feat: Add HNS Login to HNS Links

2024-06-19 14:21:57 +10:00 · 2024-06-19 14:21:57 +10:00 · de2ffd022a
commit de2ffd022a
parent e844936a00
2 changed files with 41 additions and 1 deletions
--- a/main.py
+++ b/main.py
@ -69,7 +69,7 @@ def index():
            for i in cookies:
                if i['cookie'] == auth:
                    return render_template('index.html',varo="window.location = '/site';", year=datetime.datetime.now().year)
-        return render_template('index.html',varo=render.varo_login(), year=datetime.datetime.now().year)
+        return render_template('index.html',varo=render.hnslogin(), year=datetime.datetime.now().year)
    # Remove any ports
    host = request.host.split(':')[0]
    # Get content from site
@ -497,6 +497,38 @@ def auth():
    resp.set_cookie('auth', auth_cookie)
    return resp

+@app.route('/auth', methods=['GET'])
+def auth_get():
+    global cookies
+    
+    if 'username' not in request.args:
+        return redirect('/?error=Failed to login&reason=No username')
+    if 'token' not in request.args:
+        return redirect('/?error=Failed to login&reason=No token')
+    
+    username = request.args['username']
+    token = request.args['token']
+    
+    # Check if user is valid
+    r = requests.get(f'https://login.hns.au/auth/user?token={token}')
+    r = r.json()
+
+    if 'error' in r:
+        return redirect('/?error=Failed to login&reason=' + r['error'])
+
+    if r['username'] != username:
+        return redirect('/?error=Failed to login&reason=Username mismatch')
+    
+    auth_cookie = secrets.token_hex(12 // 2)
+    cookies.append({'name': username, 'cookie': auth_cookie})
+
+    with open('cookies.json', 'w') as file:
+        json.dump(cookies, file)
+
+    resp = make_response(redirect('/site'))
+    resp.set_cookie('auth', auth_cookie)
+    return resp
+
@app.route('/logout')
 def logout():
    global cookies
--- a/render.py
+++ b/render.py
@ -11,6 +11,14 @@ def varo_login():
 	}
    });'''

+def hnslogin():
+    # Redirect to https://login.hns.au/auth?return={{scheme}}{{host}}/auth
+    
+    return """
+const { protocol, hostname, port } = window.location;
+const rootUrl = `${protocol}//${hostname}${port ? `:${port}` : ''}/auth`;
+window.location.href = `https://login.hns.au/auth?return=${encodeURIComponent(rootUrl)}`;
+"""

 def preview(data):
    title = data['title']