Refactor auth into user.py, Implement login/out in frontend, Add FontAwesome

2022-09-05 18:50:02 +02:00
parent 563eac3de4
commit 6f7279c049
8 changed files with 189 additions and 41 deletions
--- a/server/server/init.py
+++ b/server/server/init.py
@@ -7,18 +7,11 @@ from starlette.responses import HTMLResponse, RedirectResponse
 from authlib.integrations.starlette_client import OAuth, OAuthError

 from .settings import settings
-
-config = Config("secret.env")  # TODO unify this with settings
-
-oauth = OAuth(config)
-oauth.register(
-    name="gitea",
-    server_metadata_url="https://git.leafbla.de/.well-known/openid-configuration",
-)
+from .user import user_auth

 app = FastAPI()
-app.add_middleware(SessionMiddleware, secret_key=config.get("SESSION_SECRET_KEY"))

+app.mount("/user/", user_auth)

 templates = Jinja2Templates(directory="templates")

@@ -38,29 +31,5 @@ async def index(request: Request):
    )


-@app.get("/login")
-async def login(request: Request):
-    redirect_uri = request.url_for("auth")
-    return await oauth.gitea.authorize_redirect(request, redirect_uri)
-
-
-@app.get("/auth")
-async def auth(request: Request):
-    try:
-        token = await oauth.gitea.authorize_access_token(request)
-    except OAuthError as e:
-        return HTMLResponse(f"<h1>{e.error}</h1>")
-    user = await oauth.gitea.userinfo(token=token)
-    if user:
-        request.session["user"] = dict(user)
-    return RedirectResponse(url="/")
-
-
-@app.get("/logout")
-async def logout(request: Request):
-    request.session.pop("user", None)
-    return RedirectResponse(url="/")
-
-
 if not settings.dev_mode:
    app.mount("/", StaticFiles(directory=settings.frontend_path))
--- a/server/server/user.py
+++ b/server/server/user.py
@@ -0,0 +1,78 @@
+from fastapi import FastAPI, Request
+from pydantic import BaseModel, HttpUrl
+from starlette.config import Config
+from starlette.middleware.sessions import SessionMiddleware
+from starlette.responses import HTMLResponse, RedirectResponse
+from authlib.integrations.starlette_client import OAuth, OAuthError
+
+config = Config("secret.env")  # TODO unify this with settings
+
+oauth = OAuth(config)
+oauth.register(
+    name="gitea",
+    server_metadata_url="https://git.leafbla.de/.well-known/openid-configuration",
+)
+
+user_auth = FastAPI()
+user_auth.add_middleware(SessionMiddleware, secret_key=config.get("SESSION_SECRET_KEY"))
+
+
+@user_auth.get("/login")
+async def login(request: Request):
+    redirect_uri = request.url_for("auth")
+    return await oauth.gitea.authorize_redirect(request, redirect_uri)
+
+
+@user_auth.get("/auth")
+async def auth(request: Request):
+    try:
+        token = await oauth.gitea.authorize_access_token(request)
+    except OAuthError as e:
+        return HTMLResponse(f"<h1>{e.error}</h1>")
+    user = await oauth.gitea.userinfo(token=token)
+    if user:
+        request.session["user"] = dict(user)
+    return RedirectResponse(url="/")
+
+
+@user_auth.get("/logout")
+async def logout(request: Request):
+    request.session.pop("user", None)
+    return RedirectResponse(url="/")
+
+
+"""
+user={
+    'sub': '1',
+    'name': 'Kai Vogelgesang',
+    'preferred_username': 'kai',
+    'email': 'kai@leafbla.de',
+    'picture': 'https://git.leafbla.de/avatars/279a0c06517e4dd112b291cf78c0c659',
+    'groups': [
+        'gitolite-legacy',
+        'gitolite-legacy:owners',
+        'infrastructure',
+        'infrastructure:owners',
+        'next-website',
+        'next-website:owners',
+        'turtles',
+        'turtles:owners'
+    ]
+} """
+
+
+class MeResponse(BaseModel):
+    name: str
+    email: str
+    picture: HttpUrl
+
+
+@user_auth.get("/me", response_model=MeResponse | None)
+async def display_current_user(request: Request):
+    user = request.session.get("user")
+    if user is None:
+        return None
+    print(f"[/me] {user=}")
+    return MeResponse(
+        name=user["preferred_username"], email=user["email"], picture=user["picture"]
+    )