Spaces:
Sleeping
Sleeping
app.py
CHANGED
|
@@ -11,10 +11,15 @@ from google.auth.transport.requests import Request
|
|
| 11 |
import json
|
| 12 |
import logging
|
| 13 |
from oauthlib.oauth2.rfc6749.errors import InvalidGrantError
|
|
|
|
|
|
|
| 14 |
|
| 15 |
# Load environment variables from .env file
|
| 16 |
load_dotenv()
|
| 17 |
|
|
|
|
|
|
|
|
|
|
| 18 |
# Set page configuration
|
| 19 |
st.set_page_config(page_title="Student Grade Lookup", page_icon="π", layout="centered")
|
| 20 |
|
|
@@ -100,7 +105,9 @@ def main():
|
|
| 100 |
|
| 101 |
if st.button("Login with Google"):
|
| 102 |
flow = create_flow()
|
| 103 |
-
authorization_url,
|
|
|
|
|
|
|
| 104 |
st.markdown(f"[Login with Google]({authorization_url})")
|
| 105 |
else:
|
| 106 |
st.title('π Student Grade Lookup')
|
|
@@ -182,13 +189,32 @@ def main():
|
|
| 182 |
def handle_callback():
|
| 183 |
flow = create_flow()
|
| 184 |
code = st.query_params.get("code")
|
| 185 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 186 |
try:
|
| 187 |
logging.debug(f"Attempting to fetch token with code: {code}")
|
| 188 |
flow.fetch_token(code=code)
|
| 189 |
credentials = flow.credentials
|
| 190 |
st.session_state['credentials'] = credentials.to_json()
|
| 191 |
logging.debug("Token fetch successful")
|
|
|
|
|
|
|
| 192 |
return credentials
|
| 193 |
except InvalidGrantError as e:
|
| 194 |
logging.error(f"InvalidGrantError: {str(e)}")
|
|
@@ -199,16 +225,13 @@ def handle_callback():
|
|
| 199 |
logging.error(f"Unexpected error during token fetch: {str(e)}")
|
| 200 |
st.error(f"An unexpected error occurred: {str(e)}")
|
| 201 |
else:
|
| 202 |
-
logging.warning("No authorization code found in the URL parameters.")
|
| 203 |
-
st.error("
|
| 204 |
-
|
| 205 |
-
# Set up logging
|
| 206 |
-
logging.basicConfig(level=logging.DEBUG)
|
| 207 |
|
| 208 |
if __name__ == '__main__':
|
| 209 |
logging.debug("Starting the application")
|
| 210 |
-
if 'code' in st.query_params:
|
| 211 |
-
logging.debug("Authorization code found in query parameters")
|
| 212 |
handle_callback()
|
| 213 |
st.rerun()
|
| 214 |
main()
|
|
|
|
| 11 |
import json
|
| 12 |
import logging
|
| 13 |
from oauthlib.oauth2.rfc6749.errors import InvalidGrantError
|
| 14 |
+
import secrets
|
| 15 |
+
import time
|
| 16 |
|
| 17 |
# Load environment variables from .env file
|
| 18 |
load_dotenv()
|
| 19 |
|
| 20 |
+
# Set up logging
|
| 21 |
+
logging.basicConfig(level=logging.DEBUG)
|
| 22 |
+
|
| 23 |
# Set page configuration
|
| 24 |
st.set_page_config(page_title="Student Grade Lookup", page_icon="π", layout="centered")
|
| 25 |
|
|
|
|
| 105 |
|
| 106 |
if st.button("Login with Google"):
|
| 107 |
flow = create_flow()
|
| 108 |
+
authorization_url, state = flow.authorization_url(prompt="consent")
|
| 109 |
+
st.session_state['oauth_state'] = state
|
| 110 |
+
st.session_state['oauth_state_time'] = time.time()
|
| 111 |
st.markdown(f"[Login with Google]({authorization_url})")
|
| 112 |
else:
|
| 113 |
st.title('π Student Grade Lookup')
|
|
|
|
| 189 |
def handle_callback():
|
| 190 |
flow = create_flow()
|
| 191 |
code = st.query_params.get("code")
|
| 192 |
+
state = st.query_params.get("state")
|
| 193 |
+
|
| 194 |
+
if code and state:
|
| 195 |
+
if 'oauth_state' not in st.session_state or 'oauth_state_time' not in st.session_state:
|
| 196 |
+
logging.error("OAuth state not found in session")
|
| 197 |
+
st.error("Authentication failed. Please try again.")
|
| 198 |
+
return
|
| 199 |
+
|
| 200 |
+
if time.time() - st.session_state['oauth_state_time'] > 600: # 10 minutes expiration
|
| 201 |
+
logging.error("OAuth state has expired")
|
| 202 |
+
st.error("Authentication session expired. Please try again.")
|
| 203 |
+
return
|
| 204 |
+
|
| 205 |
+
if state != st.session_state['oauth_state']:
|
| 206 |
+
logging.error("OAuth state mismatch")
|
| 207 |
+
st.error("Authentication failed. Please try again.")
|
| 208 |
+
return
|
| 209 |
+
|
| 210 |
try:
|
| 211 |
logging.debug(f"Attempting to fetch token with code: {code}")
|
| 212 |
flow.fetch_token(code=code)
|
| 213 |
credentials = flow.credentials
|
| 214 |
st.session_state['credentials'] = credentials.to_json()
|
| 215 |
logging.debug("Token fetch successful")
|
| 216 |
+
del st.session_state['oauth_state']
|
| 217 |
+
del st.session_state['oauth_state_time']
|
| 218 |
return credentials
|
| 219 |
except InvalidGrantError as e:
|
| 220 |
logging.error(f"InvalidGrantError: {str(e)}")
|
|
|
|
| 225 |
logging.error(f"Unexpected error during token fetch: {str(e)}")
|
| 226 |
st.error(f"An unexpected error occurred: {str(e)}")
|
| 227 |
else:
|
| 228 |
+
logging.warning("No authorization code or state found in the URL parameters.")
|
| 229 |
+
st.error("Authentication failed. Please try again.")
|
|
|
|
|
|
|
|
|
|
| 230 |
|
| 231 |
if __name__ == '__main__':
|
| 232 |
logging.debug("Starting the application")
|
| 233 |
+
if 'code' in st.query_params and 'state' in st.query_params:
|
| 234 |
+
logging.debug("Authorization code and state found in query parameters")
|
| 235 |
handle_callback()
|
| 236 |
st.rerun()
|
| 237 |
main()
|