[Feature] OAuth2 Provider (#84)

Fixes #74 Co-authored-by: Tim Lorsbach <tim@lorsba.ch> Reviewed-on: enviPath/enviPy#84
2025-09-05 06:50:16 +12:00
parent 4158bd36cb
commit 3c8f0e80cb
8 changed files with 189 additions and 2 deletions
--- a/epdb/middleware/login_required_middleware.py
+++ b/epdb/middleware/login_required_middleware.py
@ -1,6 +1,7 @@
 from django.conf import settings
 from django.shortcuts import redirect
 from django.urls import reverse
+from urllib.parse import quote

 class LoginRequiredMiddleware:
    def __init__(self, get_response):
@ -17,5 +18,8 @@ class LoginRequiredMiddleware:
        if not request.user.is_authenticated:
            path = request.path_info
            if not any(path.startswith(url) for url in self.exempt_urls):
+                if request.method == 'GET':
+                    if request.get_full_path() and request.get_full_path() != '/':
+                        return redirect(f"{settings.LOGIN_URL}?next={quote(request.get_full_path())}")
                return redirect(settings.LOGIN_URL)
        return self.get_response(request)
--- a/epdb/urls.py
+++ b/epdb/urls.py
@ -76,5 +76,7 @@ urlpatterns = [
    re_path(r'^indigo/dearomatize$', v.dearomatize, name='indigo_dearomatize'),
    re_path(r'^indigo/layout$', v.layout, name='indigo_layout'),

-    re_path(r'^depict$', v.depict, name='depict')
+    re_path(r'^depict$', v.depict, name='depict'),
+
+    path("o/userinfo/", v.userinfo, name="oauth_userinfo"),
 ]
--- a/epdb/views.py
+++ b/epdb/views.py
@ -46,6 +46,7 @@ def login(request):

    if request.method == 'GET':
        context['title'] = 'enviPath'
+        context['next'] = request.GET.get('next', '')
        return render(request, 'login.html', context)

    elif request.method == 'POST':
@ -59,7 +60,7 @@ def login(request):
            username = request.POST.get('username')
            password = request.POST.get('password')

-            # Get email for username and check if account is active
+            # Get email for username and check if the account is active
            try:
                temp_user = get_user_model().objects.get(username=username)

@ -79,6 +80,10 @@ def login(request):

            if user is not None:
                login(request, user)
+
+                if next := request.POST.get('next'):
+                    return redirect(next)
+
                return redirect(s.SERVER_URL)
            else:
                context['message'] = "Login failed!"
@ -2213,3 +2218,18 @@ def depict(request):
        return HttpResponse(IndigoUtils.smirks_to_svg(smirks, query_smirks), content_type='image/svg+xml')
    else:
        return HttpResponseBadRequest()
+
+
+from django.contrib.auth.decorators import login_required
+from django.http import JsonResponse
+
+@login_required
+def userinfo(request):
+    user = request.user
+    return JsonResponse({
+        "sub": str(user.uuid),
+        "email": user.email,
+        "username": user.username,
+        "name": user.get_full_name() or user.username,
+        "email_verified": user.is_active,
+    })