redirect user to next after login with github/google

2019-07-08 19:33:28 +02:00 · 2019-07-08 19:33:28 +02:00 · f21f16e3f2
parent 4227c3036d
commit f21f16e3f2
3 changed files with 45 additions and 37 deletions
--- a/app/auth/templates/auth/login.html
+++ b/app/auth/templates/auth/login.html
@ -75,17 +75,19 @@
        <div class="card-body p-6">
          <div class="card-title">Social sign in</div>

-          <a href="{{ url_for('auth.github_login') }}" class="btn btn-block btn-social btn-github">
+          <a href="{{ url_for('auth.github_login', next=next_url) }}"
+             class="btn btn-block btn-social btn-github">
            <i class="fa fa-github"></i> Sign in with Github
          </a>

-          <a href="{{ url_for('auth.google_login') }}" class="btn btn-block btn-social btn-google">
+          <a href="{{ url_for('auth.google_login', next=next_url) }}"
+             class="btn btn-block btn-social btn-google">
            <i class="fa fa-google"></i> Sign in with Google
          </a>
+        </div>
      </div>
-    </div>

-  </div>
+    </div>


 {% endblock %}
--- a/app/auth/views/github.py
+++ b/app/auth/views/github.py
@ -9,22 +9,28 @@ from app.email_utils import notify_admin
 from app.extensions import db
 from app.log import LOG
 from app.models import User
-from app.utils import random_string
+from app.utils import random_string, encode_url

-authorization_base_url = "https://github.com/login/oauth/authorize"
-token_url = "https://github.com/login/oauth/access_token"
+_authorization_base_url = "https://github.com/login/oauth/authorize"
+_token_url = "https://github.com/login/oauth/access_token"

 # need to set explicitly redirect_uri instead of leaving the lib to pre-fill redirect_uri
 # when served behind nginx, the redirect_uri is localhost... and not the real url
-redirect_uri = URL + "/auth/github/callback"
+_redirect_uri = URL + "/auth/github/callback"


@auth_bp.route("/github/login")
 def github_login():
+    next_url = request.args.get("next")
+    if next_url:
+        redirect_uri = _redirect_uri + "?next=" + encode_url(next_url)
+    else:
+        redirect_uri = _redirect_uri
+
    github = OAuth2Session(
        GITHUB_CLIENT_ID, scope=["user:email"], redirect_uri=redirect_uri
    )
-    authorization_url, state = github.authorization_url(authorization_base_url)
+    authorization_url, state = github.authorization_url(_authorization_base_url)

    # State is used to prevent CSRF, keep this for later.
    session["oauth_state"] = state
@ -37,10 +43,10 @@ def github_callback():
        GITHUB_CLIENT_ID,
        state=session["oauth_state"],
        scope=["user:email"],
-        redirect_uri=redirect_uri,
+        redirect_uri=_redirect_uri,
    )
    token = github.fetch_token(
-        token_url,
+        _token_url,
        client_secret=GITHUB_CLIENT_SECRET,
        authorization_response=request.url,
    )
--- a/app/auth/views/login.py
+++ b/app/auth/views/login.py
@ -20,36 +20,36 @@ def login():
        return redirect(url_for("dashboard.index"))

    form = LoginForm(request.form)
+    next_url = request.args.get("next")
+    error = ""
+    show_resend_activation = False

    if form.validate_on_submit():
        user = User.filter_by(email=form.email.data).first()

        if not user:
-            return render_template(
-                "auth/login.html", form=form, error="Email not exist in our system"
-            )
-
-        if not user.check_password(form.password.data):
-            return render_template("auth/login.html", form=form, error="Wrong password")
-
-        if not user.activated:
-            return render_template(
-                "auth/login.html",
-                form=form,
-                show_resend_activation=True,
-                error="Please check your inbox for the activation email. You can also have this email re-sent",
-            )
-
-        LOG.debug("log user %s in", user)
-        login_user(user)
-
-        # User comes to login page from another page
-        if "next" in request.args:
-            next_url = request.args.get("next")
-            LOG.debug("redirect user to %s", next_url)
-            return redirect(next_url)
+            error = "Email not exist in our system"
+        elif not user.check_password(form.password.data):
+            error = "Wrong password"
+        elif not user.activated:
+            show_resend_activation = True
+            error = "Please check your inbox for the activation email. You can also have this email re-sent"
        else:
-            LOG.debug("redirect user to dashboard")
-            return redirect(url_for("dashboard.index"))
+            LOG.debug("log user %s in", user)
+            login_user(user)

-    return render_template("auth/login.html", form=form)
+            # User comes to login page from another page
+            if next_url:
+                LOG.debug("redirect user to %s", next_url)
+                return redirect(next_url)
+            else:
+                LOG.debug("redirect user to dashboard")
+                return redirect(url_for("dashboard.index"))
+
+    return render_template(
+        "auth/login.html",
+        form=form,
+        next_url=next_url,
+        show_resend_activation=show_resend_activation,
+        error=error,
+    )