-
Notifications
You must be signed in to change notification settings - Fork 0
/
views.py
145 lines (125 loc) · 5.08 KB
/
views.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
from urllib import response
from rest_framework.views import APIView
from rest_framework.response import Response
from library.hydra import create_hydra
import requests
from django.shortcuts import render,get_object_or_404,redirect
from decouple import config
from rest_framework import viewsets, status
from user.auth.web1.login import login
from user.auth.web1.registration import register
AUTH_CLIENT_ID = config('AUTH_CLIENT_ID')
AUTH_CLIENT_SECRET = config('AUTH_CLIENT_SECRET')
hydra = create_hydra()
def login_page(request):
login_challenge = request.GET['login_challenge']
return render(
request,
'login.html',
{'login_challenge':login_challenge}
)
def login_request(request,pk):
login_challenge = pk
if request.method == 'POST':
body = {
"email":request.POST.get('username'),
"password":request.POST.get('password')
}
res = login(body)
if type(res) is not dict:
return render(request,'res.html',{"response":res})
login_request_body = hydra.get_login_request(login_challenge)
accepted_request = hydra.accept_login_request(login_challenge, accept_login_config={
"subject": "ut ",
"acr": "labo",
"context": "<object>",
"force_subject_identifier": "ex fugiat aliquip amet dolore",
"remember": True,
"remember_for": 3600
})
login_request_body['consent_url'] = accepted_request
return redirect("http://127.0.0.1:4444/oauth2/auth?audience=&max_age=0&nonce=cbcvurctcddwfhzsnltwyz343&prompt=&redirect_uri=http://127.0.0.1:8000/api/token&response_type=code&scope=openid+offline&state=dsfssfsfsfsfslmksmf&client_id=<client>")
class UserRegistrationView(APIView):
def post(self, request):
response = register(request.data)
if response == "user already exist":
return Response({
'status': False,
'message': 'user already exist please user different email and username!',
'data': None
}, status=status.HTTP_400_BAD_REQUEST)
elif response == "body invalid":
return Response({
'status': False,
'message': 'request body is invalid!',
'data': None
}, status=status.HTTP_400_BAD_REQUEST)
return Response(response, status=status.HTTP_200_OK)
class LoginRequest(APIView):
def post(self, request):
response = login(request.data)
if response == "user doesn't exist":
return Response({
'status': False,
'message': "user doesn't exist , register yourself",
'data': None
}, status=status.HTTP_400_BAD_REQUEST)
elif response == "wrong password":
return Response({
'status': False,
'message': 'invalid Password!',
'data': None
}, status=status.HTTP_400_BAD_REQUEST)
elif response == "body invalid":
return Response({
'status': False,
'message': 'request body is invalid!',
'data': None
}, status=status.HTTP_400_BAD_REQUEST)
login_challenge = request.GET.get('login_challenge')
login_request_body = hydra.get_login_request(login_challenge)
accepted_request = hydra.accept_login_request(login_challenge, accept_login_config={
"subject": "ut ",
"acr": "labo",
"context": "<object>",
"force_subject_identifier": "ex fugiat aliquip amet dolore",
"remember": True,
"remember_for": 3600
})
login_request_body['consent_url'] = accepted_request
# return redirect(accepted_request['redirect_to'])
return Response(accepted_request)
class AcceptConsentRequest(APIView):
def get(self, request):
consent_challenge = request.GET.get('consent_challenge')
accepted_request = hydra.accept_consent_request(consent_challenge, accept_consent_config={
"grant_access_token_audience": [],
"grant_scope": [
"openid",
"offline",
"offline_access",
"profile"
],
"handled_at": "2019-04-16T04:45:05.685Z",
"remember": True,
"remember_for": -72766940,
"session": {
"access_token": {},
"id_token": {}
}
})
return redirect(accepted_request['redirect_to'])
# return Response(accepted_request)
class GetAccessToken(APIView):
def get(self, request):
url = "http://127.0.0.1:4444/oauth2/token"
code = request.GET.get('code')
payload = {
'grant_type': 'authorization_code',
'code': code,
'redirect_uri': 'http://127.0.0.1:8000/api/token',
'client_id': AUTH_CLIENT_ID,
'client_secret': AUTH_CLIENT_SECRET
}
response = requests.request("POST", url, data=payload)
return Response(response.json())