test with github auth

This commit is contained in:
Swapnil 2024-01-30 10:55:52 +05:30
parent 516d5db9a0
commit 16c94fcaa6
Signed by: swapnil
GPG Key ID: 58029C48BB100574
3 changed files with 32 additions and 9 deletions

View File

@ -22,7 +22,12 @@ csrf_protection_string = None
@app.route('/') @app.route('/')
def home(): def home():
if is_logged_in(): if is_logged_in():
return render_template('success.html') resp_json = requests.get(f'{database_url}/token/latest').json()
access_token = resp_json['token']['access_token']
user_info = requests.get('https://api.github.com/user', headers={
'Authorization': f'Bearer {access_token}'
}).json()
return render_template('success.html', user_info=user_info)
# Generate a CSRF protection string # Generate a CSRF protection string
global csrf_protection_string global csrf_protection_string
@ -42,19 +47,32 @@ def oauth_redirect():
abort(400, 'Invalid CSRF token. Please try again.') abort(400, 'Invalid CSRF token. Please try again.')
# Exchange authorization code for access and refresh tokens # Exchange authorization code for access and refresh tokens
# response = requests.post(
# 'https://www.inoreader.com/oauth2/token',
# headers={
# 'Content-Type': 'application/x-www-form-urlencoded',
# },
# data={
# 'code': auth_code,
# 'redirect_uri': get_env_variable('REDIRECT_URI'),
# 'client_id': get_env_variable('CLIENT_ID'),
# 'client_secret': get_env_variable('CLIENT_SECRET'),
# 'scope': '',
# 'grant_type': 'authorization_code'
# }
# )
# TEST: Github OAuth - REMOVE
response = requests.post( response = requests.post(
'https://www.inoreader.com/oauth2/token', 'https://github.com/login/oauth/access_token',
headers={ headers={
'Content-Type': 'application/x-www-form-urlencoded', 'Accept': 'application/json'
'User-agent': 'your-user-agent'
}, },
data={ data={
'code': auth_code, 'code': auth_code,
'redirect_uri': get_env_variable('REDIRECT_URI'), 'redirect_uri': get_env_variable('REDIRECT_URI'),
'client_id': get_env_variable('CLIENT_ID'), 'client_id': get_env_variable('CLIENT_ID'),
'client_secret': get_env_variable('CLIENT_SECRET'), 'client_secret': get_env_variable('CLIENT_SECRET')
'scope': '',
'grant_type': 'authorization_code'
} }
) )
@ -62,6 +80,10 @@ def oauth_redirect():
tokens = response.json() tokens = response.json()
# TEST: Github OAuth - REMOVE
tokens['refresh_token'] = 'N/A'
tokens['expires_in'] = 36000
# Save tokens for later use # Save tokens for later use
save_tokens(tokens['access_token'], tokens['refresh_token'], tokens['expires_in']) save_tokens(tokens['access_token'], tokens['refresh_token'], tokens['expires_in'])

View File

@ -15,7 +15,8 @@
var encodedOptionalScopes = encodeURIComponent('{{ optional_scopes }}'); var encodedOptionalScopes = encodeURIComponent('{{ optional_scopes }}');
// Construct the URL using Jinja variables // Construct the URL using Jinja variables
var oauthUrl = `https://www.inoreader.com/oauth2/auth?client_id={{ client_id }}&redirect_uri=${encodedRedirectUri}&response_type=code&scope=${encodedOptionalScopes}&state={{ csrf_protection_string }}`; // var oauthUrl = `https://www.inoreader.com/oauth2/auth?client_id={{ client_id }}&redirect_uri=${encodedRedirectUri}&response_type=code&scope=${encodedOptionalScopes}&state={{ csrf_protection_string }}`;
var oauthUrl = `https://github.com/login/oauth/authorize?client_id={{ client_id }}&redirect_uri=${encodedRedirectUri}&response_type=code&scope=${encodedOptionalScopes}&state={{ csrf_protection_string }}`;
// Redirect to the constructed URL // Redirect to the constructed URL
window.location.href = oauthUrl; window.location.href = oauthUrl;

View File

@ -6,6 +6,6 @@
<title>Simple Frontend</title> <title>Simple Frontend</title>
</head> </head>
<body> <body>
<h1>Logged In!</h1> <h1>Logged In as {{ user_info.login }}({{user_info.name}})</h1>
</body> </body>
</html> </html>