d0s3t3ch
/
YellWOWPages
mirror of https://git.wownero.com/wownero/YellWOWPages.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upgrade OIDC client library

This commit is contained in:
dsc 2023-08-29 21:45:04 +03:00
parent 62add16c0a
commit d9e47f51c6
4 changed files with 18 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
requirements.txt
View File

@ -1,3 +1,4 @@
peewee peewee
quart quart
quart_session_openid Quart-Keycloak
uvicorn

16
yellow/auth.py
View File

@ -3,19 +3,13 @@ import re
import peewee import peewee
from quart import session, redirect, url_for from quart import session, redirect, url_for
from yellow.factory import openid from yellow.factory import keycloak
from yellow.models import User from yellow.models import User
@openid.after_token() @keycloak.after_login()
async def handle_user_login(resp: dict): async def handle_user_login(auth_token: KeycloakAuthToken):
access_token = resp["access_token"] username = auth_token.username
openid.verify_token(access_token)
user = await openid.user_info(access_token)
username = user['preferred_username']
uid = user['sub']
if not re.match(r"^[a-zA-Z0-9_\.-]+$", username): if not re.match(r"^[a-zA-Z0-9_\.-]+$", username):
raise Exception("bad username") raise Exception("bad username")
@ -30,4 +24,4 @@ async def handle_user_login(resp: dict):
# user is now logged in # user is now logged in
session['user'] = user.to_json() session['user'] = user.to_json()
return redirect(url_for('bp_routes.dashboard')) return redirect(url_for('bp_routes.dashboard'))

15
yellow/factory.py
View File

@ -4,15 +4,21 @@ from datetime import datetime
import asyncio import asyncio
from quart import Quart, url_for, jsonify, render_template, session from quart import Quart, url_for, jsonify, render_template, session
from quart_session_openid import OpenID
from quart_session import Session from quart_session import Session
from quart_keycloak import Keycloak, KeycloakAuthToken, KeycloakLogoutRequest
from quart_session import Session
from uvicorn.middleware.proxy_headers import ProxyHeadersMiddleware
import settings import settings
app: Quart = None app: Quart = None
peewee = None peewee = None
cache = None cache = None
openid: OpenID = None
if settings.X_FORWARDED:
app.asgi_app = ProxyHeadersMiddleware(app.asgi_app, trusted_hosts=["127.0.0.1", "10.1.0.1"])
keycloak = Keycloak(app, **settings.OPENID_CFG)
async def _setup_database(app: Quart): async def _setup_database(app: Quart):
@ -24,8 +30,6 @@ async def _setup_database(app: Quart):
async def _setup_openid(app: Quart): async def _setup_openid(app: Quart):
global openid
openid = OpenID(app, **settings.OPENID_CFG)
from yellow.auth import handle_user_login from yellow.auth import handle_user_login
@ -59,13 +63,12 @@ def create_app():
@app.context_processor @app.context_processor
def template_variables(): def template_variables():
global openid
from yellow.models import User from yellow.models import User
current_user = session.get('user') current_user = session.get('user')
if current_user: if current_user:
current_user = User(**current_user) current_user = User(**current_user)
now = datetime.now() now = datetime.now()
return dict(user=current_user, url_login=openid.endpoint_name_login, year=now.year) return dict(user=current_user, url_login=keycloak.endpoint_name_login, year=now.year)
@app.before_serving @app.before_serving
async def startup(): async def startup():

4
yellow/routes.py
View File

@ -2,7 +2,6 @@ from quart import render_template, request, redirect, url_for, jsonify, Blueprin
import re import re
from yellow import login_required from yellow import login_required
from yellow.factory import openid
from yellow.models import User from yellow.models import User
bp_routes = Blueprint('bp_routes', __name__) bp_routes = Blueprint('bp_routes', __name__)
@ -15,7 +14,8 @@ async def root():
@bp_routes.route("/login") @bp_routes.route("/login")
async def login(): async def login():
return redirect(url_for(openid.endpoint_name_login)) from yellow.factory import keycloak
return redirect(url_for(keycloak.endpoint_name_login))
@bp_routes.route("/logout") @bp_routes.route("/logout")