +00:00			`else:`
			`req.session['token'] = resp_json['access_token']`
			`return HttpResponseRedirect('/')`
			`else:`
			`return HttpResponse('<h1>Unmatching state tokens</h1><br><p>It looks like the request to login wasn\'t started by you. Try going back to the home page and logging in again.</p>', status=400)`

			`class Login(View):`
			`def get(self, req):`
			`url = '%sauthorize?response_type=code&client_id=%s&redirect_uri=%s&scope=email&state=%s'%(settings.AUTH_TOKEN_ENDPOINT,settings.AUTH_CLIENT_ID,settings.AUTH_REDIRECT_URL, generateState(req))`
			`response = HttpResponse("Redirecting you to the IcyNet auth page...")`
			`response.status_code = 302`
			`response['Location'] = url`
			`return response`

			`def generateState(request):`
			`request.session.save()`

			`m = hashlib.sha256()`
			`m.update(bytearray(request.session.session_key, 'utf-8'))`
			`m.update(bytearray(settings.SECRET_KEY, 'utf-8'))`
			`return m.hexdigest()`