Maintain old login page for posterity and associated API

2024-12-18 18:47:11 +00:00 · 2024-12-12 16:23:44 -08:00 · 2024-12-12 16:23:44 -08:00 · 144f283a25
commit 144f283a25
parent 4697daeb1a
3 changed files with 47 additions and 2 deletions
--- a/src/interface/web/app/components/loginPrompt/loginPopup.tsx
+++ b/src/interface/web/app/components/loginPrompt/loginPopup.tsx
@ -16,7 +16,7 @@ export default function LoginPopup(props: LoginPopupProps) {
            <div className="flex flex-col items-start justify-center">
                <CardHeader className="p-0 text-xl">Welcome to Khoj!</CardHeader>
                <CardDescription>
-                    Get started with Khoj's AI-powered research assistant now.
+                    Get started with Khoj, your AI-powered research assistant, now.
                </CardDescription>
            </div>
            <Button
--- a/src/khoj/routers/auth.py
+++ b/src/khoj/routers/auth.py
@ -140,6 +140,51 @@ async def delete_token(request: Request, token: str):
    return await delete_khoj_token(user=request.user.object, token=token)


+@auth_router.post("/redirect")
+async def auth_post(request: Request):
+    # This is maintained for compatibility with the /login endpoint
+    form = await request.form()
+    next_url = get_next_url(request)
+    for q in request.query_params:
+        if not q == "next":
+            next_url += f"&{q}={request.query_params[q]}"
+
+    credential = form.get("credential")
+
+    csrf_token_cookie = request.cookies.get("g_csrf_token")
+    if not csrf_token_cookie:
+        logger.info("Missing CSRF token. Redirecting user to login page")
+        return RedirectResponse(url=next_url)
+    csrf_token_body = form.get("g_csrf_token")
+    if not csrf_token_body:
+        logger.info("Missing CSRF token body. Redirecting user to login page")
+        return RedirectResponse(url=next_url)
+    if csrf_token_cookie != csrf_token_body:
+        return Response("Invalid CSRF token", status_code=400)
+
+    try:
+        idinfo = id_token.verify_oauth2_token(credential, google_requests.Request(), os.environ["GOOGLE_CLIENT_ID"])
+    except OAuthError as error:
+        return HTMLResponse(f"<h1>{error.error}</h1>")
+    khoj_user = await get_or_create_user(idinfo)
+
+    if khoj_user:
+        request.session["user"] = dict(idinfo)
+
+        if datetime.timedelta(minutes=3) > (datetime.datetime.now(datetime.timezone.utc) - khoj_user.date_joined):
+            asyncio.create_task(send_welcome_email(idinfo["name"], idinfo["email"]))
+            update_telemetry_state(
+                request=request,
+                telemetry_type="api",
+                api="create_user__google",
+                metadata={"server_id": str(khoj_user.uuid)},
+            )
+            logger.log(logging.INFO, f"🥳 New User Created: {khoj_user.uuid}")
+            return RedirectResponse(url=next_url, status_code=HTTP_302_FOUND)
+
+    return RedirectResponse(url=next_url, status_code=HTTP_302_FOUND)
+
+
@auth_router.get("/redirect")
 async def auth(request: Request):
    next_url = get_next_url(request)
--- a/src/khoj/routers/web_client.py
+++ b/src/khoj/routers/web_client.py
@ -57,7 +57,7 @@ def login_page(request: Request):
    if request.user.is_authenticated:
        return RedirectResponse(url=next_url)
    google_client_id = os.environ.get("GOOGLE_CLIENT_ID")
-    redirect_uri = str(request.app.url_path_for("auth"))
+    redirect_uri = str(request.app.url_path_for("auth_post"))
    return templates.TemplateResponse(
        "login.html",
        context={