autonomic-cooperative/keycloak-collective-portal
autonomic-cooperative/keycloak-collective-portal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity

Support logging in and out

Browse Source
This commit is contained in:
decentral1se 2021-06-11 22:28:43 +02:00
parent 5942468164
commit 30edb39163
Signed by: decentral1se
GPG Key ID: 92DAD76BD9567B8A
4 changed files with 31 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
keycloak_collective_portal.py
View File

@ -6,6 +6,7 @@ from authlib.integrations.starlette_client import OAuth, OAuthError
from fastapi import FastAPI, Request from fastapi import FastAPI, Request
from fastapi.responses import HTMLResponse, RedirectResponse from fastapi.responses import HTMLResponse, RedirectResponse
from fastapi.templating import Jinja2Templates from fastapi.templating import Jinja2Templates
from httpx import get
from starlette.middleware.sessions import SessionMiddleware from starlette.middleware.sessions import SessionMiddleware
APP_SECRET_KEY = environ.get("APP_SECRET_KEY") APP_SECRET_KEY = environ.get("APP_SECRET_KEY")
@ -18,15 +19,17 @@ app = FastAPI()
app.add_middleware(SessionMiddleware, secret_key=APP_SECRET_KEY) app.add_middleware(SessionMiddleware, secret_key=APP_SECRET_KEY)
templates = Jinja2Templates(directory="templates") templates = Jinja2Templates(directory="templates")
BASE_URL = f"https://{KEYCLOAK_DOMAIN}/auth/realms/{KEYCLOAK_REALM}/protocol/openid-connect"
oauth = OAuth() oauth = OAuth()
oauth.register( oauth.register(
name="keycloak", name="keycloak",
client_kwargs={"scope": "openid profile email"}, client_kwargs={"scope": "openid profile email"},
client_id=KEYCLOAK_CLIENT_ID, client_id=KEYCLOAK_CLIENT_ID,
client_secret=KEYCLOAK_CLIENT_SECRET, client_secret=KEYCLOAK_CLIENT_SECRET,
authorize_url=f"https://{KEYCLOAK_DOMAIN}/auth/realms/{KEYCLOAK_REALM}/protocol/openid-connect/auth", authorize_url=f"{BASE_URL}/auth",
access_token_url=f"https://{KEYCLOAK_DOMAIN}/auth/realms/{KEYCLOAK_REALM}/protocol/openid-connect/token", access_token_url=f"{BASE_URL}/token",
jwks_uri=f"https://{KEYCLOAK_DOMAIN}/auth/realms/{KEYCLOAK_REALM}/protocol/openid-connect/certs", jwks_uri=f"{BASE_URL}/certs",
) )
@ -35,9 +38,16 @@ async def home(request: Request):
user = request.session.get("user") user = request.session.get("user")
if user: if user:
return templates.TemplateResponse( return templates.TemplateResponse(
"index.html", context={"request": request, "user": user} "admin.html", context={"request": request, "user": user}
) )
return RedirectResponse(request.url_for("login_keycloak")) return RedirectResponse(request.url_for("login"))
@app.get("/login", response_class=HTMLResponse)
async def login(request: Request):
return templates.TemplateResponse(
"login.html", context={"request": request}
)
@app.get("/login/keycloak") @app.get("/login/keycloak")
@ -60,4 +70,5 @@ async def auth_keycloak(request: Request):
@app.route("/logout") @app.route("/logout")
async def logout(request: Request): async def logout(request: Request):
request.session.pop("user", None) request.session.pop("user", None)
return RedirectResponse(request.url_for("home")) get(f"{BASE_URL}/logout")
return RedirectResponse(request.url_for("login"))

11
templates/admin.html Normal file
View File

@ -0,0 +1,11 @@
<html>
<head>
<title>Home</title>
</head>
<body>
<p>
Hello, {{ user.preferred_username }}
<small>(<a href="{{ url_for('logout') }}">logout</a>)</small>
</p>
</body>
</html>

8
templates/index.html
View File

@ -1,8 +0,0 @@
<html>
<head>
<title>Home</title>
</head>
<body>
<p>Hello, {{ user.preferred_username }}</p>
</body>
</html>

4
templates/login.html
View File

@ -3,6 +3,8 @@
<title>Login</title> <title>Login</title>
</head> </head>
<body> <body>
<p>Please login</p> <p>
<a href="{{ url_for('login_keycloak') }}">Login</a>
</p>
</body> </body>
</html> </html>