binarybeach/bb-plane-fork
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: authentication redirection and UI (#4432)

Browse source 
* dev: update python version

* dev: handle magic code attempt exhausted

* dev: update app, space and god mode redirection paths

* fix: handled signup and signin workflow

* chore: auth input error indication and autofill styling improvement

* dev: add app redirection urls

* dev: update redirections

* chore: onboarding improvement

* chore: onboarding improvement

* chore: redirection issue in space resolved

* chore: instance empty state added

* dev: fix app, space, admin redirection in docker setitngs

---------

Co-authored-by: guru_sainath <gurusainath007@gmail.com>
Co-authored-by: Anmol Singh Bhatia <anmolsinghbhatia@plane.so>
This commit is contained in:
Nikhil 2024-05-10 17:30:38 +05:30 committed by GitHub
parent 2d1201cc92
commit 88ebda42ff
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
49 changed files with 1336 additions and 541 deletions
Download patch file Download diff file Expand all files Collapse all files

75
apiserver/plane/authentication/adapter/error.py
View file

@ -1,51 +1,52 @@
AUTHENTICATION_ERROR_CODES = {
# Global
"INSTANCE_NOT_CONFIGURED": 5000,
"INVALID_EMAIL": 5012,
"EMAIL_REQUIRED": 5013,
"SIGNUP_DISABLED": 5001,
"INVALID_EMAIL": 5005,
"EMAIL_REQUIRED": 5010,
"SIGNUP_DISABLED": 5015,
# Password strength
"INVALID_PASSWORD": 5002,
"SMTP_NOT_CONFIGURED": 5007,
"INVALID_PASSWORD": 5020,
"SMTP_NOT_CONFIGURED": 5025,
# Sign Up
"USER_ALREADY_EXIST": 5003,
"AUTHENTICATION_FAILED_SIGN_UP": 5006,
"REQUIRED_EMAIL_PASSWORD_SIGN_UP": 5015,
"INVALID_EMAIL_SIGN_UP": 5017,
"INVALID_EMAIL_MAGIC_SIGN_UP": 5019,
"MAGIC_SIGN_UP_EMAIL_CODE_REQUIRED": 5023,
"USER_ALREADY_EXIST": 5030,
"AUTHENTICATION_FAILED_SIGN_UP": 5035,
"REQUIRED_EMAIL_PASSWORD_SIGN_UP": 5040,
"INVALID_EMAIL_SIGN_UP": 5045,
"INVALID_EMAIL_MAGIC_SIGN_UP": 5050,
"MAGIC_SIGN_UP_EMAIL_CODE_REQUIRED": 5055,
# Sign In
"USER_DOES_NOT_EXIST": 5004,
"AUTHENTICATION_FAILED_SIGN_IN": 5005,
"REQUIRED_EMAIL_PASSWORD_SIGN_IN": 5014,
"INVALID_EMAIL_SIGN_IN": 5016,
"INVALID_EMAIL_MAGIC_SIGN_IN": 5018,
"MAGIC_SIGN_IN_EMAIL_CODE_REQUIRED": 5022,
# Both Sign in and Sign up
"INVALID_MAGIC_CODE": 5008,
"EXPIRED_MAGIC_CODE": 5009,
"USER_DOES_NOT_EXIST": 5060,
"AUTHENTICATION_FAILED_SIGN_IN": 5065,
"REQUIRED_EMAIL_PASSWORD_SIGN_IN": 5070,
"INVALID_EMAIL_SIGN_IN": 5075,
"INVALID_EMAIL_MAGIC_SIGN_IN": 5080,
"MAGIC_SIGN_IN_EMAIL_CODE_REQUIRED": 5085,
# Both Sign in and Sign up for magic
"INVALID_MAGIC_CODE": 5090,
"EXPIRED_MAGIC_CODE": 5095,
"EMAIL_CODE_ATTEMPT_EXHAUSTED": 5100,
# Oauth
"GOOGLE_NOT_CONFIGURED": 5010,
"GITHUB_NOT_CONFIGURED": 5011,
"GOOGLE_OAUTH_PROVIDER_ERROR": 5021,
"GITHUB_OAUTH_PROVIDER_ERROR": 5020,
"GOOGLE_NOT_CONFIGURED": 5105,
"GITHUB_NOT_CONFIGURED": 5110,
"GOOGLE_OAUTH_PROVIDER_ERROR": 5115,
"GITHUB_OAUTH_PROVIDER_ERROR": 5120,
# Reset Password
"INVALID_PASSWORD_TOKEN": 5024,
"EXPIRED_PASSWORD_TOKEN": 5025,
"INVALID_PASSWORD_TOKEN": 5125,
"EXPIRED_PASSWORD_TOKEN": 5130,
# Change password
"INCORRECT_OLD_PASSWORD": 5026,
"INVALID_NEW_PASSWORD": 5027,
"INCORRECT_OLD_PASSWORD": 5135,
"INVALID_NEW_PASSWORD": 5140,
# set passowrd
"PASSWORD_ALREADY_SET": 5028,
"PASSWORD_ALREADY_SET": 5145,
# Admin
"ADMIN_ALREADY_EXIST": 5029,
"REQUIRED_ADMIN_EMAIL_PASSWORD_FIRST_NAME": 5030,
"INVALID_ADMIN_EMAIL": 5031,
"INVALID_ADMIN_PASSWORD": 5032,
"REQUIRED_ADMIN_EMAIL_PASSWORD": 5033,
"ADMIN_AUTHENTICATION_FAILED": 5034,
"ADMIN_USER_ALREADY_EXIST": 5035,
"ADMIN_USER_DOES_NOT_EXIST": 5036,
"ADMIN_ALREADY_EXIST": 5150,
"REQUIRED_ADMIN_EMAIL_PASSWORD_FIRST_NAME": 5155,
"INVALID_ADMIN_EMAIL": 5160,
"INVALID_ADMIN_PASSWORD": 5165,
"REQUIRED_ADMIN_EMAIL_PASSWORD": 5170,
"ADMIN_AUTHENTICATION_FAILED": 5175,
"ADMIN_USER_ALREADY_EXIST": 5180,
"ADMIN_USER_DOES_NOT_EXIST": 5185,
}

