thunderbird_accounts.authentication.views
Functions
|
Form submit for |
|
Finalize logout locally after the user confirmed the logout. |
|
Begin the OIDC logout flow without logging out the local Django session. |
|
Generates a url and redirects the user to an app initiated action that will start a flow to update their password. |
Classes
|
- thunderbird_accounts.authentication.views.start_reset_password_flow(request: HttpRequest)
Generates a url and redirects the user to an app initiated action that will start a flow to update their password.
- thunderbird_accounts.authentication.views.start_oidc_logout(request: HttpRequest)[source]
Begin the OIDC logout flow without logging out the local Django session.
We redirect the user to the OP’s logout endpoint with a post-logout redirect back to our callback. Only after the user confirms the logout do we clear the local Django session in the callback view.
- This route does not require login due to an edge case with allow lists:
The user somehow creates an account that is not on the allow list
The user logins
The user hits the PermissionDenied exception and is redirected to login
Since Keycloak is logged in, we’re immediately redirected back to Accounts
The user is once again hit with PermissionDenied.
There is now logic to send a unauthenticated user with a oidc_access_token to the logout screen (this route!)
- thunderbird_accounts.authentication.views.oidc_logout_callback(request: HttpRequest)
Finalize logout locally after the user confirmed the logout.
- thunderbird_accounts.authentication.views.bulk_import_allow_list(request: HttpRequest)
Form submit for
AdminAllowListEntryImport, will bulk import email entries.