binarybeach/bb-plane-fork
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[WEB-1319] chore: handled redirection when user is not logged in (#4497)

Browse source 
* chore: handled redirection when user is not logged in

* dev: handle url redirection in space app

* dev: remove user from redis on successful code matching
This commit is contained in:
guru_sainath 2024-05-17 14:27:49 +05:30 committed by GitHub
parent c2e293cf3b
commit 2988d5e429
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
14 changed files with 119 additions and 175 deletions
Download patch file Download diff file Expand all files Collapse all files

2
apiserver/plane/authentication/provider/credentials/magic_code.py
View file

@ -125,6 +125,8 @@ class MagicCodeProvider(CredentialAdapter):
},
}
)
# Delete the token from redis if the code match is successful
ri.delete(self.key)
return
else:
raise AuthenticationException(

72
apiserver/plane/authentication/views/space/email.py
View file

@ -1,5 +1,5 @@
# Python imports
from urllib.parse import urlencode, urljoin
from urllib.parse import urlencode
# Django imports
from django.core.exceptions import ValidationError
@ -36,10 +36,7 @@ class SignInAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
# set the referer as session to redirect after login
@ -58,10 +55,7 @@ class SignInAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
# Validate email
@ -77,10 +71,7 @@ class SignInAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
# Existing User
@ -95,10 +86,7 @@ class SignInAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
if not existing_user.is_active:
@ -111,10 +99,7 @@ class SignInAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
try:
@ -125,19 +110,13 @@ class SignInAuthSpaceEndpoint(View):
# Login the user and record his device info
user_login(request=request, user=user, is_space=True)
# redirect to next path
url = urljoin(
base_host(request=request, is_space=True),
str(next_path) if next_path else "",
)
url = f"{base_host(request=request, is_space=True)}{str(next_path) if next_path else ''}"
return HttpResponseRedirect(url)
except AuthenticationException as e:
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
@ -158,10 +137,7 @@ class SignUpAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
email = request.POST.get("email", False)
@ -179,10 +155,7 @@ class SignUpAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
# Validate the email
email = email.strip().lower()
@ -198,10 +171,7 @@ class SignUpAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
# Existing User
@ -218,10 +188,7 @@ class SignUpAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
exc = AuthenticationException(
@ -232,10 +199,7 @@ class SignUpAuthSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
try:
@ -246,17 +210,11 @@ class SignUpAuthSpaceEndpoint(View):
# Login the user and record his device info
user_login(request=request, user=user, is_space=True)
# redirect to referer path
url = urljoin(
base_host(request=request, is_space=True),
str(next_path) if next_path else "",
)
url = f"{base_host(request=request, is_space=True)}{str(next_path) if next_path else ''}"
return HttpResponseRedirect(url)
except AuthenticationException as e:
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)

29
apiserver/plane/authentication/views/space/github.py
View file

@ -1,6 +1,6 @@
# Python imports
import uuid
from urllib.parse import urlencode, urljoin
from urllib.parse import urlencode
# Django import
from django.http import HttpResponseRedirect
@ -38,10 +38,7 @@ class GitHubOauthInitiateSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
try:
@ -54,10 +51,7 @@ class GitHubOauthInitiateSpaceEndpoint(View):
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
@ -79,10 +73,7 @@ class GitHubCallbackSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host,
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
if not code:
@ -95,10 +86,7 @@ class GitHubCallbackSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host,
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
try:
@ -111,14 +99,11 @@ class GitHubCallbackSpaceEndpoint(View):
user_login(request=request, user=user, is_space=True)
# Process workspace and project invitations
# redirect to referer path
url = urljoin(base_host, str(next_path) if next_path else "")
url = f"{base_host(request=request, is_space=True)}{str(next_path) if next_path else ''}"
return HttpResponseRedirect(url)
except AuthenticationException as e:
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host,
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)

31
apiserver/plane/authentication/views/space/google.py
View file

@ -1,6 +1,6 @@
# Python imports
import uuid
from urllib.parse import urlencode, urljoin
from urllib.parse import urlencode
# Django import
from django.http import HttpResponseRedirect
@ -36,10 +36,7 @@ class GoogleOauthInitiateSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
try:
@ -52,10 +49,7 @@ class GoogleOauthInitiateSpaceEndpoint(View):
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
@ -76,10 +70,7 @@ class GoogleCallbackSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host,
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
if not code:
exc = AuthenticationException(
@ -91,10 +82,7 @@ class GoogleCallbackSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = next_path
url = urljoin(
base_host,
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
try:
provider = GoogleOAuthProvider(
@ -105,16 +93,11 @@ class GoogleCallbackSpaceEndpoint(View):
# Login the user and record his device info
user_login(request=request, user=user, is_space=True)
# redirect to referer path
url = urljoin(
base_host, str(next_path) if next_path else "/spaces"
)
url = f"{base_host(request=request, is_space=True)}{str(next_path) if next_path else ''}"
return HttpResponseRedirect(url)
except AuthenticationException as e:
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host,
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)

