feat(dev): login;

- Handled cross domain logins.

Author: JVickery-TBS

ckanext/language_domains/assets/scripts/language_login_receiver.js

@@ -6,6 +6,11 @@ window.addEventListener('message', function(_event){
     return;
   }
 
+  if( typeof _event.data.login_receiver_ready != 'undefined' ){
+    _event.source.postMessage({'login_receiver_ready': true}, _event.origin);
+    return;
+  }
+
   if( ! _event.data.session_user || ! _event.data.session_token || ! _event.data.target_domain || ! _event.data.target_language ){
     return;
   }
@@ -18,12 +23,12 @@ window.addEventListener('message', function(_event){
     'complete': function(_data){
       if( _data.responseJSON ){  // we have response JSON
         if( _data.responseJSON.success ){  // successful format guess
-          console.log(_data.responseJSON);
+          _event.source.postMessage({'login_successful': true}, _event.origin);
         }else{  // validation error
-          console.log(_data);
+          _event.source.postMessage({'login_successful': false}, _event.origin);
         }
       }else{  // fully flopped ajax request
-        console.log(_data);
+        _event.source.postMessage({'login_successful': false}, _event.origin);
       }
     }
   });

ckanext/language_domains/assets/scripts/language_login_sender.js

@@ -4,27 +4,65 @@ window.addEventListener('load', function(){
 
     const session_user = SESSION_USER || null;
     const session_token = SESSION_TOKEN || null;
-    const requester_domain = REQUESTER_DOMAIN || null;
+    const trusted_domains = TRUSTED_LANG_DOMAINS || [];
     const domain_scheme = DOMAIN_SCHEME || null;
     const language_domains = LANGUAGE_DOMAINS || {};
 
     if( session_user == null || session_token == null ){
       return;
     }
 
+    // TODO: improve check for all domains being logged in?? fallback to tries/time??
+    let _index = 0;
+    const _max = Object.keys(language_domains).length;
+
     for( let [_lang, _lang_domains] of Object.entries(language_domains) ){
       let targetDomain = domain_scheme + '://' + _lang_domains[0];
       let loginWindow = window.open(targetDomain + '/user/language_domain_login', '', 'width=700,height=500');
-      // FIXME: get this data to the window....and then get a callback to close the window from window.opener...
-      loginWindow.postMessage(
-        {
-          'session_user': session_user,
-          'session_token': session_token,
-          'target_domain': targetDomain,
-          'target_language': _lang,
-        },
-        domain_scheme + '://' + requester_domain
-      );
+      let checkInterval = setInterval(function(){
+        loginWindow.postMessage(
+          {
+            'login_receiver_ready': false,
+          },
+          targetDomain
+        )
+      }, 250);
+
+      window.addEventListener('message', function(_event){
+
+        if( ! Array.prototype.includes.call(trusted_domains, _event.origin) ){
+          return;
+        }
+
+        if( typeof _event.data.login_receiver_ready == 'undefined' && typeof _event.data.login_successful == 'undefined' ){
+          return;
+        }
+
+        if( _event.data.login_receiver_ready ){
+          clearInterval(checkInterval);
+          checkInterval = false;
+          loginWindow.postMessage(
+            {
+              'session_user': session_user,
+              'session_token': session_token,
+              'target_domain': targetDomain,
+              'target_language': _lang,
+            },
+            targetDomain
+          );
+          return;
+        }
+
+        if( _event.data.login_successful ){
+          loginWindow.close();
+          if( _index >= _max ){
+            window.location.assign('/');
+          }
+          _index++;
+        }
+
+      });
+
     }
 
   });

ckanext/language_domains/blueprint.py

@@ -32,8 +32,13 @@ def language_domain_login_master():
     else:
         language_domains = json.loads(language_domains)
 
-    # TODO: figure out lang_domains[0] from current subdomain or not??
-    requester_domain = language_domains.pop(h.lang())[0]
+    trusted_domains = []
+    if language_domains:
+        for _lang_code, lang_domains in language_domains.items():
+            # TODO: figure out lang_domains[0] from current subdomain or not??
+            trusted_domains.append(f'{domain_scheme}://{lang_domains[0]}')
+
+    del language_domains[h.lang()]
 
     jwt_secret = config.get('ckanext.language_domains.secret')
     token = None
@@ -49,7 +54,7 @@ def language_domain_login_master():
     return render('user/language_login_sender.html',
                   {'language_domains': language_domains,
                    'domain_scheme': domain_scheme,
-                   'requester_domain': requester_domain,
+                   'trusted_domains': trusted_domains,
                    'token': token})
 
 

ckanext/language_domains/plugin.py

@@ -24,6 +24,8 @@ class LanguageDomainsPlugin(plugins.SingletonPlugin):
     plugins.implements(plugins.ITemplateHelpers)
     plugins.implements(plugins.IBlueprint)
 
+    # TODO: hardcode in the login redirect and logout redirect
+
     # IMiddleware
     def make_middleware(self, app: CKANApp, config: 'CKANConfig') -> CKANApp:
         return LanguageDomainMiddleware(app, config)

ckanext/language_domains/templates/user/language_login_sender.html

@@ -17,7 +17,7 @@
     const SESSION_USER = '{{- g.user -}}';
     const SESSION_TOKEN = '{{- token -}}';
     const DOMAIN_SCHEME = '{{- domain_scheme -}}';
-    const REQUESTER_DOMAIN = '{{- requester_domain -}}';
+    const TRUSTED_LANG_DOMAINS = {{- trusted_domains|tojson -}};
     const LANGUAGE_DOMAINS = {{- language_domains|tojson -}};
   </script>
   {% asset 'language_domain_assets/js_login_sender' %}