Allow unprivileged view

Closes: #101

agenda/data.py

@@ -312,7 +312,6 @@ def get_busy_events(
                 url=flask.url_for("trip_page", start=trip.start.isoformat()),
             )
         )
-    # pprint(events)
 
     busy_events = [
         e
@@ -426,7 +425,11 @@ async def get_data(
 
     holiday_list = holidays.get_all(last_year, next_year, data_dir)
     events += holidays.combine_holidays(holiday_list)
-    events += birthday.get_birthdays(last_year, os.path.join(my_data, "entities.yaml"))
+    if flask.g.user.is_authenticated:
+        events += birthday.get_birthdays(
+            last_year, os.path.join(my_data, "entities.yaml")
+        )
+        events += domains.renewal_dates(my_data)
     events += accommodation_events
     events += travel.all_events(my_data)
     events += conference.get_list(os.path.join(my_data, "conferences.yaml"))
@@ -440,8 +443,6 @@ async def get_data(
     events += hn.whoishiring(last_year, next_year)
     events += rio_carnival_events(last_year, next_year)
 
-    events += domains.renewal_dates(my_data)
-
     # hide markets that happen while away
     optional = [
         e

templates/macros.html

@@ -86,7 +86,13 @@
   </div>
   <div class="grid-item">{{ item.duration }}</div>
   <div class="grid-item">{{ full_flight_number }}</div>
-  <div class="grid-item">{{ item.booking_reference }}</div>
+  <div class="grid-item">
+    {% if g.user.is_authenticated %}
+      {{ item.booking_reference }}
+    {% else %}
+      <em>redacted</em>
+    {% endif %}
+  </div>
   <div class="grid-item">
     <a href="https://www.flightradar24.com/data/flights/{{ full_flight_number | lower }}">flightradar24</a>
     | <a href="https://uk.flightaware.com/live/flight/{{ full_flight_number | replace("U2", "EZY") }}">FlightAware</a>
@@ -106,6 +112,12 @@
   </div>
   <div class="grid-item">{{ ((item.arrive - item.depart).total_seconds() // 60) | int }} mins</div>
   <div class="grid-item">{{ item.operator }}</div>
-  <div class="grid-item">{{ item.booking_reference }}</div>
+  <div class="grid-item">
+    {% if g.user.is_authenticated %}
+      {{ item.booking_reference }}
+    {% else %}
+      <em>redacted</em>
+    {% endif %}
+  </div>
   <div class="grid-item"></div>
 {% endmacro %}

templates/navbar.html

@@ -31,7 +31,11 @@
         {% endfor %}
       </ul>
       <ul class="navbar-nav ms-auto">
-        <li class="nav-item"><a class="nav-link" href="{{ config.UNIAUTH_URL }}/logout?next={{ request.url | urlencode }}">Logout</a></li>
+      {% if g.user.is_authenticated %}
+        <li class="nav-item"><a class="nav-link" href="{{ url_for("logout", next=request.url) }}">Logout</a></li>
+      {% else %}
+        <li class="nav-item"><a class="nav-link" href="{{ url_for("login", next=request.url) }}">Login</a></li>
+      {% endif %}
       </ul>
     </div>
   </div>

web_view.py

@@ -28,11 +28,15 @@ app = flask.Flask(__name__)
 app.debug = False
 app.config.from_object("config.default")
 
-app.before_request(UniAuth.auth.require_authentication)
-
 agenda.error_mail.setup_error_mail(app)
 
 
+@app.before_request
+def handle_auth() -> None:
+    """Handle autentication and set global user."""
+    flask.g.user = UniAuth.auth.get_current_user()
+
+
 @app.errorhandler(werkzeug.exceptions.InternalServerError)
 def exception_handler(e: werkzeug.exceptions.InternalServerError) -> tuple[str, int]:
     """Handle exception."""
@@ -369,5 +373,18 @@ def auth_callback() -> tuple[str, int] | werkzeug.Response:
     return UniAuth.auth.auth_callback()
 
 
+@app.route("/login")
+def login() -> werkzeug.Response:
+    """Login."""
+    next_url = flask.request.args["next"]
+    return UniAuth.auth.redirect_to_login(next_url)
+
+
+@app.route("/logout")
+def logout() -> werkzeug.Response:
+    """Logout."""
+    return UniAuth.auth.redirect_to_logout(flask.request.args["next"])
+
+
 if __name__ == "__main__":
     app.run(host="0.0.0.0")