diff options
| author | Frederick Muriuki Muriithi | 2023-05-08 16:31:38 +0300 |
|---|---|---|
| committer | Frederick Muriuki Muriithi | 2023-05-09 13:15:47 +0300 |
| commit | 5526f0316c2714d30e47a90f81e0ff686a29042f (patch) | |
| tree | 64b6422984a6e3ce8bee3850b47a16c822677073 /gn3/templates | |
| parent | f2c09dc2dc2528c75fcf5b80aa4b530a0b5eef08 (diff) | |
| download | genenetwork3-auth/implement-authorization-code-flow.tar.gz | |
auth: Implement "Authorization Code Flow" auth/implement-authorization-code-flow
Implement the "Authorization Code Flow" for the authentication of users. * gn3/auth/authentication/oauth2/grants/authorisation_code_grant.py: query and save the authorisation code. * gn3/auth/authentication/oauth2/models/authorization_code.py: Implement the `AuthorisationCode` model * gn3/auth/authentication/oauth2/models/oauth2client.py: Fix typo * gn3/auth/authentication/oauth2/server.py: Register the `AuthorisationCodeGrant` grant with the server. * gn3/auth/authentication/oauth2/views.py: Implement `/authorise` endpoint * gn3/templates/base.html: New HTML Templates of authorisation UI * gn3/templates/common-macros.html: New HTML Templates of authorisation UI * gn3/templates/oauth2/authorise-user.html: New HTML Templates of authorisation UI * main.py: Allow both "code" and "token" response types.
Diffstat (limited to 'gn3/templates')
| -rw-r--r-- | gn3/templates/base.html | 17 | ||||
| -rw-r--r-- | gn3/templates/common-macros.html | 7 | ||||
| -rw-r--r-- | gn3/templates/oauth2/authorise-user.html | 40 |
3 files changed, 64 insertions, 0 deletions
diff --git a/gn3/templates/base.html b/gn3/templates/base.html new file mode 100644 index 0000000..c1070ed --- /dev/null +++ b/gn3/templates/base.html @@ -0,0 +1,17 @@ +{% from "common-macros.html" import flash_messages%} +<!DOCTYPE html> +<html lang="en"> + <head> + <meta charset="utf-8" /> + <meta name="viewport" content="width=device-width, initial-scale=1.0" /> + + <title>Genenetwork 3: {%block title%}{%endblock%}</title> + + {%block css%}{%endblock%} + </head> + + <body> + {%block content%}{%endblock%} + {%block js%}{%endblock%} + <body> +</html> diff --git a/gn3/templates/common-macros.html b/gn3/templates/common-macros.html new file mode 100644 index 0000000..1d9f302 --- /dev/null +++ b/gn3/templates/common-macros.html @@ -0,0 +1,7 @@ +{%macro flash_messages()%} +<div class="alert-messages"> + {%for category,message in get_flashed_messages(with_categories=true)%} + <div class="alert {{category}}" role="alert">{{message}}</div> + {%endfor%} +</div> +{%endmacro%} diff --git a/gn3/templates/oauth2/authorise-user.html b/gn3/templates/oauth2/authorise-user.html new file mode 100644 index 0000000..d40379f --- /dev/null +++ b/gn3/templates/oauth2/authorise-user.html @@ -0,0 +1,40 @@ +{%extends "base.html"%} + +{%block title%}Authorise User{%endblock%} + +{%block content%} +{{flash_messages()}} + +<h1>Authenticate to the API Server</h1> + +<form method="POST" action="#"> + <input type="hidden" name="response_type" value="{{response_type}}" /> + <input type="hidden" name="scope" value="{{scope | join(' ')}}" /> + <p> + You are authorising "{{client.client_metadata.client_name}}" to access + Genenetwork 3 with the following scope: + </p> + <fieldset> + <legend>Scope</legend> + {%for scp in scope%} + <input id="scope:{{scp}}" type="checkbox" name="scope[]" value="{{scp}}" + checked="checked" disabled="disabled" /> + <label for="scope:{{scp}}">{{scp}}</label> + <br /> + {%endfor%} + </fieldset> + + <fieldset> + <legend>User Credentials</legend> + <label for="user:email">Email</label> + <input type="email" name="user:email" id="user:email" required="required" /> + <br /> + + <label for="user:password">Password</label> + <input type="password" name="user:password" id="user:password" + required="required" /> + </fieldset> + + <input type="submit" value="authorise" /> +</form> +{%endblock%} |