search

AngellusMortis / django_microsoft_auth

Simple app to enable Microsoft Account, Office 365 and Xbox Live authentcation as a Django authentcation backend.
MIT License
137 stars 84 forks source link

Redirect to settings.LOGIN_REDIRECT_URL after a successful login #415

Closed andhrelja closed 4 years ago

andhrelja commented 4 years ago

I'm using Django 3.0.6 to build and app that requires Microsoft User login as default - internal company security process.

I wasn't getting a redirect after a successful login, all I got was the auth_callback.html that rendered:

This window should automatically close. If it does not, it should be save to close after a few seconds.

{"microsoft_auth": {}}

I forked your repository and would like to make a feature suggestion. I changed the view in microsoft_auth/, updated the return value for AuthenticateCallbackView.post() to:

from django.shortcuts import redirect

class AuthenticateCallbackView(View):
    def post(self, request):
        """ main callback for Microsoft to call

            validates Microsoft response, attempts to authenticate user and
            returns simple HTML page with Javascript that will post a message
            to parent window with details of result """

        context = self.get_context_data(**request.POST.dict())

        status_code = 200
        if "error" in context["message"]:
            status_code = 400

        if status_code == 400:
            return render(
                request,
                "microsoft/auth_callback.html",
                context,
                status=status_code,
            )

        elif status_code == 200:
            return redirect(settings.LOGIN_REDIRECT_URL)

This way I could specify my successful login redirect URL. I'm not sure if there's another way, but this was the first obvious thing for me.

I also created a new middleware function in order for Django to use the login URL as default settings.LOGIN_URL. If you are thinking of implementing such features, I'd be happy to contribute.

AngellusMortis commented 4 years ago

The Microsoft auth window opens in a new window and communicates with the parent window via message passing. It is the parent page's responsibility to detect login status and handle where to redirect to.

If you would rather a single page flow and have the original page redirect to Microsoft and then when it is finished authenticating then that would be covered by #283.

andhrelja commented 4 years ago

The Microsoft auth window opens in a new window and communicates with the parent window via message passing. It is the parent page's responsibility to detect login status and handle where to redirect to.

This is exactly what I needed, thank you. It would be great to have these functionalities handled in the Django View for maximum configuration exploitation.

I would be happy to contribute if you see this useful.

Thanks!