Support logging in and out

2021-06-11 22:28:43 +02:00 · 2021-06-11 22:28:43 +02:00 · 30edb39163
commit 30edb39163
parent 5942468164
4 changed files with 31 additions and 15 deletions
--- a/keycloak_collective_portal.py
+++ b/keycloak_collective_portal.py
@ -6,6 +6,7 @@ from authlib.integrations.starlette_client import OAuth, OAuthError
 from fastapi import FastAPI, Request
 from fastapi.responses import HTMLResponse, RedirectResponse
 from fastapi.templating import Jinja2Templates
+from httpx import get
 from starlette.middleware.sessions import SessionMiddleware

 APP_SECRET_KEY = environ.get("APP_SECRET_KEY")
@ -18,15 +19,17 @@ app = FastAPI()
 app.add_middleware(SessionMiddleware, secret_key=APP_SECRET_KEY)
 templates = Jinja2Templates(directory="templates")

+BASE_URL = f"https://{KEYCLOAK_DOMAIN}/auth/realms/{KEYCLOAK_REALM}/protocol/openid-connect"
+
 oauth = OAuth()
 oauth.register(
    name="keycloak",
    client_kwargs={"scope": "openid profile email"},
    client_id=KEYCLOAK_CLIENT_ID,
    client_secret=KEYCLOAK_CLIENT_SECRET,
-    authorize_url=f"https://{KEYCLOAK_DOMAIN}/auth/realms/{KEYCLOAK_REALM}/protocol/openid-connect/auth",
-    access_token_url=f"https://{KEYCLOAK_DOMAIN}/auth/realms/{KEYCLOAK_REALM}/protocol/openid-connect/token",
-    jwks_uri=f"https://{KEYCLOAK_DOMAIN}/auth/realms/{KEYCLOAK_REALM}/protocol/openid-connect/certs",
+    authorize_url=f"{BASE_URL}/auth",
+    access_token_url=f"{BASE_URL}/token",
+    jwks_uri=f"{BASE_URL}/certs",
 )


@ -35,9 +38,16 @@ async def home(request: Request):
    user = request.session.get("user")
    if user:
        return templates.TemplateResponse(
-            "index.html", context={"request": request, "user": user}
+            "admin.html", context={"request": request, "user": user}
        )
-    return RedirectResponse(request.url_for("login_keycloak"))
+    return RedirectResponse(request.url_for("login"))
+
+
+@app.get("/login", response_class=HTMLResponse)
+async def login(request: Request):
+    return templates.TemplateResponse(
+        "login.html", context={"request": request}
+    )


@app.get("/login/keycloak")
@ -60,4 +70,5 @@ async def auth_keycloak(request: Request):
@app.route("/logout")
 async def logout(request: Request):
    request.session.pop("user", None)
-    return RedirectResponse(request.url_for("home"))
+    get(f"{BASE_URL}/logout")
+    return RedirectResponse(request.url_for("login"))
--- a/templates/admin.html
+++ b/templates/admin.html
@ -0,0 +1,11 @@
+<html>
+  <head>
+    <title>Home</title>
+  </head>
+  <body>
+    <p>
+      Hello, {{ user.preferred_username }}
+      <small>(<a href="{{ url_for('logout') }}">logout</a>)</small>
+    </p>
+  </body>
+</html>
--- a/templates/index.html
+++ b/templates/index.html
@ -1,8 +0,0 @@
-<html>
-  <head>
-    <title>Home</title>
-  </head>
-  <body>
-    <p>Hello, {{ user.preferred_username }}</p>
-  </body>
-</html>
--- a/templates/login.html
+++ b/templates/login.html
@ -3,6 +3,8 @@
    <title>Login</title>
  </head>
  <body>
-    <p>Please login</p>
+    <p>
+      <a href="{{ url_for('login_keycloak') }}">Login</a>
+    </p>
  </body>
 </html>