8
apiserver/plane/authentication/provider/credentials/magic_code.py
View file

@ -77,7 +77,13 @@ class MagicCodeProvider(CredentialAdapter):
current_attempt = data["current_attempt"] + 1
if data["current_attempt"] > 2:
return key, ""
raise AuthenticationException(
error_code=AUTHENTICATION_ERROR_CODES[
"EMAIL_CODE_ATTEMPT_EXHAUSTED"
],
error_message="EMAIL_CODE_ATTEMPT_EXHAUSTED",
payload={"email": self.key},
)
value = {
"current_attempt": current_attempt,

35
apiserver/plane/authentication/utils/host.py
View file

@ -5,21 +5,38 @@ from urllib.parse import urlsplit
from django.conf import settings
def base_host(request, is_admin=False, is_space=False):
def base_host(request, is_admin=False, is_space=False, is_app=False):
"""Utility function to return host / origin from the request"""
if is_admin and settings.ADMIN_BASE_URL:
return settings.ADMIN_BASE_URL
if is_space and settings.SPACE_BASE_URL:
return settings.SPACE_BASE_URL
return (
# Calculate the base origin from request
base_origin = str(
request.META.get("HTTP_ORIGIN")
or f"{urlsplit(request.META.get('HTTP_REFERER')).scheme}://{urlsplit(request.META.get('HTTP_REFERER')).netloc}"
or f"""{"https" if request.is_secure() else "http"}://{request.get_host()}"""
)
# Admin redirections
if is_admin:
if settings.ADMIN_BASE_URL:
return settings.ADMIN_BASE_URL
else:
return base_origin + "/god-mode/"
# Space redirections
if is_space:
if settings.SPACE_BASE_URL:
return settings.SPACE_BASE_URL
else:
return base_origin + "/spaces/"
# App Redirection
if is_app:
if settings.APP_BASE_URL:
return settings.APP_BASE_URL
else:
return base_origin
return base_origin
def user_ip(request):
return str(request.META.get("REMOTE_ADDR"))

9
apiserver/plane/authentication/utils/login.py
View file

@ -5,12 +5,17 @@ from django.contrib.auth import login
from plane.authentication.utils.host import base_host
def user_login(request, user):
def user_login(request, user, is_app=False, is_admin=False, is_space=False):
login(request=request, user=user)
device_info = {
"user_agent": request.META.get("HTTP_USER_AGENT", ""),
"ip_address": request.META.get("REMOTE_ADDR", ""),
"domain": base_host(request=request),
"domain": base_host(
request=request,
is_app=is_app,
is_admin=is_admin,
is_space=is_space,
),
}
request.session["device_info"] = device_info
request.session.save()

