diff options
| -rw-r--r-- | pydis_site/apps/home/apps.py | 24 | ||||
| -rw-r--r-- | pydis_site/apps/home/urls.py | 2 | ||||
| -rw-r--r-- | pydis_site/apps/home/views/login.py | 31 | ||||
| -rw-r--r-- | pydis_site/templates/base/navbar.html | 13 | ||||
| -rw-r--r-- | pydis_site/templates/home/login.html | 50 |
5 files changed, 34 insertions, 86 deletions
diff --git a/pydis_site/apps/home/apps.py b/pydis_site/apps/home/apps.py index 055d721b..a7c47dc5 100644 --- a/pydis_site/apps/home/apps.py +++ b/pydis_site/apps/home/apps.py @@ -1,3 +1,5 @@ +from typing import Any, Dict + from django.apps import AppConfig @@ -12,3 +14,25 @@ class HomeConfig(AppConfig): from pydis_site.apps.home.signals import SignalListener self.signal_listener = SignalListener() + self.patch_allauth() + + def patch_allauth(self) -> None: + """Monkey-patches Allauth classes so we never collect email addresses.""" + # Imported here because we can't import it before our apps are loaded up + from allauth.socialaccount.providers.base import Provider + + def extract_extra_data(_: Provider, data: Dict[str, Any]) -> Dict[str, Any]: + """ + Extracts extra data for a SocialAccount provided by Allauth. + + This is our version of this function that strips the email address from incoming extra + data. We do this so that we never have to store it. + + This is monkey-patched because most OAuth providers - or at least the ones we care + about - all use the function from the base Provider class. This means we don't have + to make a new Django app for each one we want to work with. + """ + data["email"] = "" + return data + + Provider.extract_extra_data = extract_extra_data diff --git a/pydis_site/apps/home/urls.py b/pydis_site/apps/home/urls.py index 150b5b12..dbb53cb6 100644 --- a/pydis_site/apps/home/urls.py +++ b/pydis_site/apps/home/urls.py @@ -6,7 +6,6 @@ from django.contrib import admin from django.contrib.messages import ERROR from django.urls import include, path -from pydis_site.apps.home.views.login import LoginView from pydis_site.utils.views import MessageRedirectView from .views import HomeView @@ -31,7 +30,6 @@ urlpatterns = [ ), path('connections', ConnectionsView.as_view()), - path('login', LoginView.as_view(), name="login"), path('logout', LogoutView.as_view(), name="logout"), path('admin/', admin.site.urls), diff --git a/pydis_site/apps/home/views/login.py b/pydis_site/apps/home/views/login.py deleted file mode 100644 index d74403a8..00000000 --- a/pydis_site/apps/home/views/login.py +++ /dev/null @@ -1,31 +0,0 @@ -from allauth.socialaccount.providers import registry -from allauth.socialaccount.providers.discord.provider import DiscordProvider -from django.contrib import messages -from django.http import HttpRequest, HttpResponse -from django.shortcuts import redirect -from django.views.generic import View -from django.views.generic.base import TemplateResponseMixin - - -class LoginView(View, TemplateResponseMixin): - """Login view for collecting email collection consent from users.""" - - template_name = "home/login.html" - - def get(self, request: HttpRequest) -> HttpResponse: - """Render the login page view.""" - return self.render_to_response({}) - - def post(self, request: HttpRequest) -> HttpResponse: - """Check whether the user provided consent, and action appropriately.""" - if request.POST.get("consent", None) != "on": # I bet IE breaks this standard... - messages.add_message( - request, - messages.ERROR, - "Consent is required to login with Discord.", - ) - - return self.render_to_response({}) - - provider: DiscordProvider = registry.by_id("discord") - return redirect(provider.get_login_url(request)) diff --git a/pydis_site/templates/base/navbar.html b/pydis_site/templates/base/navbar.html index f51f7c53..1d30b8f0 100644 --- a/pydis_site/templates/base/navbar.html +++ b/pydis_site/templates/base/navbar.html @@ -1,3 +1,4 @@ +{% load socialaccount %} {% load static %} <nav class="navbar is-primary" role="navigation" aria-label="main navigation"> @@ -86,9 +87,15 @@ <hr class="navbar-divider"> {% if not user.is_authenticated %} - <a class="navbar-item" href="{% url 'login' %}"> - Login - </a> + {% get_providers as socialaccount_providers %} + + {% for provider in socialaccount_providers %} + {% if provider.id == "discord" %} + <a class="navbar-item" + href="{% provider_login_url provider.id process="login" scope=scope auth_params=auth_params %}" + >Login with {{ provider.name }}</a> + {% endif %} + {% endfor %} {% else %} <form method="post" action="{% url 'logout' %}"> {% csrf_token %} diff --git a/pydis_site/templates/home/login.html b/pydis_site/templates/home/login.html deleted file mode 100644 index 2206e95c..00000000 --- a/pydis_site/templates/home/login.html +++ /dev/null @@ -1,50 +0,0 @@ -{% extends 'base/base.html' %} - -{% load account %} -{% load socialaccount %} -{% load static %} - -{% block title %}Login{% endblock %} -{% block head %} - <link rel="stylesheet" href="{% static "css/home/index.css" %}"> -{% endblock %} - -{% block content %} - {% include "base/navbar.html" %} - - {# Sponsors #} - <section class="section"> - <div class="container"> - <div class="columns is-mobile is-centered"> - <div class="column is-full-mobile is-full-tablet is-half-desktop"> - {% get_providers as socialaccount_providers %} - - <h1 class="title has-text-centered">Login with Discord</h1> - - <form method="post"> - {% csrf_token %} - - <div class="field notification is-horizontal"> - <input class="is-checkradio is-circle is-dark" type="checkbox" id="consent" name="consent" /> - <label for="consent"> - I consent to Python Discord using my Discord email address to identify my account - </label> - </div> - - <div class="field is-grouped-centered has-text-centered"> - <button class="button is-large is-primary" type="submit"> - <span class="icon"> - <i class="fab fa-discord"></i> - </span> - <span> - Login - </span> - </button> - </div> - </form> - </div> - </div> - </div> - </section> - -{% endblock %} |