complete server side auth

This commit is contained in:
b1ek 2023-05-16 19:35:20 +10:00
parent a4987aff81
commit 7525b2d56b
Signed by: blek
GPG Key ID: 14546221E3595D0C
3 changed files with 28 additions and 10 deletions

View File

@ -16,7 +16,7 @@ from .serializer import (ApartamentListSerializer,
PsychTestAddResultSerializer,
PublicUserSerializer)
import json, math, random, re, requests
import json, math, random, re, requests, oidc_client, base64, hashlib
class ApartamentViewSet(viewsets.ReadOnlyModelViewSet):
"""Вывод списка квартир или отдельной квартиры"""
@ -176,23 +176,27 @@ class UserLogin(APIView):
# TODO: Remove csrf exempt when index.html is loaded through django
@csrf_exempt
def post(self, req: HttpRequest):
if (req.content_type != 'application/json'):
res = HttpResponse({'error': 'bad content type'});
res.status_code = 400;
return res;
data = json.loads(req.body.decode('utf8'));
# if (not hasattr(data, 'code')):
# res = JsonResponse({'error': 'no code'});
# res.status_code = 400;
# return res
if not ('code' in data and 'code_verifier' in data):
res = JsonResponse({'error': 'no code'});
res.status_code = 400;
return res
print(data);
cb = requests.post('https://vvsu.ru/connect/oauth2/token', {
'grant_type': 'authorization_code',
'redirect_uri': 'https://pairent.vvsu.ru/sign-in/',
'code': data['code'],
# 'code_verifier': data['code_verifier'],
'code_verifier': data['code_verifier'],
'client_id': 'it-hub-client',
'client_secret': 'U8y@uPVee6Q^*729esHTo4Vd'
}, headers={
@ -201,6 +205,8 @@ class UserLogin(APIView):
});
resp = HttpResponse(cb.content);
resp.headers['Content-Type'] = cb.headers['Content-Type'];

View File

@ -3,4 +3,5 @@ django
djangorestframework
django-cors-headers
Pillow
requests
requests
oic

View File

@ -1,7 +1,7 @@
import React from "react";
import { styled } from "styled-components";
import { HashLoader } from "react-spinners";
import { SigninResponse } from 'oidc-client-ts';
import { SigninResponse, UserManager } from 'oidc-client-ts';
import { User } from "../../API/User";
import FloatingBox from "../../components/UI/FloatingBox";
@ -37,7 +37,18 @@ export default class LoggedIn extends React.Component {
async componentDidMount() {
if (this.response.error) return;
console.log(await User.login(this.response));
let code_verifier = '?';
// get code verifier
for (const key in localStorage) {
if (key.startsWith('oidc.')) {
code_verifier = JSON.parse(localStorage[key]).code_verifier;
localStorage.removeItem(key);
break;
}
}
console.log(await User.login({...this.response, code_verifier}));
}
render() {