From fc36647d4950084d2307c1d9547db5f65a102a63 Mon Sep 17 00:00:00 2001 From: Edward Betts Date: Tue, 23 Jan 2024 10:49:58 +0000 Subject: [PATCH] Switch to UniAuth.auth --- agenda/auth.py | 36 ------------------------------------ web_view.py | 4 ++-- 2 files changed, 2 insertions(+), 38 deletions(-) delete mode 100644 agenda/auth.py diff --git a/agenda/auth.py b/agenda/auth.py deleted file mode 100644 index fefbee9..0000000 --- a/agenda/auth.py +++ /dev/null @@ -1,36 +0,0 @@ -"""Authentication via UniAuth.""" - -import flask -import werkzeug -from itsdangerous.url_safe import URLSafeTimedSerializer - -max_age = 60 * 60 * 24 * 90 - - -def verify_auth_token(token: str) -> str | None: - """Verify the authentication token.""" - serializer = URLSafeTimedSerializer(flask.current_app.config["SECRET_KEY"]) - try: - username = serializer.loads(token, salt="auth", max_age=max_age) - except Exception: - return None - - assert isinstance(username, str) - return username - - -def require_authentication() -> werkzeug.Response | None: - """Require authentication and redirect with return URL.""" - if not flask.current_app.config.get("REQUIRE_AUTH"): - return None - - token = flask.request.cookies.get("auth_token") - if token and verify_auth_token(token): - return None - - # Construct the redirect URL with the original URL as a parameter - return flask.redirect( - flask.current_app.config["UNIAUTH_URL"] - + "/login?next=" - + werkzeug.urls.url_quote(flask.request.url) - ) diff --git a/web_view.py b/web_view.py index ea84364..16aa6d7 100755 --- a/web_view.py +++ b/web_view.py @@ -11,11 +11,11 @@ import typing from datetime import date, datetime, timedelta import flask +import UniAuth.auth import werkzeug import werkzeug.debug.tbtools import yaml -import agenda.auth import agenda.data import agenda.error_mail import agenda.holidays @@ -28,7 +28,7 @@ app = flask.Flask(__name__) app.debug = False app.config.from_object("config.default") -app.before_request(agenda.auth.require_authentication) +app.before_request(UniAuth.auth.require_authentication) agenda.error_mail.setup_error_mail(app)