Add allowed query parameters for oauth logins

author Magnus Hagander <magnus@hagander.net>

Tue, 23 Feb 2021 10:20:48 +0000 (11:20 +0100)

committer Magnus Hagander <magnus@hagander.net>

Tue, 23 Feb 2021 10:20:48 +0000 (11:20 +0100)
author Magnus Hagander <magnus@hagander.net>
Tue, 23 Feb 2021 10:20:48 +0000 (11:20 +0100)
committer Magnus Hagander <magnus@hagander.net>
Tue, 23 Feb 2021 10:20:48 +0000 (11:20 +0100)
diff --git a/pgweb/account/oauthclient.py b/pgweb/account/oauthclient.py

index 9f8fff35861f45ffbb36087fce574d35886a0276..ca13ceaf7c7a229e7f687ab80e59dca0a98a8f12 100644 (file)
--- a/pgweb/account/oauthclient.py
+++ b/pgweb/account/oauthclient.py
@@ -7,6 +7,7 @@ import os
  import sys
  
  from pgweb.util.misc import get_client_ip
+from pgweb.util.decorators import queryparams
  from pgweb.core.models import UserProfile
  
  import logging
@@ -283,6 +284,7 @@ def oauth_login_twitter(request):
          _twitter_auth_data)
  
  
+@queryparams('code', 'state', 'next')
  def login_oauth(request, provider):
      fn = 'oauth_login_{0}'.format(provider)
      m = sys.modules[__name__]
author	Magnus Hagander <magnus@hagander.net>
	Tue, 23 Feb 2021 10:20:48 +0000 (11:20 +0100)
committer	Magnus Hagander <magnus@hagander.net>
	Tue, 23 Feb 2021 10:20:48 +0000 (11:20 +0100)