phil/ezidam
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

ezidam: oauth: authorize for ezidam: fill ezidam app info from database, show app label on template

Browse source
This commit is contained in:
Philippe Loctaux 2023-03-15 22:01:53 +01:00
parent 95173b1a09
commit 396856eee5
2 changed files with 43 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

51
crates/ezidam/src/routes/oauth.rs
View file

@ -1,4 +1,5 @@
use super::prelude::*; use super::prelude::*;
use apps::App;
use rocket::{get, post}; use rocket::{get, post};
use settings::Settings; use settings::Settings;
use users::User; use users::User;
@ -14,6 +15,7 @@ pub mod content {
#[serde(crate = "rocket::serde")] #[serde(crate = "rocket::serde")]
#[derive(Clone)] #[derive(Clone)]
pub struct Authorize { pub struct Authorize {
pub app_name: String,
pub business_name: String, pub business_name: String,
} }
} }
@ -27,13 +29,25 @@ async fn authorize_page(
auth_request: AuthenticationRequest<'_>, auth_request: AuthenticationRequest<'_>,
) -> Result<Template> { ) -> Result<Template> {
// TODO: parse "scope" and "response_type" -> from openid local crate // TODO: parse "scope" and "response_type" -> from openid local crate
// TODO: check if app is valid let mut transaction = db.begin().await?;
// TODO: check if redirect uri is a valid uri // TODO: wrap checking in function?
// TODO: wrap checking in function
let app = App::get_one(
&mut transaction,
auth_request.client_id,
auth_request.redirect_uri,
)
.await?
.ok_or_else(|| Error::not_found(auth_request.client_id))?;
let settings = Settings::get(&mut transaction).await?;
transaction.commit().await?;
// Define content // Define content
let content = content::Authorize { let content = content::Authorize {
business_name: Settings::get(&mut *db).await?.business_name().into(), app_name: app.label().into(),
business_name: settings.business_name().into(),
}; };
Ok(flash Ok(flash
@ -42,17 +56,26 @@ async fn authorize_page(
} }
#[get("/oauth/authorize", rank = 3)] #[get("/oauth/authorize", rank = 3)]
async fn authorize_ezidam(mut db: Connection<Database>) -> Redirect { async fn authorize_ezidam(mut db: Connection<Database>) -> Result<Redirect> {
// TODO: get ezidam app info from db let mut transaction = db.begin().await?;
// Get ezidam app info
let app_id = "ezidam";
let app = App::get_one_by_id(&mut transaction, app_id)
.await?
.ok_or_else(|| Error::not_found(app_id))?;
transaction.commit().await?;
let request = AuthenticationRequest { let request = AuthenticationRequest {
response_type: openid::CoreResponseType::Code.as_ref(), response_type: openid::CoreResponseType::Code.as_ref(),
response_mode: ResponseMode::Query, response_mode: ResponseMode::Query,
scope: &openid::SupportedScopes::url_format(), scope: &openid::SupportedScopes::url_format(),
client_id: "ezidam TODO HERE", client_id: app.id().as_ref(),
redirect_uri: "put URI HERE", redirect_uri: app.redirect_uri(),
state: "TODO", state: "TODO",
}; };
Redirect::to(uri!(authorize_page(auth_request = request))) Ok(Redirect::to(uri!(authorize_page(auth_request = request))))
} }
#[derive(Debug, FromForm)] #[derive(Debug, FromForm)]
@ -69,6 +92,10 @@ fn flash(message: String, request: AuthenticationRequest) -> Flash<Redirect> {
) )
} }
fn invalid_form(request: AuthenticationRequest) -> Flash<Redirect> {
flash("Please fill out the form".to_string(), request)
}
fn invalid_credentials(login: &str, request: AuthenticationRequest) -> Flash<Redirect> { fn invalid_credentials(login: &str, request: AuthenticationRequest) -> Flash<Redirect> {
flash(format!("Invalid credentials for {login}"), request) flash(format!("Invalid credentials for {login}"), request)
} }
@ -83,8 +110,12 @@ async fn authorize(
mut db: Connection<Database>, mut db: Connection<Database>,
auth_request: AuthenticationRequest<'_>, auth_request: AuthenticationRequest<'_>,
) -> Result<Either<Redirect, Flash<Redirect>>> { ) -> Result<Either<Redirect, Flash<Redirect>>> {
// TODO: check app and stuff AGAIN, this is important // TODO: check app and stuff before doing anything AGAIN, this is important
// TODO: check if request uri matches
if form.login.is_empty() {
return Ok(Either::Right(invalid_form(auth_request)));
}
let form = form.into_inner(); let form = form.into_inner();
let mut transaction = db.begin().await?; let mut transaction = db.begin().await?;

4
crates/ezidam/templates/pages/oauth/authorize.html.tera
View file

@ -20,10 +20,10 @@
<div class="card card-md"> <div class="card card-md">
<div class="card-body"> <div class="card-body">
<div class="text-center mb-2"> <div class="text-center mb-2">
<h2 class="h2">Sign in</h2> <h2 class="h2">Access {{ app_name }}</h2>
<p class="text-muted">With your {{ business_name }} account</p> <p class="text-muted">With your {{ business_name }} account</p>
</div> </div>
<form action="" method="post" autocomplete="off" novalidate> <form action="" method="post" autocomplete="off" novalidate class="mt-4">
<div class="mb-3"> <div class="mb-3">
<label class="form-label">Login</label> <label class="form-label">Login</label>
<input name="login" type="text" class="form-control" placeholder="Email or username" <input name="login" type="text" class="form-control" placeholder="Email or username"