redirect user to next after login with github/google

This commit is contained in:
Son NK 2019-07-08 19:33:28 +02:00 committed by Son NK
parent 4227c3036d
commit f21f16e3f2
3 changed files with 45 additions and 37 deletions

View file

@ -75,17 +75,19 @@
<div class="card-body p-6"> <div class="card-body p-6">
<div class="card-title">Social sign in</div> <div class="card-title">Social sign in</div>
<a href="{{ url_for('auth.github_login') }}" class="btn btn-block btn-social btn-github"> <a href="{{ url_for('auth.github_login', next=next_url) }}"
class="btn btn-block btn-social btn-github">
<i class="fa fa-github"></i> Sign in with Github <i class="fa fa-github"></i> Sign in with Github
</a> </a>
<a href="{{ url_for('auth.google_login') }}" class="btn btn-block btn-social btn-google"> <a href="{{ url_for('auth.google_login', next=next_url) }}"
class="btn btn-block btn-social btn-google">
<i class="fa fa-google"></i> Sign in with Google <i class="fa fa-google"></i> Sign in with Google
</a> </a>
</div>
</div> </div>
</div>
</div> </div>
{% endblock %} {% endblock %}

View file

@ -9,22 +9,28 @@ from app.email_utils import notify_admin
from app.extensions import db from app.extensions import db
from app.log import LOG from app.log import LOG
from app.models import User from app.models import User
from app.utils import random_string from app.utils import random_string, encode_url
authorization_base_url = "https://github.com/login/oauth/authorize" _authorization_base_url = "https://github.com/login/oauth/authorize"
token_url = "https://github.com/login/oauth/access_token" _token_url = "https://github.com/login/oauth/access_token"
# need to set explicitly redirect_uri instead of leaving the lib to pre-fill redirect_uri # need to set explicitly redirect_uri instead of leaving the lib to pre-fill redirect_uri
# when served behind nginx, the redirect_uri is localhost... and not the real url # when served behind nginx, the redirect_uri is localhost... and not the real url
redirect_uri = URL + "/auth/github/callback" _redirect_uri = URL + "/auth/github/callback"
@auth_bp.route("/github/login") @auth_bp.route("/github/login")
def github_login(): def github_login():
next_url = request.args.get("next")
if next_url:
redirect_uri = _redirect_uri + "?next=" + encode_url(next_url)
else:
redirect_uri = _redirect_uri
github = OAuth2Session( github = OAuth2Session(
GITHUB_CLIENT_ID, scope=["user:email"], redirect_uri=redirect_uri GITHUB_CLIENT_ID, scope=["user:email"], redirect_uri=redirect_uri
) )
authorization_url, state = github.authorization_url(authorization_base_url) authorization_url, state = github.authorization_url(_authorization_base_url)
# State is used to prevent CSRF, keep this for later. # State is used to prevent CSRF, keep this for later.
session["oauth_state"] = state session["oauth_state"] = state
@ -37,10 +43,10 @@ def github_callback():
GITHUB_CLIENT_ID, GITHUB_CLIENT_ID,
state=session["oauth_state"], state=session["oauth_state"],
scope=["user:email"], scope=["user:email"],
redirect_uri=redirect_uri, redirect_uri=_redirect_uri,
) )
token = github.fetch_token( token = github.fetch_token(
token_url, _token_url,
client_secret=GITHUB_CLIENT_SECRET, client_secret=GITHUB_CLIENT_SECRET,
authorization_response=request.url, authorization_response=request.url,
) )

View file

@ -20,36 +20,36 @@ def login():
return redirect(url_for("dashboard.index")) return redirect(url_for("dashboard.index"))
form = LoginForm(request.form) form = LoginForm(request.form)
next_url = request.args.get("next")
error = ""
show_resend_activation = False
if form.validate_on_submit(): if form.validate_on_submit():
user = User.filter_by(email=form.email.data).first() user = User.filter_by(email=form.email.data).first()
if not user: if not user:
return render_template( error = "Email not exist in our system"
"auth/login.html", form=form, error="Email not exist in our system" elif not user.check_password(form.password.data):
) error = "Wrong password"
elif not user.activated:
if not user.check_password(form.password.data): show_resend_activation = True
return render_template("auth/login.html", form=form, error="Wrong password") error = "Please check your inbox for the activation email. You can also have this email re-sent"
if not user.activated:
return render_template(
"auth/login.html",
form=form,
show_resend_activation=True,
error="Please check your inbox for the activation email. You can also have this email re-sent",
)
LOG.debug("log user %s in", user)
login_user(user)
# User comes to login page from another page
if "next" in request.args:
next_url = request.args.get("next")
LOG.debug("redirect user to %s", next_url)
return redirect(next_url)
else: else:
LOG.debug("redirect user to dashboard") LOG.debug("log user %s in", user)
return redirect(url_for("dashboard.index")) login_user(user)
return render_template("auth/login.html", form=form) # User comes to login page from another page
if next_url:
LOG.debug("redirect user to %s", next_url)
return redirect(next_url)
else:
LOG.debug("redirect user to dashboard")
return redirect(url_for("dashboard.index"))
return render_template(
"auth/login.html",
form=form,
next_url=next_url,
show_resend_activation=show_resend_activation,
error=error,
)