86 lines
2.5 KiB
Python
86 lines
2.5 KiB
Python
from flask import Blueprint, Flask, request, render_template, redirect, url_for, flash, jsonify, make_response, session
|
|
from flask_login import login_required, login_user, current_user, logout_user
|
|
from authlib.integrations.flask_oauth2 import current_token
|
|
from authlib.oauth2 import OAuth2Error
|
|
from .models import User, OAuth2Client, db
|
|
from .forms import LoginForm, ConfirmAccessForm
|
|
from .oauth2 import authorization, require_oauth
|
|
from werkzeug.exceptions import abort
|
|
|
|
bp = Blueprint('home', __name__)
|
|
|
|
|
|
@bp.route('/')
|
|
def home():
|
|
user = None
|
|
if current_user.is_authenticated:
|
|
clients = current_user.clients
|
|
user = current_user.name
|
|
else:
|
|
clients = []
|
|
|
|
return render_template('home.html', user=user, clients=clients)
|
|
|
|
|
|
@bp.route('/login/', methods=['post', 'get'])
|
|
def login():
|
|
if current_user.is_authenticated:
|
|
return redirect(url_for('.home'))
|
|
form = LoginForm()
|
|
if form.validate_on_submit():
|
|
user = db.session.query(User).filter(User.username == form.username.data).first()
|
|
if user and user.check_password(form.password.data):
|
|
login_user(user, remember=form.remember.data)
|
|
nextpage = request.args.get('next', url_for('.home'))
|
|
return redirect(nextpage)
|
|
else:
|
|
flash("Invalid username/password", 'error')
|
|
return render_template('login.html', form=form)
|
|
|
|
|
|
@bp.route('/logout/')
|
|
@login_required
|
|
def logout():
|
|
logout_user()
|
|
flash("You have been logged out.")
|
|
return redirect(url_for('.home'))
|
|
|
|
|
|
@bp.route('/oauth/token', methods=['POST'])
|
|
def issue_token():
|
|
return authorization.create_token_response()
|
|
|
|
|
|
@bp.route('/oauth/revoke', methods=['POST'])
|
|
def revoke_token():
|
|
return authorization.create_endpoint_response('revocation')
|
|
|
|
|
|
@bp.route('/oauth/authorize', methods=['GET', 'POST'])
|
|
@login_required
|
|
def authorize():
|
|
user = current_user
|
|
grant_user = None
|
|
form = ConfirmAccessForm()
|
|
|
|
if request.method == 'GET':
|
|
try:
|
|
grant = authorization.validate_consent_request(end_user=user)
|
|
except OAuth2Error as error:
|
|
return error.error
|
|
return render_template('authorize.html', user=user, grant=grant, form=form)
|
|
|
|
if form.validate_on_submit():
|
|
if form.confirm.data:
|
|
grant_user = user
|
|
|
|
return authorization.create_authorization_response(grant_user=grant_user)
|
|
|
|
|
|
@bp.route('/api/me')
|
|
@require_oauth('profile')
|
|
def api_me():
|
|
user = current_token.user
|
|
return jsonify(id=user.id, username=user.username)
|
|
|