Implemented cookie-based post login redirects.

from mozilla_django_oidc.auth import OIDCAuthenticationBackend

from mozilla_django_oidc.views import OIDCAuthenticationCallbackView

from .core_app.utils import finalize_user_creation

from django.http import HttpResponseRedirect

# Setup logging

import logging

        return user

    def get_userinfo(self, access_token, id_token, payload):

        # Payload must contain the "email" key

        return payload

class RosettaOIDCAuthenticationCallbackView(OIDCAuthenticationCallbackView):

    def login_success(self):

        # Call parent login_success but do not return

        super(RosettaOIDCAuthenticationCallbackView, self).login_success()

        logger.debug('Trying to get cookie-based post login redirect')

        post_login_page = self.request.COOKIES.get('post_login_redirect')

        if post_login_page:

            logger.debug('Got "%s" and redirecting', post_login_page )

            response = HttpResponseRedirect(post_login_page)

            response.delete_cookie('post_login_redirect')

            return response

        else:

            logger.debug('No cookie-based post login redirect found, redirecting to "%s"', self.success_url)

            return HttpResponseRedirect(self.success_url)

        else:

            log_user_activity("DEBUG", "Redirecting to login since not authenticated", request)

            return HttpResponseRedirect('/login')

            logger.debug('Setting cookie-based post login redirect to "%s"', request.build_absolute_uri())

            response = HttpResponseRedirect('/login')

            response.set_cookie('post_login_redirect', request.build_absolute_uri())

            return response

    return private_view_wrapper

    data = {}

    # Set post login page

    post_login_page = request.COOKIES.get('post_login_redirect')

    if post_login_page is None:

        post_login_page = '/main'

    # If authenticated user reloads the main URL

    if request.method == 'GET' and request.user.is_authenticated:

        return HttpResponseRedirect('/main/')

        response = HttpResponseRedirect(post_login_page)

        response.delete_cookie('post_login_redirect')

        return response

    else:

        # If local auth disabled, just render login page

        # (will be rendered an open id connect url only)

                user = authenticate(username=username, password=password)

                if user:

                    login(request, user)

                    return HttpResponseRedirect('/main')

                    response = HttpResponseRedirect(post_login_page)

                    response.delete_cookie('post_login_redirect')

                    return response

                else:

                    raise ErrorMessage('Check email and password')

            else:

            loginToken.delete()

            # Now redirect to site

            return HttpResponseRedirect('/main/')

            response = HttpResponseRedirect(post_login_page)

            response.delete_cookie('post_login_redirect')

            return response

    # All other cases, render the login page again with no other data than title

    return render(request, 'login.html', {'data': data})

    OIDC_USE_NONCE =  booleanize(os.environ.get('OIDC_USE_NONCE', False))

    OIDC_TOKEN_USE_BASIC_AUTH = booleanize(os.environ.get('OIDC_TOKEN_USE_BASIC_AUTH', False))

    # Custom callback to enable session-based post-login redirects

    OIDC_CALLBACK_CLASS = 'rosetta.auth.RosettaOIDCAuthenticationCallbackView'

    # Non-customizable stuff

    LOGIN_REDIRECT_URL = '/'

    LOGOUT_REDIRECT_URL = '/'