38
apiserver/plane/authentication/views/app/email.py
View file

@ -42,8 +42,8 @@ class SignInAuthEndpoint(View):
params["next_path"] = str(next_path)
# Base URL join
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode(params),
base_host(request=request, is_app=True),
"sign-in?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -66,8 +66,8 @@ class SignInAuthEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode(params),
base_host(request=request, is_app=True),
"sign-in?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -85,8 +85,8 @@ class SignInAuthEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode(params),
base_host(request=request, is_app=True),
"sign-in?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -100,8 +100,8 @@ class SignInAuthEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode(params),
base_host(request=request, is_app=True),
"sign-in?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -111,7 +111,7 @@ class SignInAuthEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_app=True)
# Process workspace and project invitations
process_workspace_project_invitations(user=user)
# Get the redirection path
@ -121,15 +121,15 @@ class SignInAuthEndpoint(View):
path = get_redirection_path(user=user)
# redirect to referer path
url = urljoin(base_host(request=request), path)
url = urljoin(base_host(request=request, is_app=True), path)
return HttpResponseRedirect(url)
except AuthenticationException as e:
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode(params),
base_host(request=request, is_app=True),
"sign-in?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -152,7 +152,7 @@ class SignUpAuthEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -173,7 +173,7 @@ class SignUpAuthEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -192,7 +192,7 @@ class SignUpAuthEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -207,7 +207,7 @@ class SignUpAuthEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -218,7 +218,7 @@ class SignUpAuthEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_app=True)
# Process workspace and project invitations
process_workspace_project_invitations(user=user)
# Get the redirection path
@ -227,14 +227,14 @@ class SignUpAuthEndpoint(View):
else:
path = get_redirection_path(user=user)
# redirect to referer path
url = urljoin(base_host(request=request), path)
url = urljoin(base_host(request=request, is_app=True), path)
return HttpResponseRedirect(url)
except AuthenticationException as e:
params = e.get_error_dict()
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)

8
apiserver/plane/authentication/views/app/github.py
View file

@ -24,7 +24,7 @@ class GitHubOauthInitiateEndpoint(View):
def get(self, request):
# Get host and next path
request.session["host"] = base_host(request=request)
request.session["host"] = base_host(request=request, is_app=True)
next_path = request.GET.get("next_path")
if next_path:
request.session["next_path"] = str(next_path)
@ -42,7 +42,7 @@ class GitHubOauthInitiateEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -57,7 +57,7 @@ class GitHubOauthInitiateEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -110,7 +110,7 @@ class GitHubCallbackEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_app=True)
# Process workspace and project invitations
process_workspace_project_invitations(user=user)
# Get the redirection path

8
apiserver/plane/authentication/views/app/google.py
View file

@ -24,7 +24,7 @@ from plane.authentication.adapter.error import (
class GoogleOauthInitiateEndpoint(View):
def get(self, request):
request.session["host"] = base_host(request=request)
request.session["host"] = base_host(request=request, is_app=True)
next_path = request.GET.get("next_path")
if next_path:
request.session["next_path"] = str(next_path)
@ -42,7 +42,7 @@ class GoogleOauthInitiateEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -58,7 +58,7 @@ class GoogleOauthInitiateEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -108,7 +108,7 @@ class GoogleCallbackEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_app=True)
# Process workspace and project invitations
process_workspace_project_invitations(user=user)
# Get the redirection path

26
apiserver/plane/authentication/views/app/magic.py
View file

@ -90,8 +90,8 @@ class MagicSignInEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode(params),
base_host(request=request, is_app=True),
"sign-in?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -104,8 +104,8 @@ class MagicSignInEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode(params),
base_host(request=request, is_app=True),
"sign-in?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -116,7 +116,7 @@ class MagicSignInEndpoint(View):
user = provider.authenticate()
profile = Profile.objects.get(user=user)
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_app=True)
# Process workspace and project invitations
process_workspace_project_invitations(user=user)
if user.is_password_autoset and profile.is_onboarded:
@ -129,7 +129,7 @@ class MagicSignInEndpoint(View):
else str(process_workspace_project_invitations(user=user))
)
# redirect to referer path
url = urljoin(base_host(request=request), path)
url = urljoin(base_host(request=request, is_app=True), path)
return HttpResponseRedirect(url)
except AuthenticationException as e:
@ -137,8 +137,8 @@ class MagicSignInEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode(params),
base_host(request=request, is_app=True),
"sign-in?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -163,7 +163,7 @@ class MagicSignUpEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -177,7 +177,7 @@ class MagicSignUpEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -188,7 +188,7 @@ class MagicSignUpEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_app=True)
# Process workspace and project invitations
process_workspace_project_invitations(user=user)
# Get the redirection path
@ -197,7 +197,7 @@ class MagicSignUpEndpoint(View):
else:
path = get_redirection_path(user=user)
# redirect to referer path
url = urljoin(base_host(request=request), path)
url = urljoin(base_host(request=request, is_app=True), path)
return HttpResponseRedirect(url)
except AuthenticationException as e:
@ -205,7 +205,7 @@ class MagicSignUpEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)

