rewritten oauth without library

1f65886d · Jonas Leder · e618af7b · 1f65886d
Commit 1f65886d authored 5 years ago by Jonas Leder
--- a/main.py
+++ b/main.py
@@ -8,7 +8,6 @@ import base64 #Used to encode the generated QR as base64, to directly insert it
 from requests import post, get #Used to validate recaptcha / oauth
 from io import BytesIO #Needed for base64 encoding of the image
 from PIL import Image #Needed for QR generation
-from flask_github import GitHub #github oauth library
 import json #used for github oauth
 from html import escape #This is used to escape characters, if they are send in the url
 app = Flask(__name__)
@@ -68,12 +67,11 @@ except:
    host="127.0.0.1"
 try:
-    app.config['GITHUB_CLIENT_ID'] = os.environ['GITHUB_CLIENT_ID']
+    GITHUB_CLIENT_ID = os.environ['GITHUB_CLIENT_ID']
-    app.config['GITHUB_CLIENT_SECRET'] = os.environ['GITHUB_CLIENT_SECRET']
+    GITHUB_CLIENT_SECRET = os.environ['GITHUB_CLIENT_SECRET']
 except:
    print("github client id or client secret is not set, please set these and run again.")
    exit()
-github = GitHub(app)
 try:
    if(os.environ["cookieNotice"] == 1):
@@ -219,23 +217,27 @@ def redirect_short_url(short_url):
 @app.route('/user/login')
 def login():
-    return github.authorize(scope="user") #redirect the user to the github login page and ask for access to user data (name, email, ...)
+    return redirect("https://github.com/login/oauth/authorize/?client_id=" + GITHUB_CLIENT_ID + "&scope=user") #redirect the user to the github login page and ask for access to user data (name, email, ...)
 @app.route('/user/github-callback') #Github redirects to this link after the user authenticated. Then we use the Token we get from github and request via the github api the username and the userid
-@github.authorized_handler
+def authorized():
-def authorized(oauth_token):
+    try:
-    if oauth_token is None:
+        code = request.args.get("code")
-        return "oauth failed, please try again" #If you call this page manual you get this error
+        url = "https://github.com/login/oauth/access_token" #The baseurl
+        params = {'client_id': GITHUB_CLIENT_ID, 'client_secret': GITHUB_CLIENT_SECRET, 'code': code} #As paramtere we send the client id and the client secret which we get from github when registering an application and the user code from before
-    headers = {'Authorization': 'token ' + oauth_token,} #Useragent doesn't matters, but is set here
+        oauth_token = post(url,params).text.split("access_token=")[1].split("&")[0] #Send a post request with the parameters from
-    githubResponse = get("https://api.github.com/user", headers=headers).text
-    userID = str(json.loads(githubResponse)['id'])
+        headers = {'Authorization': 'token ' + oauth_token,} #Useragent doesn't matters, but is set here
-    username = str(json.loads(githubResponse)['login'])
+        githubResponse = get("https://api.github.com/user", headers=headers).text
+        userID = str(json.loads(githubResponse)['id'])
-    resp = make_response(redirect('/')) #redirect the user at the end back to the main page
+        username = str(json.loads(githubResponse)['login'])
-    resp.set_cookie('userID', userID) #set the cookies with username and userid
-    resp.set_cookie('username', username)
+        resp = make_response(redirect('/')) #redirect the user at the end back to the main page
-    return resp
+        resp.set_cookie('userID', userID) #set the cookies with username and userid
+        resp.set_cookie('username', username)
+        return resp
+    except:
+        return "Authentication failed"
 @app.route('/user/logout')
 def logout():