thunderbird_accounts.authentication.views
Functions
|
Form submit for |
|
Finalize logout locally after the user confirmed the logout. |
|
POST endpoint for the Accounts hosted sign up form. |
|
Begin the OIDC logout flow without logging out the local Django session. |
|
Generates a url and redirects the user to an app initiated action that will start a flow to update their password. |
Classes
|
- thunderbird_accounts.authentication.views.start_reset_password_flow(request: HttpRequest)
Generates a url and redirects the user to an app initiated action that will start a flow to update their password.
- thunderbird_accounts.authentication.views.start_oidc_logout(request: HttpRequest)[source]
Begin the OIDC logout flow without logging out the local Django session.
We redirect the user to the OP’s logout endpoint with a post-logout redirect back to our callback. Only after the user confirms the logout do we clear the local Django session in the callback view.
- This route does not require login due to an edge case with allow lists:
The user somehow creates an account that is not on the allow list
The user logins
The user hits the PermissionDenied exception and is redirected to login
Since Keycloak is logged in, we’re immediately redirected back to Accounts
The user is once again hit with PermissionDenied.
There is now logic to send a unauthenticated user with a oidc_access_token to the logout screen (this route!)
- thunderbird_accounts.authentication.views.oidc_logout_callback(request: HttpRequest)
Finalize logout locally after the user confirmed the logout.
- thunderbird_accounts.authentication.views.sign_up(request: HttpRequest)
POST endpoint for the Accounts hosted sign up form. The frontend files technically live in Keycloak’s vue app but are imported by Accounts so we can call this endpoint. (See `https://pro-services-docs.thunderbird.net/en/latest/sign-up.html`_ for more details.)
We create the Keycloak user and attach its uuid to the local Account’s user object. We only create the local Accounts user object if the Keycloak user object was successfully created.
- thunderbird_accounts.authentication.views.bulk_import_allow_list(request: HttpRequest)
Form submit for
AdminAllowListEntryImport, will bulk import email entries.