15
apiserver/plane/authentication/views/app/password_management.py
View file

@ -146,7 +146,7 @@ class ResetPasswordEndpoint(View):
)
params = exc.get_error_dict()
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"accounts/reset-password?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -159,8 +159,9 @@ class ResetPasswordEndpoint(View):
error_message="INVALID_PASSWORD",
)
url = urljoin(
base_host(request=request),
"?" + urlencode(exc.get_error_dict()),
base_host(request=request, is_app=True),
"accounts/reset-password?"
+ urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -172,7 +173,7 @@ class ResetPasswordEndpoint(View):
error_message="INVALID_PASSWORD",
)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"accounts/reset-password?"
+ urlencode(exc.get_error_dict()),
)
@ -184,8 +185,8 @@ class ResetPasswordEndpoint(View):
user.save()
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode({"success": True}),
base_host(request=request, is_app=True),
"sign-in?" + urlencode({"success": True}),
)
return HttpResponseRedirect(url)
except DjangoUnicodeDecodeError:
@ -196,7 +197,7 @@ class ResetPasswordEndpoint(View):
error_message="EXPIRED_PASSWORD_TOKEN",
)
url = urljoin(
base_host(request=request),
base_host(request=request, is_app=True),
"accounts/reset-password?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)

9
apiserver/plane/authentication/views/app/signout.py
View file

@ -1,5 +1,5 @@
# Python imports
from urllib.parse import urlencode, urljoin
from urllib.parse import urljoin
# Django imports
from django.views import View
@ -23,12 +23,9 @@ class SignOutAuthEndpoint(View):
user.save()
# Log the user out
logout(request)
url = urljoin(
base_host(request=request),
"accounts/sign-in?" + urlencode({"success": "true"}),
)
url = urljoin(base_host(request=request, is_app=True), "sign-in")
return HttpResponseRedirect(url)
except Exception:
return HttpResponseRedirect(
base_host(request=request), "accounts/sign-in"
base_host(request=request, is_app=True), "sign-in"
)

4
apiserver/plane/authentication/views/common.py
View file

@ -70,7 +70,7 @@ class ChangePasswordEndpoint(APIView):
user.set_password(serializer.data.get("new_password"))
user.is_password_autoset = False
user.save()
user_login(user=user, request=request)
user_login(user=user, request=request, is_app=True)
return Response(
{"message": "Password updated successfully"},
status=status.HTTP_200_OK,
@ -131,7 +131,7 @@ class SetUserPasswordEndpoint(APIView):
user.is_password_autoset = False
user.save()
# Login the user as the session is invalidated
user_login(user=user, request=request)
user_login(user=user, request=request, is_app=True)
# Return the user
serializer = UserSerializer(user)
return Response(serializer.data, status=status.HTTP_200_OK)

28
apiserver/plane/authentication/views/space/email.py
View file

@ -38,7 +38,7 @@ class SignInAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -60,7 +60,7 @@ class SignInAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces/accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -79,7 +79,7 @@ class SignInAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces/accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -94,7 +94,7 @@ class SignInAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces/accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -104,11 +104,11 @@ class SignInAuthSpaceEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_space=True)
# redirect to next path
url = urljoin(
base_host(request=request, is_space=True),
str(next_path) if next_path else "/",
str(next_path) if next_path else "",
)
return HttpResponseRedirect(url)
except AuthenticationException as e:
@ -117,7 +117,7 @@ class SignInAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces/accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -141,7 +141,7 @@ class SignUpAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -162,7 +162,7 @@ class SignUpAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
# Validate the email
@ -181,7 +181,7 @@ class SignUpAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -196,7 +196,7 @@ class SignUpAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -206,11 +206,11 @@ class SignUpAuthSpaceEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_space=True)
# redirect to referer path
url = urljoin(
base_host(request=request, is_space=True),
str(next_path) if next_path else "spaces",
str(next_path) if next_path else "",
)
return HttpResponseRedirect(url)
except AuthenticationException as e:
@ -219,6 +219,6 @@ class SignUpAuthSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)

