From 8eff84fe8b00c32efda5e0090f12d02a01367155 Mon Sep 17 00:00:00 2001
From: Andrea Lepori <alepori@student.ethz.ch>
Date: Sun, 2 Jan 2022 21:46:17 +0100
Subject: disconnect oauth check validity

---
 accounts/templates/accounts/index.html | 57 ++++++++++++++++++++++------------
 accounts/urls.py                       |  1 +
 accounts/views.py                      | 34 +++++++++++++++-----
 3 files changed, 65 insertions(+), 27 deletions(-)

(limited to 'accounts')

diff --git a/accounts/templates/accounts/index.html b/accounts/templates/accounts/index.html
index 874231b..7cd287d 100644
--- a/accounts/templates/accounts/index.html
+++ b/accounts/templates/accounts/index.html
@@ -12,13 +12,14 @@
       <li class="tab"><a class="active" href="#personal">Info Personali</a></li>
       <li class="tab"><a href="#medic">Info Mediche</a></li>
       <li class="tab"><a href="#misc">Impostazioni</a></li>
+      <li class="tab"><a href="#test">Woooo</a></li>
     </ul>
   </div>
 {% endblock%}
 
 {% block content %}
 <form action="{% url 'personal'%}" method="post" id="form1" enctype="multipart/form-data">
-<div id="personal" class="row">
+<div "personal" class="row">
   <div class="col l8 offset-l2 s12">
     <div class="card-panel">
       <div class="row">
@@ -310,10 +311,14 @@
           <i class="large material-icons">save</i>
         </a>
       </div>
-      </form>
     </div>
   </div>
 </div>
+<div id="test" class="row">
+  <div class="col s12">
+    Helloooooo
+  </div>
+</div>
 <div id="misc" class="row">
   <div class="col l8 offset-l2 s12">
     <div class="card-panel">
@@ -322,29 +327,43 @@
           <h6>Collegamento con MiData</h6>
         </div>
       </div>
-      <div class="row">
-        <div class="col s12">
-          Collega il tuo account con MiData per avere un login unico. Attenzione una volta collegato il
-          tuo account i dati presenti su MiData dovranno essere modificati sulla piattaforma stessa.
+      {% if midata_user %}
+        <div class="row">
+          <div class="col s12">
+            Il tuo utente è già connesso a MiData
+          </div>
+          <div class="col m6 s12">
+            <a href={% url 'oauth_disconnect' %} style="width: 100%" class="btn waves-effect waves-light {{color}}">
+              Scollega da MiData
+            </a>
+          </div>
         </div>
-      </div>
-      <div class="row">
-        <div class="col m6 s12">
-          <a href={% url 'oauth_login' %} style="width: 100%; background-color: #99BF62" class="btn waves-effect waves-light">
-            <div class="row">
-              <div class="col s2">
-                <img style="height: 30px; padding-top: 3px" src="{% static 'pbs_logo.svg' %}" alt="PBS Logo">
-              </div>
-              <div class="col s10">
-                Collega a MiData
+      {% else %}
+        <div class="row">
+          <div class="col s12">
+            Collega il tuo account con MiData per avere un login unico. Attenzione una volta collegato il
+            tuo account i dati presenti su MiData dovranno essere modificati sulla piattaforma stessa.
+          </div>
+        </div>
+        <div class="row">
+          <div class="col m6 s12">
+            <a href={% url 'oauth_connect' %} style="width: 100%; background-color: #99BF62" class="btn waves-effect waves-light">
+              <div class="row">
+                <div class="col s2">
+                  <img style="height: 30px; padding-top: 3px" src="{% static 'pbs_logo.svg' %}" alt="PBS Logo">
+                </div>
+                <div class="col s10">
+                  Collega a MiData
+                </div>
               </div>
-            </div>
-          </a>
+            </a>
+          </div>
         </div>
-      </div>
+      {% endif %}
     </div>
   </div>
 </div>
+</form>
 {% endblock %}
 
 {% block script %}
diff --git a/accounts/urls.py b/accounts/urls.py
index 5f04051..fa85a5b 100644
--- a/accounts/urls.py
+++ b/accounts/urls.py
@@ -9,5 +9,6 @@ urlpatterns = [
     path('oauth_login/', views.oauth_login, name='oauth_login'),
     path('auth/', views.auth, name='auth'),
     path('oauth_connect/', views.oauth_connect, name='oauth_connect'),
+    path('oauth_disconnect/', views.oauth_disconnect, name='oauth_disconnect'),
     path('auth_connect/', views.auth_connect, name='auth_connect'),
 ]
diff --git a/accounts/views.py b/accounts/views.py
index 06459d7..2b971b3 100644
--- a/accounts/views.py
+++ b/accounts/views.py
@@ -95,11 +95,22 @@ def auth(request):
     return HttpResponseRedirect('/')
 
 # send to hitobito request to get token
+@login_required
 def oauth_connect(request):
     redirect_uri = request.build_absolute_uri(reverse('auth_connect'))
     return hitobito.authorize_redirect(request, redirect_uri)
 
+@login_required
+def oauth_disconnect(request):
+    usercode = UserCode.objects.filter(user=request.user)[0]
+    usercode.midata_id = 0
+    usercode.midata_token = ""
+    usercode.save()
+
+    return HttpResponseRedirect(reverse("personal") + "#misc")
+
 # callback after acquiring token
+@login_required
 def auth_connect(request):
     token = hitobito.authorize_access_token(request)
 
@@ -111,13 +122,18 @@ def auth_connect(request):
     resp = requests.get(api_url, headers=headers)
     resp_data = resp.json()
 
-    # find user with that id
-    usercode = UserCode.objects.filter(user=user)[0]
+    # check that account is not linked to another
+    existing_codes = UserCode.objects.filter(midata_id=resp_data["id"])
+    if len(existing_codes) > 0:
+        return personal_wrapper(request, True, "Questo utente è già collegato ad un altro")
+
+    # save id to user
+    usercode = UserCode.objects.filter(user=request.user)[0]
     usercode.midata_id = resp_data["id"]
     usercode.midata_token = token["access_token"]
     usercode.save()
 
-    return HttpResponseRedirect('/')
+    return HttpResponseRedirect(reverse("personal") + "#misc")
 
 @sensitive_variables("raw_passsword")
 def signup(request):
@@ -169,8 +185,13 @@ def signup(request):
     }
     return render(request, 'accounts/signup.html', context)
 
+# create wrapper to send custom error from other views (oauth connect/disconnect)
 @login_required
 def personal(request):
+    return personal_wrapper(request, False, "")
+
+@login_required
+def personal_wrapper(request, error, error_text):
     context = {}
     # additional user informations
     usercode = UserCode.objects.filter(user=request.user)[0]
@@ -189,11 +210,6 @@ def personal(request):
     validation_dic = {}
     required_fields = ["first_name", "last_name", "email", "parent_name", "via", "cap", "country", "nationality", "phone", "avs_number", "emer_name", "emer_relative", "cell_phone", "address", "health_care", "injuries", "rc", "medic_name", "medic_phone", "medic_address"]
 
-
-    # variables for throwing errors to the user
-    error = False
-    error_text = ""
-
     if request.method == "POST":
         # requested download
         if request.POST['action'] == "download_vac":
@@ -442,6 +458,7 @@ def personal(request):
     else:
         card_name = ''
 
+    midata_user = (usercode.midata_id > 0)
 
     # fill context
     context = {
@@ -490,6 +507,7 @@ def personal(request):
         'vac_certificate': vac_name,
         'error': error,
         'error_text': error_text,
+        'midata_user': midata_user,
     }
 
     return render(request, 'accounts/index.html', context)
-- 
cgit v1.2.1