Paul
/
Security-Quiz
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
5.3 MiB
 
 
 
 
Tag: Branch: Tree: 7a996f5aff
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7a996f5aff'
${ noResults }
Security-Quiz/views.py

84 lines
3.0 KiB
Raw Blame History

from django.shortcuts import render
from django.http import HttpResponse
from django.http import HttpResponseRedirect
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.models import User
from django.contrib import messages
from quiz.models import Answer
import oauth2 as oauth, cgi, json
import securityquiz.secrets as secrets
AVANS_KEY = secrets.AVANS_KEY
AVANS_SECRET = secrets.AVANS_SECRET
REQUEST_TOKEN_URL = 'https://publicapi.avans.nl/oauth/request_token?oauth_callback=http://%s/callback'
ACCESS_TOKEN_URL = 'https://publicapi.avans.nl/oauth/access_token'
AUTHORIZE_URL = 'https://publicapi.avans.nl/oauth/saml.php?oauth_token=%s'
consumer = oauth.Consumer(AVANS_KEY, AVANS_SECRET)
client = oauth.Client(consumer)
def avans_login(request):
resp, content = client.request(REQUEST_TOKEN_URL % request.get_host(), "GET")
if resp['status'] != '200':
raise Exception("Invalid response from oauth")
request.session['request_token'] = dict(cgi.parse_qsl(content))
url = AUTHORIZE_URL % (request.session['request_token']['oauth_token'])
return HttpResponseRedirect(url)
def avans_callback(request):
token = oauth.Token(request.session['request_token']['oauth_token'], request.session['request_token']['oauth_token_secret'])
token.set_verifier(request.GET['oauth_verifier'])
client = oauth.Client(consumer, token)
resp, content = client.request(ACCESS_TOKEN_URL, "GET")
if resp['status'] != '200':
raise Exception("Invalid response from Avans.")
access_token = dict(cgi.parse_qsl(content))
token = oauth.Token(access_token['oauth_token'], access_token['oauth_token_secret'])
client = oauth.Client(consumer, token)
resp, content = client.request('https://publicapi.avans.nl/oauth/studentnummer/', 'GET')
data = json.loads(content)[0]
studentnummer = data['studentnummer']
inlognaam = data['inlognaam']
try:
user = User.objects.get(username=inlognaam)
except User.DoesNotExist:
user = User.objects.create_user(inlognaam, studentnummer, 'secret')
user = authenticate(username=inlognaam, password='secret')
login(request, user)
return HttpResponseRedirect('/')
def avans_logout(request):
logout(request)
return HttpResponse('Je bent nu uitgelogd... <a href="/">Opnieuw inloggen</a>')
def home(request):
if not request.user.is_authenticated():
return avans_login(request)
if request.method == 'POST':
for key in request.POST:
if key.startswith('answer'):
answer, created = Answer.objects.get_or_create(user=request.user, question=key)
answer.string = request.POST[key]
answer.save()
messages.add_message(request, messages.INFO, 'Je antwoorden zijn opgeslagen')
return HttpResponseRedirect('/')
answers = Answer.objects.filter(user=request.user)
answers_dict = {}
for answer in answers:
answers_dict[answer.question] = answer.string
return render(request, 'index.html', {'answers': answers_dict})