From 32182fab27b81b52e48569b27f9aad3eaddca0d3 Mon Sep 17 00:00:00 2001
From: Christian Cueni <christian.cueni@iterativ.ch>
Date: Mon, 11 Apr 2022 09:42:30 +0200
Subject: [PATCH] Add local login flag

---
 server/config/settings/base.py   | 4 +++-
 server/config/urls.py            | 6 +++++-
 server/vbv_lernwelt/sso/urls.py  | 2 --
 server/vbv_lernwelt/sso/views.py | 4 ++--
 4 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/server/config/settings/base.py b/server/config/settings/base.py
index 32102e7d..77068208 100644
--- a/server/config/settings/base.py
+++ b/server/config/settings/base.py
@@ -110,7 +110,9 @@ AUTH_USER_MODEL = "core.User"
 # https://docs.djangoproject.com/en/dev/ref/settings/#login-redirect-url
 # LOGIN_REDIRECT_URL = "users:redirect"
 # https://docs.djangoproject.com/en/dev/ref/settings/#login-url
-LOGIN_URL = "/login/"
+LOGIN_URL = "/sso/login/"
+
+ALLOW_LOCAL_LOGIN = env.bool("VBV_ALLOW_LOCAL_LOGIN", default=False)
 
 # PASSWORDS
 # ------------------------------------------------------------------------------
diff --git a/server/config/urls.py b/server/config/urls.py
index 874112de..85f51a68 100644
--- a/server/config/urls.py
+++ b/server/config/urls.py
@@ -33,7 +33,6 @@ urlpatterns = [
     path("", django_view_authentication_exempt(TemplateView.as_view(template_name="pages/home.html")), name="home"),
     path('admin/raise_error/', user_passes_test(lambda u: u.is_superuser, login_url='/login/')(raise_example_error), ),
     path(settings.ADMIN_URL, admin.site.urls),
-    path("login/", django_view_authentication_exempt(auth_views.LoginView.as_view(template_name="core/login.html"))),
     path("checkratelimit/", check_rate_limit),
     path("todo/", include("vbv_lernwelt.simpletodo.urls")),
     path("sso/", include("vbv_lernwelt.sso.urls")),
@@ -42,6 +41,11 @@ if settings.DEBUG:
     # Static file serving when using Gunicorn + Uvicorn for local web socket development
     urlpatterns += staticfiles_urlpatterns()
 
+if settings.ALLOW_LOCAL_LOGIN:
+    urlpatterns += [path("login/", django_view_authentication_exempt(
+        auth_views.LoginView.as_view(template_name="core/login.html"))),]
+
+
 # API URLS
 urlpatterns += [
     # API base url
diff --git a/server/vbv_lernwelt/sso/urls.py b/server/vbv_lernwelt/sso/urls.py
index bad8008c..56785481 100644
--- a/server/vbv_lernwelt/sso/urls.py
+++ b/server/vbv_lernwelt/sso/urls.py
@@ -1,6 +1,4 @@
 from django.urls import path
-from django.conf.urls import url, include
-from rest_framework.routers import DefaultRouter
 
 from . import views
 from ..core.middleware.auth import django_view_authentication_exempt
diff --git a/server/vbv_lernwelt/sso/views.py b/server/vbv_lernwelt/sso/views.py
index b79fd6cc..7ce9c799 100644
--- a/server/vbv_lernwelt/sso/views.py
+++ b/server/vbv_lernwelt/sso/views.py
@@ -28,13 +28,13 @@ def authorize(request):
         logger.warning(f'OAuth error: {e}')
         if not settings.DEBUG:
             capture_exception(e)
-        return redirect(f'/{OAUTH_REDIRECT}?state=someerror')
+        return redirect(f'/{OAUTH_REDIRECT}?state=someerror')  # to be defined
 
     user_data = _user_data_from_token_data(deocded_token)
     created = get_user_model().objects.create_or_update_by_email(user_data["email"], user_data["first_name"],
                                                                  user_data["last_name"], user_data["username"])
 
-    return redirect(f'/{OAUTH_REDIRECT}?state=success')
+    return redirect(f'/{OAUTH_REDIRECT}?state=success')  # to be defined
 
 
 def _user_data_from_token_data(token: dict) -> dict: