From ec94c30ead3e2462a26cd06dd9566396c4c48f23 Mon Sep 17 00:00:00 2001
From: "holger.trampe" <htrampe@gmail.com>
Date: Sat, 31 Jul 2021 11:02:37 +0200
Subject: [PATCH] try cookie session

---
 api/urls.py                                   |   2 +-
 api/views.py                                  |  33 ++++++++++++++++--
 .../__pycache__/settings.cpython-38.pyc       | Bin 4512 -> 4592 bytes
 digitaleagentur/settings.py                   |   4 +--
 users/models.py                               |   2 ++
 users/views.py                                |  16 ++++-----
 6 files changed, 43 insertions(+), 14 deletions(-)

diff --git a/api/urls.py b/api/urls.py
index 340db99..459e7cf 100644
--- a/api/urls.py
+++ b/api/urls.py
@@ -20,7 +20,7 @@ urlpatterns = [
     path('addfile/', views.NCAddFiles, name="apiaddfile"),
     path('adddir/', views.NCAddDirs, name="apiadddir"),
 
-    path('test/', views.NCTest, name="apitest"),
+    #path('setlog/', views.SetUserData, name="apisetlog"),
     # EXTERNAL FROM NC
     path('logout/<str:uid>', views.apilogout, name="api-logout"),
     path('uschanged/<str:uid>/<str:sid>', views.userChangedInNc, name="api-userchanged"),
diff --git a/api/views.py b/api/views.py
index 0a588da..4424a93 100644
--- a/api/views.py
+++ b/api/views.py
@@ -362,5 +362,34 @@ def NCAddDirs(request):
 
 @api_view(['GET'], )
 def NCTest(request):
-	print("HI!")
-	return JsonResponse({'status' : False, 'message': 'AUTH ERROR'})
\ No newline at end of file
+	print(request.headers)
+	return JsonResponse({'status' : False, 'message': 'AUTH ERROR'})
+
+
+#@api_view(['POST'], )
+#def SetUserData(request):
+#	redirect('nclog', uid=request.POST.get('uid'))
+	#print(request.POST.get('uid'))
+	#print(request.POST.get('key'))
+	#print(request.POST.get('csrf'))
+	#user = User.objects.get(username=request.POST.get('uid'))
+	#user.backend = 'django.contrib.auth.backends.ModelBackend'
+	#login(request, user)
+	#login(request, ))
+	#if(request.session.get('_auth_user_id') == None):
+	#	print("LOGIN " + request.POST.get('uid'))
+	
+	#else:
+	#	print("user logged")
+	#return JsonResponse({})
+	#print(request.session.get('_auth_user_id'))
+	#print(request.POST.get('uid'))
+	#print(request.POST.get('reqdata'))
+	#if(request.POST.get('key') == "lkais8id7oauihsdjgt6as7zdukHJAGHFTJ7s6a8dziuhabjshdatf6tASZDUHJB"):
+	#	user = 
+	#	user.backend = 'django.contrib.auth.backends.ModelBackend'
+	#	login(request, user)
+	#	return redirect('users-dashboard')
+	#else:
+	#	return redirect('login')
+	#return redirect('users-dashboard')
diff --git a/digitaleagentur/__pycache__/settings.cpython-38.pyc b/digitaleagentur/__pycache__/settings.cpython-38.pyc
index 35c694dda71f55b0736e454981cf3c7d5d448259..0ed3a929ed23b08168d37998eda1c4630c44e9a5 100644
GIT binary patch
delta 468
zcmZ9G+fEZ<6oqF`|4!P%v|ubC6a|V0N<pCoIVcLHz<_j+X%#kyQdpD87!HXk*YFBW
zuSj~)UK<mWz5p@4fS0}jmplRZ+ZZm`D{CeDTglF@Mz5oKPS*p9oM@}J@V%sW(`9Ke
zOa9V%kIHSO>f9Mdojz_y0!fTv9Ir8fNlalHZ=3*k;4MGGjH4igcX*Fk%pv6nmoQ%u
z4sj>aSa6BEu*eZCaW@Ps%hte3BR@29)g?#pV`T0`Fe@5A!5W|S;3M~9o%;~tsB}Lx
zehQ19A<NH^;}`hE1Nh7_o4$CfS|bN-UyW*njdq3O4KifMu~}1j7|bvK6F;^jd4+8r
z`A6m5QS5L6y9mjblgMKag&_7Ts$9pQTFSsd{fhR87V1l$HGlb{ITn5h*Kv!5Lwl&;
z*vG}wufqo?N9CW*-)OvitRIELR@$-*Gm}r5=8BQdTj^A8z5Yl4MQ!)1d2@Bv$kZz#
vK@SvC6w&0P7N5@(5rTwP{?YQgmqb$s1vTLblJE#2t*MH7E4(U6-H6-2)B1iw

