YellWOWPages/routers/auth.py

from fastapi import APIRouter, Request, Cookie
from fastapi.responses import RedirectResponse, HTMLResponse
import requests
from icecream import ic
import secrets

from classes.constraints import Constraints

router = APIRouter()


@router.get('/login')
async def get_login(request: Request):
    state = secrets.token_hex(10)
    response = RedirectResponse(
        'https://login.wownero.com/auth/realms/master/protocol/openid-connect/auth?'f'client_id='
        f'{Constraints.client_id}&redirect_uri=https://yellow.wownero.com/authenticate&'
        f'response_type=code&state={state}')
    response.set_cookie(key='state', value=state)
    return response


@router.get('/authenticate')
async def get_auth(request: Request, state: str = Cookie(None)):
    params = request.query_params
    if state is None:
        return Constraints.templates.TemplateResponse('/errors/index.html',
                                                      {'request': request,
                                                       'error': '`state` security code not found...',
                                                       'url': '/login'})
    if params['state'] != state:
        return Constraints.templates.TemplateResponse('/errors/index.html',
                                                      {'request': request,
                                                       'error': '`state` security code is wrong',
                                                       'url': '/login'})
    url = "https://login.wownero.com/auth/realms/master/protocol/openid-connect/token"
    data = {
        "grant_type": "authorization_code",
        "code": params["code"],
        "redirect_uri": "http://127.0.0.1:8080/authenticate",
        "client_id": f'{Constraints.client_id}',
        "client_secret": f'{Constraints.client_secret}',
        "state": params['state']
    }
    r = requests.post(url=url, data=data)
    response = r.json()

    if response.get('error', None) is not None:
        return Constraints.templates.TemplateResponse('/errors/index.html',
                                                      {'request': request, 'error': r.json()['error_description'],
                                                       'url': '/login'})
    auth_code = response.get('access_token', None)

    if auth_code is None:
        return Constraints.templates.TemplateResponse('/errors/index.html',
                                                      {'request': request, 'error': 'invalid auth code',
                                                       'url': '/login'})
    response = RedirectResponse('/dashboard')
    response.set_cookie(key='auth_code', value=auth_code)
    response.delete_cookie(key='state')
    return response


@router.get('/logout')
async def get_logout():
    response = RedirectResponse('/root')
    response.delete_cookie('auth_code')
    return response