summaryrefslogtreecommitdiffstats
path: root/aurweb/routers
AgeCommit message (Collapse)AuthorFilesLines
2021-02-20Redirect to referer after SSO loginFrédéric Mangano-Tarumi1-6/+17
Introduce a `redirect` query argument to SSO login endpoints so that users are redirected to the page they were originally on when they clicked the Login link. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Remove the per-user session limitFrédéric Mangano-Tarumi1-1/+1
This feature was originally introduced by f961ffd9c7f2d3d51d3e3b060990a4fef9e56c1b as a fix for FS#12898 <https://bugs.archlinux.org/task/12898>. As of today, it is broken because of the `q.SessionID IS NULL` condition in the WHERE clause, which can’t be true because SessionID is not nullable. As a consequence, the session limit was not applied. The fact the absence of the session limit hasn’t caused any issue so far, and hadn’t even been noticed, suggests the feature is unneeded. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Guard OAuth exceptions to provide better messagesFrédéric Mangano-Tarumi1-3/+13
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Update last login information on SSO loginFrédéric Mangano-Tarumi1-1/+7
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Build a translation facility for FastAPIFrédéric Mangano-Tarumi1-9/+11
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20SSO: Port account suspensionFrédéric Mangano-Tarumi1-1/+10
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20SSO: Port IP ban checkingFrédéric Mangano-Tarumi1-2/+17
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Save id_token for the SSO logoutFrédéric Mangano-Tarumi1-4/+15
As far as I can see, Keycloak ignores it entirely. I can login in as SSO user A, then disconnect from the SSO directly and reconnect as user B, but when I disconnect user A from AUR, Keycloak disconnects B even though AUR passed it an ID token for A. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Implement SSO logoutFrédéric Mangano-Tarumi1-0/+18
Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20SSO: Explain the rationale behind prompt=loginFrédéric Mangano-Tarumi1-0/+7
We might reconsider it in the future. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Open AUR sessions from SSOFrédéric Mangano-Tarumi1-2/+49
Only the core functionality is implemented here. See the TODOs. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>
2021-02-20Crude OpenID Connect client using AuthlibFrédéric Mangano-Tarumi2-0/+35
Developers can go to /sso/login to get redirected to the SSO. On successful login, the ID token is displayed. Signed-off-by: Lukas Fleischer <lfleischer@archlinux.org>