6
apiserver/plane/authentication/views/space/github.py
View file

@ -55,7 +55,7 @@ class GitHubOauthInitiateSpaceEndpoint(View):
if next_path:
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request),
base_host(request=request, is_space=True),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -108,10 +108,10 @@ class GitHubCallbackSpaceEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_space=True)
# Process workspace and project invitations
# redirect to referer path
url = urljoin(base_host, str(next_path) if next_path else "/")
url = urljoin(base_host, str(next_path) if next_path else "")
return HttpResponseRedirect(url)
except AuthenticationException as e:
params = e.get_error_dict()

2
apiserver/plane/authentication/views/space/google.py
View file

@ -103,7 +103,7 @@ class GoogleCallbackSpaceEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_space=True)
# redirect to referer path
url = urljoin(
base_host, str(next_path) if next_path else "/spaces"

18
apiserver/plane/authentication/views/space/magic.py
View file

@ -86,7 +86,7 @@ class MagicSignInSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces/accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -99,7 +99,7 @@ class MagicSignInSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -109,14 +109,14 @@ class MagicSignInSpaceEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_space=True)
# redirect to referer path
profile = Profile.objects.get(user=user)
if user.is_password_autoset and profile.is_onboarded:
path = "spaces/accounts/set-password"
path = "accounts/set-password"
else:
# Get the redirection path
path = str(next_path) if next_path else "spaces"
path = str(next_path) if next_path else ""
url = urljoin(base_host(request=request, is_space=True), path)
return HttpResponseRedirect(url)
@ -126,7 +126,7 @@ class MagicSignInSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces/accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -152,7 +152,7 @@ class MagicSignUpSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces/accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)
@ -176,7 +176,7 @@ class MagicSignUpSpaceEndpoint(View):
)
user = provider.authenticate()
# Login the user and record his device info
user_login(request=request, user=user)
user_login(request=request, user=user, is_space=True)
# redirect to referer path
url = urljoin(
base_host(request=request, is_space=True),
@ -190,6 +190,6 @@ class MagicSignUpSpaceEndpoint(View):
params["next_path"] = str(next_path)
url = urljoin(
base_host(request=request, is_space=True),
"spaces/accounts/sign-in?" + urlencode(params),
"?" + urlencode(params),
)
return HttpResponseRedirect(url)

6
apiserver/plane/authentication/views/space/password_management.py
View file

@ -183,11 +183,9 @@ class ResetPasswordSpaceEndpoint(View):
user.is_password_autoset = False
user.save()
url = urljoin(
base_host(request=request, is_space=True),
"accounts/sign-in?" + urlencode({"success": True}),
return HttpResponseRedirect(
base_host(request=request, is_space=True)
)
return HttpResponseRedirect(url)
except DjangoUnicodeDecodeError:
exc = AuthenticationException(
error_code=AUTHENTICATION_ERROR_CODES[

8
apiserver/plane/authentication/views/space/signout.py
View file

@ -23,12 +23,10 @@ class SignOutAuthSpaceEndpoint(View):
user.save()
# Log the user out
logout(request)
url = urljoin(
base_host(request=request, is_space=True),
"accounts/sign-in?" + urlencode({"success": "true"}),
return HttpResponseRedirect(
base_host(request=request, is_space=True)
)
return HttpResponseRedirect(url)
except Exception:
return HttpResponseRedirect(
base_host(request=request, is_space=True), "accounts/sign-in"
base_host(request=request, is_space=True)
)

43
apiserver/plane/license/api/views/admin.py
View file

@ -107,7 +107,7 @@ class InstanceAdminSignUpEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/setup?" + urlencode(exc.get_error_dict()),
"setup?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -119,7 +119,7 @@ class InstanceAdminSignUpEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/setup?" + urlencode(exc.get_error_dict()),
"setup?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -148,7 +148,7 @@ class InstanceAdminSignUpEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/setup?" + urlencode(exc.get_error_dict()),
"setup?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -170,7 +170,7 @@ class InstanceAdminSignUpEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/setup?" + urlencode(exc.get_error_dict()),
"setup?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -192,7 +192,7 @@ class InstanceAdminSignUpEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/setup?" + urlencode(exc.get_error_dict()),
"setup?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
else:
@ -214,7 +214,7 @@ class InstanceAdminSignUpEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/setup?" + urlencode(exc.get_error_dict()),
"setup?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -247,10 +247,8 @@ class InstanceAdminSignUpEndpoint(View):
instance.save()
# get tokens for user
user_login(request=request, user=user)
url = urljoin(
base_host(request=request, is_admin=True), "god-mode/general"
)
user_login(request=request, user=user, is_admin=True)
url = urljoin(base_host(request=request, is_admin=True), "general")
return HttpResponseRedirect(url)
@ -272,7 +270,7 @@ class InstanceAdminSignInEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/login?" + urlencode(exc.get_error_dict()),
"?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -293,7 +291,7 @@ class InstanceAdminSignInEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/login?" + urlencode(exc.get_error_dict()),
"?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -311,7 +309,7 @@ class InstanceAdminSignInEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/login?" + urlencode(exc.get_error_dict()),
"?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -331,7 +329,7 @@ class InstanceAdminSignInEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/login?" + urlencode(exc.get_error_dict()),
"?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -348,7 +346,7 @@ class InstanceAdminSignInEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/login?" + urlencode(exc.get_error_dict()),
"?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
@ -365,7 +363,7 @@ class InstanceAdminSignInEndpoint(View):
)
url = urljoin(
base_host(request=request, is_admin=True),
"god-mode/login?" + urlencode(exc.get_error_dict()),
"?" + urlencode(exc.get_error_dict()),
)
return HttpResponseRedirect(url)
# settings last active for the user
@ -378,10 +376,8 @@ class InstanceAdminSignInEndpoint(View):
user.save()
# get tokens for user
user_login(request=request, user=user)
url = urljoin(
base_host(request=request, is_admin=True), "god-mode/general"
)
user_login(request=request, user=user, is_admin=True)
url = urljoin(base_host(request=request, is_admin=True), "general")
return HttpResponseRedirect(url)
@ -414,12 +410,9 @@ class InstanceAdminSignOutEndpoint(View):
user.save()
# Log the user out
logout(request)
url = urljoin(
base_host(request=request, is_admin=True),
"accounts/sign-in?" + urlencode({"success": "true"}),
)
url = urljoin(base_host(request=request, is_admin=True))
return HttpResponseRedirect(url)
except Exception:
return HttpResponseRedirect(
base_host(request=request, is_admin=True), "accounts/sign-in"
base_host(request=request, is_admin=True)
)

2
apiserver/plane/settings/common.py
View file

@ -346,4 +346,4 @@ CSRF_COOKIE_DOMAIN = os.environ.get("COOKIE_DOMAIN", None)
# Base URLs
ADMIN_BASE_URL = os.environ.get("ADMIN_BASE_URL", None)
SPACE_BASE_URL = os.environ.get("SPACE_BASE_URL", None)
APP_BASE_URL = os.environ.get("ADMIN_BASE_URL", None)
APP_BASE_URL = os.environ.get("APP_BASE_URL") or os.environ.get("WEB_URL")

8
apiserver/plane/settings/local.py
View file

@ -35,10 +35,10 @@ CORS_ALLOWED_ORIGINS = [
"http://127.0.0.1",
"http://localhost:3000",
"http://127.0.0.1:3000",
"http://localhost:4000",
"http://127.0.0.1:4000",
"http://localhost:3333",
"http://127.0.0.1:3333",
"http://localhost:3001",
"http://127.0.0.1:3001",
"http://localhost:3002",
"http://127.0.0.1:3002",
]
CSRF_TRUSTED_ORIGINS = CORS_ALLOWED_ORIGINS
CORS_ALLOW_ALL_ORIGINS = True

2
apiserver/plane/settings/production.py
View file

@ -12,8 +12,6 @@ SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
INSTALLED_APPS += ("scout_apm.django",) # noqa
# Honor the 'X-Forwarded-Proto' header for request.is_secure()
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
# Scout Settings
SCOUT_MONITOR = os.environ.get("SCOUT_MONITOR", False)

2
apiserver/runtime.txt
View file

@ -1 +1 @@
python-3.11.9
python-3.12.3