X-Git-Url: https://git.mdrn.pl/redakcja.git/blobdiff_plain/edf56edfdbea88b0e18c2e5aecbb6e62250ec3d7..e96eab03b81641de7b74f22610bb7cd3a2db8432:/src/apiclient/views.py?ds=sidebyside diff --git a/src/apiclient/views.py b/src/apiclient/views.py index 8d0a7983..e43ae0ca 100644 --- a/src/apiclient/views.py +++ b/src/apiclient/views.py @@ -1,8 +1,12 @@ -import cgi +# This file is part of FNP-Redakcja, licensed under GNU Affero GPLv3 or later. +# Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information. +# +from urllib.parse import parse_qsl from django.contrib.auth.decorators import login_required from django.urls import reverse from django.http import HttpResponseRedirect, HttpResponse +from django.views.decorators.http import require_POST import oauth2 from apiclient.models import OAuthConnection @@ -21,8 +25,8 @@ def oauth(request, beta=False): if resp['status'] != '200': raise Exception("Invalid response %s." % resp['status']) - request_token = dict(cgi.parse_qsl(content)) - + request_token = dict(parse_qsl(content.decode('utf-8'))) + conn = OAuthConnection.get(request.user, beta) # this might reset existing auth! conn.access = False @@ -31,10 +35,10 @@ def oauth(request, beta=False): conn.save() url = "%s?oauth_token=%s&oauth_callback=%s" % ( - WL_AUTHORIZE_URL if not beta else BETA_AUTHORIZE_URL, - request_token['oauth_token'], - request.build_absolute_uri(reverse("apiclient_oauth_callback" if not beta else "apiclient_beta_callback")), - ) + WL_AUTHORIZE_URL if not beta else BETA_AUTHORIZE_URL, + request_token['oauth_token'], + request.build_absolute_uri(reverse("apiclient_oauth_callback" if not beta else "apiclient_beta_callback")), + ) return HttpResponseRedirect(url) @@ -49,12 +53,19 @@ def oauth_callback(request, beta=False): token = oauth2.Token(conn.token, conn.token_secret) token.set_verifier(oauth_verifier) client = oauth2.Client(wl_consumer, token) - resp, content = client.request(WL_ACCESS_TOKEN_URL if not beta else BETA_ACCESS_TOKEN_URL, method="POST") - access_token = dict(cgi.parse_qsl(content)) + _resp, content = client.request(WL_ACCESS_TOKEN_URL if not beta else BETA_ACCESS_TOKEN_URL, method="POST") + access_token = dict(parse_qsl(content.decode('utf-8'))) conn.access = True conn.token = access_token['oauth_token'] conn.token_secret = access_token['oauth_token_secret'] conn.save() - return HttpResponseRedirect('/') + return HttpResponseRedirect(reverse('documents_user')) + + +@login_required +@require_POST +def disconnect(request): + request.user.oauthconnection_set.filter(beta=False).delete() + return HttpResponseRedirect(reverse('documents_user'))