Implementation of Oauth of Github, Google and Microsoft #4298
+1,058
−38
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
feyruzb
force-pushed
the
branch-2-backup
branch
2 times, most recently
from
5ce7f18
to
68eaf7b
Compare
feyruzb
force-pushed
the
branch-2-backup
branch
2 times, most recently
from
de2e213
to
d3f6b29
Compare
vodorok
requested changes
Jul 30, 2024
There was a problem hiding this comment.
Please see my remarks.
I have some additional comments apart from the direct in code messages:
- My major concern with the implementation is that the oauth related API and its implementation is not generalized enough. The configuration is good enough for the time being.
- I am not sure if we are allowed to use the Git Hub logo in our repo.
- Please invite @cservakt to review the JS and VueJS parts.
I did not do a thorough review of the oauth flow in authentication.py after you addressed the above issues I will do another round concentrating on that.
Thanks for the hard work!
feyruzb
force-pushed
the
branch-2-backup
branch
10 times, most recently
from
12c68e7
to
f064c2b
Compare
feyruzb
force-pushed
the
branch-2-backup
branch
3 times, most recently
from
b4d5a0a
to
d3847d6
Compare
…s, commented lines
feyruzb
force-pushed
the
branch-2-backup
branch
from
f5dd112
to
540a1df
Compare
feyruzb
force-pushed
the
branch-2-backup
branch
from
540a1df
to
cc9ce96
Compare
feyruzb
force-pushed
the
branch-2-backup
branch
7 times, most recently
from
9db4828
to
afbf03b
Compare
feyruzb
force-pushed
the
branch-2-backup
branch
from
afbf03b
to
b71af06
Compare
feyruzb
force-pushed
the
branch-2-backup
branch
7 times, most recently
from
9256875
to
75072a3
Compare
feyruzb
force-pushed
the
branch-2-backup
branch
from
75072a3
to
d6561b8
Compare
Discookie
suggested changes
Oct 16, 2024
| with DBSession(self.__config_db) as session: | ||
| state_db = session.query(StateCodes) \ | ||
| .filter(StateCodes.id == state_id) \ | ||
| .first().state |
There was a problem hiding this comment.
Expired states might not have been purged at this point - add an explicit check here for expires_at.
| .filter(StateCodes.state == new_state.state | ||
| and | ||
| StateCodes.expires_at == new_state.expires_at) \ | ||
| .first().id |
There was a problem hiding this comment.
It might be worthwhile to explicitly store other parameters of the "state" here as well - oauth provider, PKCE if added, etc.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
fixes #4160
The right way it should look after logging in
new added button to log in with github
Changes: