-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add UI page for social login #483
Conversation
Reviewer's Guide by SourceryThis pull request implements a new UI page for managing social login settings. It integrates the Sequence diagram for social login flowsequenceDiagram
actor User
participant Login Page
participant SocialLoginView
participant OAuth Provider
participant Adapter
User->>Login Page: Access login page
Login Page->>SocialLoginView: Get enabled providers
SocialLoginView-->>Login Page: Return enabled providers
Login Page-->>User: Display login options
User->>Login Page: Click social login button
Login Page->>OAuth Provider: Redirect to provider login
OAuth Provider-->>Adapter: Return with auth token
Adapter->>SocialLoginView: Process authentication
SocialLoginView-->>User: Redirect to dashboard
Class diagram for social authentication componentsclassDiagram
class SocialLoginView {
+template_name: string
+LOGIN_PROVIDERS: dict
+VALID_STATES: set
+get_context_data()
+post(request)
+get_success_url()
}
class LoginState {
<<enumeration>>
ENABLE
DISABLE
}
class CustomSocialAccountAdapter {
+on_authentication_error()
}
class GlobalSettingsObject {
+settings: dict
}
SocialLoginView --> LoginState
SocialLoginView --> GlobalSettingsObject
note for CustomSocialAccountAdapter "Handles social auth errors"
note for SocialLoginView "Manages provider settings"
State diagram for social login provider statusstateDiagram-v2
[*] --> Disabled
Disabled --> Enabled: Admin enables
Enabled --> Disabled: Admin disables
state Enabled {
[*] --> AvailableOnLogin
AvailableOnLogin --> ProcessingAuth
ProcessingAuth --> LoginSuccess
ProcessingAuth --> LoginError
}
note right of Enabled: Provider appears on login page
note right of Disabled: Provider hidden from login page
File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
Always add screenshots of changes when making a PR, please! |
Sorry, I was just preparing the draft pr, I'm resolving some conflicts. |
src/pretix/plugins/socialauth/templates/socialauth/social_auth_settings.html
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @HungNgien - I've reviewed your changes - here's some feedback:
Overall Comments:
- The oauth_return view should provide better error handling and user feedback instead of silently redirecting on failure. Consider adding error messages that help users understand and resolve authentication issues.
- Consider implementing rate limiting for the social login endpoints to prevent potential abuse of the authentication system.
Here's what I looked at during the review
- 🟡 General issues: 1 issue found
- 🟢 Security: all looks good
- 🟢 Testing: all looks good
- 🟢 Complexity: all looks good
- 🟢 Documentation: all looks good
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
|
||
|
||
def oauth_login(request, provider): | ||
base_url = adapter.get_provider(request, provider).get_login_url(request) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
issue (bug_risk): Preserve existing query parameters when constructing OAuth login URL
The current implementation overwrites any existing query parameters in base_url. Should merge new parameters with existing ones to avoid breaking providers that require specific parameters.
|
Thanks, yes, looks good. Please correct spelling mistakes on settings pages - Mediawiki, Github, Google. Can you confirm Internationalization works here? Please translate to Vietnamese as a sample language. |
|
login_providers = self.gs.settings.get('login_providers', as_type=dict) | ||
for provider in self.LOGIN_PROVIDERS.keys(): | ||
value = request.POST.get(f'{provider}_login', '').lower() | ||
if value not in [s.value for s in LoginState]: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@hongquan, it looks like this syntax is only working for Python 3.12 or later.
I checked it on my python3.11 and an online compiler, both raise TypeError: unsupported operand type(s) for 'in': 'str' and 'EnumType'.
Add UI page to allow toggle on/off sign-in options
Summary by Sourcery
Add a new UI page for managing social login settings, allowing administrators to toggle sign-in options for various providers. Integrate 'django-allauth' to support social authentication with providers like Google, GitHub, and MediaWiki. Enhance the system with OAuth2 application management capabilities, including creation and deletion. Update tests to accommodate the new social login URLs.
New Features:
Enhancements:
Build:
Documentation:
Tests:
Summary by Sourcery
Add a UI page for managing social login settings, allowing administrators to enable or disable different providers.
New Features:
Tests: