Add logout

0e28056a · Frank Sauerburger · 237de5d4 · 0e28056a · 0e28056a · 0e28056a
Verified Commit 0e28056a authored 4 years ago by Frank Sauerburger
--- a/uhepp_org/uhepp_org/settings.py
+++ b/uhepp_org/uhepp_org/settings.py
@@ -28,10 +28,17 @@ ALLOWED_HOSTS = ['*']


 # Application definition
-
-OIDC_RP_CLIENT_ID = 'uhepp-dev'
 OIDC_RP_CLIENT_SECRET = os.environ['OIDC_RP_CLIENT_SECRET']

+if DEBUG:
+    OIDC_RP_CLIENT_ID = 'uhepp-dev'
+    LOGIN_REDIRECT_URL = "http://dev.uhepp.org:8000/account/"
+    LOGOUT_REDIRECT_URL = "http://dev.uhepp.org:8000/"
+else:
+    OIDC_RP_CLIENT_ID = 'uhepp'
+    LOGIN_REDIRECT_URL = "https://uhepp.org/account/"
+    LOGOUT_REDIRECT_URL = "https://uhepp.org/"
+
 OIDC_RP_SIGN_ALGO = "RS256"
 OIDC_OP_JWKS_ENDPOINT = "https://auth.cern.ch/auth/realms/cern/protocol/openid-connect/certs"

@@ -39,8 +46,6 @@ OIDC_OP_AUTHORIZATION_ENDPOINT = "https://auth.cern.ch/auth/realms/cern/protocol
 OIDC_OP_TOKEN_ENDPOINT = "https://auth.cern.ch/auth/realms/cern/protocol/openid-connect/token"
 OIDC_OP_USER_ENDPOINT = "https://auth.cern.ch/auth/realms/cern/protocol/openid-connect/userinfo"

-LOGIN_REDIRECT_URL = "http://dev.uhepp.org:8000/accounts/"
-LOGOUT_REDIRECT_URL = "https://uhepp.org/"

 OIDC_RP_SCOPES = 'openid'
 OIDC_APP_NAME = "uhepp-dev"

--- a/uhepp_org/uhepp_vault/templates/uhepp_vault/base.html
+++ b/uhepp_org/uhepp_vault/templates/uhepp_vault/base.html
@@ -56,13 +56,13 @@
          Account
        </a>
        <div class="dropdown-menu" aria-labelledby="navbarDropdown">
-          <a class="dropdown-item" href="/logout">Logout</a>
-          <a class="dropdown-item" href="/account">Settings</a>
-          <a class="dropdown-item" href="/tokens">API tokens</a>
-	      <div class="dropdown-divider"></div>
          <a class="dropdown-item"
             href="{% url 'uhepp_vault:user-detail' request.user.username %}">
             {{ request.user }}</a>
+  	      <div class="dropdown-divider"></div>
+          <a class="dropdown-item" href="/tokens">API tokens</a>
+          <a class="dropdown-item" href="/account">Settings</a>
+          <a class="dropdown-item" href="/logout">Logout</a>
        </div>
      </li>
      {% endif %}

--- a/uhepp_org/uhepp_vault/templates/uhepp_vault/logout.html
+++ b/uhepp_org/uhepp_vault/templates/uhepp_vault/logout.html
+{% extends 'uhepp_vault/base.html' %}
+{% load pygmentify_tags %}
+
+{% block content %}
+<h1>Logout</h2>
+<form action="{% url 'oidc_logout' %}" method="post"> {% csrf_token %}
+    <input type="submit" value="logout">
+</form>
+{% endblock %}
--- a/uhepp_org/uhepp_vault/urls.py
+++ b/uhepp_org/uhepp_vault/urls.py
@@ -9,6 +9,7 @@ urlpatterns = [
    path('getting-started', views.GettingStartedView.as_view(), name='getting-started'),
    path('account/', views.AccountEditView.as_view(), name='account-detail'),
    path('login/', auth_views.LoginView.as_view()),
+    path('logout/', views.logout, name='logout'),
    path('tokens/', views.TokenListView.as_view(), name='token-list'),
    path('tokens/new', views.TokenCreateView.as_view(), name='token-create'),
    path('tokens/<int:pk>', views.TokenDeleteView.as_view(), name='token-delete'),

--- a/uhepp_org/uhepp_vault/views.py
+++ b/uhepp_org/uhepp_vault/views.py
@@ -5,7 +5,7 @@ from django.contrib.auth.mixins import LoginRequiredMixin
 from django.http import JsonResponse, HttpResponseRedirect, \
                        HttpResponseForbidden
 from django.urls import reverse, reverse_lazy
-from django.shortcuts import get_object_or_404
+from django.shortcuts import get_object_or_404, redirect, render
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth.models import User, Group
 from django.utils.translation import gettext_lazy as _
@@ -209,3 +209,10 @@ def plot_download(request, uuid):

 class GettingStartedView(generic.TemplateView):
    template_name = "uhepp_vault/getting_started.html"
+
+
+def logout(request):
+    if request.user.is_authenticated:
+        return render(request, "uhepp_vault/logout.html")
+    else:
+        return redirect(reverse("uhepp_vault:home"))