diff options
Diffstat (limited to 'pydis_site/apps')
| -rw-r--r-- | pydis_site/apps/home/apps.py | 24 | ||||
| -rw-r--r-- | pydis_site/apps/home/urls.py | 2 | ||||
| -rw-r--r-- | pydis_site/apps/home/views/login.py | 31 |
3 files changed, 24 insertions, 33 deletions
diff --git a/pydis_site/apps/home/apps.py b/pydis_site/apps/home/apps.py index 055d721b..a7c47dc5 100644 --- a/pydis_site/apps/home/apps.py +++ b/pydis_site/apps/home/apps.py @@ -1,3 +1,5 @@ +from typing import Any, Dict + from django.apps import AppConfig @@ -12,3 +14,25 @@ class HomeConfig(AppConfig): from pydis_site.apps.home.signals import SignalListener self.signal_listener = SignalListener() + self.patch_allauth() + + def patch_allauth(self) -> None: + """Monkey-patches Allauth classes so we never collect email addresses.""" + # Imported here because we can't import it before our apps are loaded up + from allauth.socialaccount.providers.base import Provider + + def extract_extra_data(_: Provider, data: Dict[str, Any]) -> Dict[str, Any]: + """ + Extracts extra data for a SocialAccount provided by Allauth. + + This is our version of this function that strips the email address from incoming extra + data. We do this so that we never have to store it. + + This is monkey-patched because most OAuth providers - or at least the ones we care + about - all use the function from the base Provider class. This means we don't have + to make a new Django app for each one we want to work with. + """ + data["email"] = "" + return data + + Provider.extract_extra_data = extract_extra_data diff --git a/pydis_site/apps/home/urls.py b/pydis_site/apps/home/urls.py index 150b5b12..dbb53cb6 100644 --- a/pydis_site/apps/home/urls.py +++ b/pydis_site/apps/home/urls.py @@ -6,7 +6,6 @@ from django.contrib import admin from django.contrib.messages import ERROR from django.urls import include, path -from pydis_site.apps.home.views.login import LoginView from pydis_site.utils.views import MessageRedirectView from .views import HomeView @@ -31,7 +30,6 @@ urlpatterns = [ ), path('connections', ConnectionsView.as_view()), - path('login', LoginView.as_view(), name="login"), path('logout', LogoutView.as_view(), name="logout"), path('admin/', admin.site.urls), diff --git a/pydis_site/apps/home/views/login.py b/pydis_site/apps/home/views/login.py deleted file mode 100644 index d74403a8..00000000 --- a/pydis_site/apps/home/views/login.py +++ /dev/null @@ -1,31 +0,0 @@ -from allauth.socialaccount.providers import registry -from allauth.socialaccount.providers.discord.provider import DiscordProvider -from django.contrib import messages -from django.http import HttpRequest, HttpResponse -from django.shortcuts import redirect -from django.views.generic import View -from django.views.generic.base import TemplateResponseMixin - - -class LoginView(View, TemplateResponseMixin): - """Login view for collecting email collection consent from users.""" - - template_name = "home/login.html" - - def get(self, request: HttpRequest) -> HttpResponse: - """Render the login page view.""" - return self.render_to_response({}) - - def post(self, request: HttpRequest) -> HttpResponse: - """Check whether the user provided consent, and action appropriately.""" - if request.POST.get("consent", None) != "on": # I bet IE breaks this standard... - messages.add_message( - request, - messages.ERROR, - "Consent is required to login with Discord.", - ) - - return self.render_to_response({}) - - provider: DiscordProvider = registry.by_id("discord") - return redirect(provider.get_login_url(request)) |