2020-11-10 16:52:52 +00:00
|
|
|
from authlib.integrations.flask_client import OAuth
|
|
|
|
from authlib.oidc.discovery import get_well_known_url
|
2021-12-20 22:57:27 +00:00
|
|
|
from flask import flash
|
|
|
|
from flask import Flask
|
|
|
|
from flask import redirect
|
|
|
|
from flask import render_template
|
|
|
|
from flask import session
|
|
|
|
from flask import url_for
|
2020-11-10 16:52:52 +00:00
|
|
|
|
|
|
|
|
|
|
|
def create_app():
|
|
|
|
app = Flask(__name__)
|
|
|
|
app.config.from_envvar("CONFIG")
|
|
|
|
app.static_folder = "../../canaille/static"
|
|
|
|
|
|
|
|
oauth = OAuth()
|
|
|
|
oauth.init_app(app)
|
|
|
|
oauth.register(
|
|
|
|
name="yaal",
|
|
|
|
client_id=app.config["OAUTH_CLIENT_ID"],
|
|
|
|
client_secret=app.config["OAUTH_CLIENT_SECRET"],
|
|
|
|
server_metadata_url=get_well_known_url(
|
|
|
|
app.config["OAUTH_AUTH_SERVER"], external=True
|
|
|
|
),
|
2021-06-03 15:24:36 +00:00
|
|
|
client_kwargs={"scope": "openid profile email groups"},
|
2020-11-10 16:52:52 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
@app.route("/")
|
|
|
|
def index():
|
|
|
|
return render_template(
|
|
|
|
"index.html", user=session.get("user"), name=app.config["NAME"]
|
|
|
|
)
|
|
|
|
|
|
|
|
@app.route("/login")
|
|
|
|
def login():
|
|
|
|
return oauth.yaal.authorize_redirect(url_for("authorize", _external=True))
|
|
|
|
|
|
|
|
@app.route("/authorize")
|
|
|
|
def authorize():
|
|
|
|
token = oauth.yaal.authorize_access_token()
|
2022-04-10 14:00:51 +00:00
|
|
|
session["user"] = token.get("userinfo")
|
2020-11-10 16:52:52 +00:00
|
|
|
flash("You have been successfully logged in.", "success")
|
|
|
|
return redirect(url_for("index"))
|
|
|
|
|
|
|
|
@app.route("/logout")
|
|
|
|
def logout():
|
|
|
|
try:
|
|
|
|
del session["user"]
|
|
|
|
except KeyError:
|
|
|
|
pass
|
|
|
|
|
|
|
|
flash("You have been successfully logged out.", "success")
|
|
|
|
return redirect(url_for("index"))
|
|
|
|
|
|
|
|
return app
|