Switch to UniAuth.auth

This commit is contained in:
Edward Betts 2024-01-23 10:49:58 +00:00
parent 5f0d2e884f
commit fc36647d49
2 changed files with 2 additions and 38 deletions

View file

@ -1,36 +0,0 @@
"""Authentication via UniAuth."""
import flask
import werkzeug
from itsdangerous.url_safe import URLSafeTimedSerializer
max_age = 60 * 60 * 24 * 90
def verify_auth_token(token: str) -> str | None:
"""Verify the authentication token."""
serializer = URLSafeTimedSerializer(flask.current_app.config["SECRET_KEY"])
try:
username = serializer.loads(token, salt="auth", max_age=max_age)
except Exception:
return None
assert isinstance(username, str)
return username
def require_authentication() -> werkzeug.Response | None:
"""Require authentication and redirect with return URL."""
if not flask.current_app.config.get("REQUIRE_AUTH"):
return None
token = flask.request.cookies.get("auth_token")
if token and verify_auth_token(token):
return None
# Construct the redirect URL with the original URL as a parameter
return flask.redirect(
flask.current_app.config["UNIAUTH_URL"]
+ "/login?next="
+ werkzeug.urls.url_quote(flask.request.url)
)

View file

@ -11,11 +11,11 @@ import typing
from datetime import date, datetime, timedelta from datetime import date, datetime, timedelta
import flask import flask
import UniAuth.auth
import werkzeug import werkzeug
import werkzeug.debug.tbtools import werkzeug.debug.tbtools
import yaml import yaml
import agenda.auth
import agenda.data import agenda.data
import agenda.error_mail import agenda.error_mail
import agenda.holidays import agenda.holidays
@ -28,7 +28,7 @@ app = flask.Flask(__name__)
app.debug = False app.debug = False
app.config.from_object("config.default") app.config.from_object("config.default")
app.before_request(agenda.auth.require_authentication) app.before_request(UniAuth.auth.require_authentication)
agenda.error_mail.setup_error_mail(app) agenda.error_mail.setup_error_mail(app)