delta 388
zcmX|-NlpS`5QV$Cf3Z=zVWp@zffG0b&hvyggNj2rlSevj;u-V+Zb)xgh)b8UaqSH}
zf=hQEz=*%ZSTFA_zDg=D^%;5y85zT<QRF;(#Z@+MG}BAIcc1k9U0eQf@zx4*9ioUK
zjuDJv4C9!<B&MtyuE#X{F=Ht(F^f6OV*!hnun9{AVG%cA87nq%BNE(%RSqDDHMvb<
zy^<T1+_cFO+>EV%5w;61Zov+>;x@%?NOL<(4oZix%N^L`PV93RGTe;=?#a=0)q|^&
z;hbKiBH^%J;Yfw_<{~&Ms@#WT?*Aihup|RG;lW=jZw}#<hj9i|){WvE7r4Y#LA6Qe
z7}Px_oGpFQC6&@z%1sHU=!rP*o+pYs_r^`hXTDPD!>f_+OTJOm>g3aPEg(d-^X+?U
Z_4vtj3C$#-2_fxL6}2p?RFe7@<sS{4Xs-YO

diff --git a/digitaleagentur/settings.py b/digitaleagentur/settings.py
index 1498651..ba11349 100644
--- a/digitaleagentur/settings.py
+++ b/digitaleagentur/settings.py
@@ -26,7 +26,7 @@ BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 # Nach zehn Stunden läuft der Cookie ab!
 # TASK: Zehn stunden auto-auslog einmal checken Sekunden!
 SESSION_COOKIE_AGE = 100*60*60
-
+SESSION_COOKIE_SECURE = False
 
 #CHANNELS_PRESENCE_MAX_AGE = 30
 
@@ -215,7 +215,7 @@ LOGIN_URL = 'login'
 #LOGIN_URL = NEXTCLOUD_URL
 
 STATIC_URL = '/static/'
-
+SESSION_COOKIE_DOMAIN = "digitale-agentur.com"
 
 
 '''
diff --git a/users/models.py b/users/models.py
index ea09a9d..1b15f0d 100644
--- a/users/models.py
+++ b/users/models.py
@@ -215,6 +215,8 @@ class Profile(models.Model):
 	phonemobile = models.CharField(max_length=60, blank=True)
 	phone_public = models.BooleanField(default=False)
 
+	#nc_sid = models.CharField(max_length=200, blank=True)
+
 	# Wenn die Funktion gelöscht wird, wird die FUNC auf NULL gesetzt
 	func = models.ForeignKey("AgencyJob", blank=True, null=True, default=None, on_delete=models.SET_NULL)
 	# Wenn dieses Profil gelöscht wird, wird NICHT die Agency geslöscht
diff --git a/users/views.py b/users/views.py
index 3897a1e..ee6915a 100644
--- a/users/views.py
+++ b/users/views.py
@@ -81,16 +81,14 @@ import urllib.request as urllib2
 from django.contrib.auth import login, logout
 from django.core.mail import send_mail
 def ncLogin(request, uid):
-	print("HIER PASSIERT DER NCLOGIN" + str(uid))
-	#try:
-	logout(request)
-	if(uid == urllib2.unquote(request.COOKIES['nc_username']) and getNCLoggedUserBySession(request.COOKIES['nc_session_id'])):
-		login(request, User.objects.get(username=urllib2.unquote(request.COOKIES['nc_username'])))
+	try:
+		logout(request)
+		if(uid == urllib2.unquote(request.COOKIES['nc_username']) and getNCLoggedUserBySession(request.COOKIES['nc_session_id'])):
+			login(request, User.objects.get(username=urllib2.unquote(request.COOKIES['nc_username'])))
+			return redirect('users-dashboard')
+		return redirect('login')
+	except:
 		return redirect('users-dashboard')
-	return redirect('login')
-	#except:
-	#	return redirect('users-dashboard')
-
 
 def getICSFile(request, ag):
 	if 'HTTP_AUTHORIZATION' in request.META: