diff options
| author | Frederick Muriuki Muriithi | 2023-05-08 16:31:38 +0300 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2023-05-09 13:15:47 +0300 |
| commit | 5526f0316c2714d30e47a90f81e0ff686a29042f (patch) | |
| tree | 64b6422984a6e3ce8bee3850b47a16c822677073 /gn3/templates/oauth2 | |
| parent | f2c09dc2dc2528c75fcf5b80aa4b530a0b5eef08 (diff) | |
| download | genenetwork3-auth/implement-authorization-code-flow.tar.gz | |
auth: Implement "Authorization Code Flow"auth/implement-authorization-code-flow
Implement the "Authorization Code Flow" for the authentication of users.
* gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and
save the authorisation code.
* gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the
`AuthorisationCode` model
* gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo
* gn3/auth/authentication/oauth2/server.py: Register the
`AuthorisationCodeGrant` grant with the server.
* gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint
* gn3/templates/base.html: New HTML Templates of authorisation UI
* gn3/templates/common-macros.html: New HTML Templates of authorisation UI
* gn3/templates/oauth2/authorise-user.html: New HTML Templates of
authorisation UI
* main.py: Allow both "code" and "token" response types.
Diffstat (limited to 'gn3/templates/oauth2')
| -rw-r--r-- | gn3/templates/oauth2/authorise-user.html | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/gn3/templates/oauth2/authorise-user.html b/gn3/templates/oauth2/authorise-user.html new file mode 100644 index 0000000..d40379f --- /dev/null +++ b/gn3/templates/oauth2/authorise-user.html @@ -0,0 +1,40 @@ +{%extends "base.html"%} + +{%block title%}Authorise User{%endblock%} + +{%block content%} +{{flash_messages()}} + +<h1>Authenticate to the API Server</h1> + +<form method="POST" action="#"> + <input type="hidden" name="response_type" value="{{response_type}}" /> + <input type="hidden" name="scope" value="{{scope | join(' ')}}" /> + <p> + You are authorising "{{client.client_metadata.client_name}}" to access + Genenetwork 3 with the following scope: + </p> + <fieldset> + <legend>Scope</legend> + {%for scp in scope%} + <input id="scope:{{scp}}" type="checkbox" name="scope[]" value="{{scp}}" + checked="checked" disabled="disabled" /> + <label for="scope:{{scp}}">{{scp}}</label> + <br /> + {%endfor%} + </fieldset> + + <fieldset> + <legend>User Credentials</legend> + <label for="user:email">Email</label> + <input type="email" name="user:email" id="user:email" required="required" /> + <br /> + + <label for="user:password">Password</label> + <input type="password" name="user:password" id="user:password" + required="required" /> + </fieldset> + + <input type="submit" value="authorise" /> +</form> +{%endblock%} |