from django.contrib.auth.models import User
|
from django.contrib.auth import login
|
from rest_framework.views import APIView
|
from rest_framework import exceptions, permissions, parsers
|
from rest_framework.response import Response
|
from app.auth.backends import get_user_from_external_auth_response
|
import requests
|
from webodm import settings
|
|
class ExternalTokenAuth(APIView):
|
permission_classes = (permissions.AllowAny,)
|
parser_classes = (parsers.JSONParser, parsers.FormParser,)
|
|
def post(self, request):
|
# This should never happen
|
if settings.EXTERNAL_AUTH_ENDPOINT == '':
|
return Response({'error': 'EXTERNAL_AUTH_ENDPOINT not set'})
|
|
token = request.COOKIES.get('external_access_token', '')
|
if token == '':
|
return Response({'error': 'external_access_token cookie not set'})
|
|
try:
|
r = requests.post(settings.EXTERNAL_AUTH_ENDPOINT, headers={
|
'Authorization': "Bearer %s" % token
|
})
|
res = r.json()
|
if res.get('user_id') is not None:
|
user = get_user_from_external_auth_response(res)
|
if user is not None:
|
login(request, user, backend='django.contrib.auth.backends.ModelBackend')
|
return Response({'redirect': '/'})
|
else:
|
return Response({'error': 'Invalid credentials'})
|
else:
|
return Response({'error': res.get('message', 'Invalid external server response')})
|
except Exception as e:
|
return Response({'error': str(e)})
|