44
apiserver/plane/authentication/views/space/magic.py
View file

@ -1,5 +1,5 @@
# Python imports
from urllib.parse import urlencode, urljoin
from urllib.parse import urlencode
# Django imports
from django.core.validators import validate_email
@ -84,10 +84,7 @@ class MagicSignInSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
existing_user = User.objects.filter(email=email).first()
@ -100,10 +97,7 @@ class MagicSignInSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
# Active User
@ -117,10 +111,7 @@ class MagicSignInSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
try:
provider = MagicCodeProvider(
@ -136,17 +127,14 @@ class MagicSignInSpaceEndpoint(View):
else:
# Get the redirection path
path = str(next_path) if next_path else ""
url = urljoin(base_host(request=request, is_space=True), path)
url = f"{base_host(request=request, is_space=True)}{path}"
return HttpResponseRedirect(url)
except AuthenticationException as e:
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
@ -169,10 +157,7 @@ class MagicSignUpSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
# Existing User
existing_user = User.objects.filter(email=email).first()
@ -185,10 +170,7 @@ class MagicSignUpSpaceEndpoint(View):
params = exc.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)
try:
@ -199,18 +181,12 @@ class MagicSignUpSpaceEndpoint(View):
# Login the user and record his device info
user_login(request=request, user=user, is_space=True)
# redirect to referer path
url = urljoin(
base_host(request=request, is_space=True),
str(next_path) if next_path else "spaces",
)
url = f"{base_host(request=request, is_space=True)}{str(next_path) if next_path else ''}"
return HttpResponseRedirect(url)
except AuthenticationException as e:
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}?{urlencode(params)}"
return HttpResponseRedirect(url)

23
apiserver/plane/authentication/views/space/password_management.py
View file

@ -1,6 +1,6 @@
# Python imports
import os
from urllib.parse import urlencode, urljoin
from urllib.parse import urlencode
# Third party imports
from rest_framework import status
@ -145,10 +145,7 @@ class ResetPasswordSpaceEndpoint(View):
error_message="INVALID_PASSWORD_TOKEN",
)
params = exc.get_error_dict()
url = urljoin(
base_host(request=request, is_space=True),
"accounts/reset-password?" + urlencode(params),
)
url = f"{base_host(request=request, is_space=True)}/accounts/reset-password/?{urlencode(params)}"
return HttpResponseRedirect(url)
password = request.POST.get("password", False)
@ -158,10 +155,7 @@ class ResetPasswordSpaceEndpoint(View):
error_code=AUTHENTICATION_ERROR_CODES["INVALID_PASSWORD"],
error_message="INVALID_PASSWORD",
)
url = urljoin(
base_host(request=request, is_space=True),
"?" + urlencode(exc.get_error_dict()),
)
url = f"{base_host(request=request, is_space=True)}/accounts/reset-password/?{urlencode(exc.get_error_dict())}"
return HttpResponseRedirect(url)
# Check the password complexity
@ -171,11 +165,7 @@ class ResetPasswordSpaceEndpoint(View):
error_code=AUTHENTICATION_ERROR_CODES["INVALID_PASSWORD"],
error_message="INVALID_PASSWORD",
)
url = urljoin(
base_host(request=request, is_space=True),
"accounts/reset-password?"
+ urlencode(exc.get_error_dict()),
)
url = f"{base_host(request=request, is_space=True)}/accounts/reset-password/?{urlencode(exc.get_error_dict())}"
return HttpResponseRedirect(url)
# set_password also hashes the password that the user will get
@ -193,8 +183,5 @@ class ResetPasswordSpaceEndpoint(View):
],
error_message="EXPIRED_PASSWORD_TOKEN",
)
url = urljoin(
base_host(request=request, is_space=True),
"accounts/reset-password?" + urlencode(exc.get_error_dict()),
)
url = f"{base_host(request=request, is_space=True)}/accounts/reset-password/?{urlencode(exc.get_error_dict())}"
return HttpResponseRedirect(url)