aboutsummaryrefslogtreecommitdiff
path: root/gn3/templates/oauth2/authorise-user.html
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-05-08 16:31:38 +0300
committerFrederick Muriuki Muriithi2023-05-09 13:15:47 +0300
commit5526f0316c2714d30e47a90f81e0ff686a29042f (patch)
tree64b6422984a6e3ce8bee3850b47a16c822677073 /gn3/templates/oauth2/authorise-user.html
parentf2c09dc2dc2528c75fcf5b80aa4b530a0b5eef08 (diff)
downloadgenenetwork3-5526f0316c2714d30e47a90f81e0ff686a29042f.tar.gz
auth: Implement "Authorization Code Flow"auth/implement-authorization-code-flow
Implement the "Authorization Code Flow" for the authentication of users. * gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and save the authorisation code. * gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the `AuthorisationCode` model * gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo * gn3/auth/authentication/oauth2/server.py: Register the `AuthorisationCodeGrant` grant with the server. * gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint * gn3/templates/base.html: New HTML Templates of authorisation UI * gn3/templates/common-macros.html: New HTML Templates of authorisation UI * gn3/templates/oauth2/authorise-user.html: New HTML Templates of authorisation UI * main.py: Allow both "code" and "token" response types.
Diffstat (limited to 'gn3/templates/oauth2/authorise-user.html')
-rw-r--r--gn3/templates/oauth2/authorise-user.html40
1 files changed, 40 insertions, 0 deletions
diff --git a/gn3/templates/oauth2/authorise-user.html b/gn3/templates/oauth2/authorise-user.html
new file mode 100644
index 0000000..d40379f
--- /dev/null
+++ b/gn3/templates/oauth2/authorise-user.html
@@ -0,0 +1,40 @@
+{%extends "base.html"%}
+
+{%block title%}Authorise User{%endblock%}
+
+{%block content%}
+{{flash_messages()}}
+
+<h1>Authenticate to the API Server</h1>
+
+<form method="POST" action="#">
+ <input type="hidden" name="response_type" value="{{response_type}}" />
+ <input type="hidden" name="scope" value="{{scope | join(' ')}}" />
+ <p>
+ You are authorising "{{client.client_metadata.client_name}}" to access
+ Genenetwork 3 with the following scope:
+ </p>
+ <fieldset>
+ <legend>Scope</legend>
+ {%for scp in scope%}
+ <input id="scope:{{scp}}" type="checkbox" name="scope[]" value="{{scp}}"
+ checked="checked" disabled="disabled" />
+ <label for="scope:{{scp}}">{{scp}}</label>
+ <br />
+ {%endfor%}
+ </fieldset>
+
+ <fieldset>
+ <legend>User Credentials</legend>
+ <label for="user:email">Email</label>
+ <input type="email" name="user:email" id="user:email" required="required" />
+ <br />
+
+ <label for="user:password">Password</label>
+ <input type="password" name="user:password" id="user:password"
+ required="required" />
+ </fieldset>
+
+ <input type="submit" value="authorise" />
+</form>
+{%endblock%}