feat: add more control on messaging

Use the `GOOGLE_SSO_ENABLE_LOGS` to enable/disable logs. Logs now will show all info send to django messages. Use the `GOOGLE_SSO_ENABLE_MESSAGES` to enable/disable django messages.
megalus · Apr 23, 2024 · c718030 · c718030
1 parent c2fcf59
commit c718030
Show file tree

Hide file tree

Showing 6 changed files with 57 additions and 12 deletions.
diff --git a/django_google_sso/conf.py b/django_google_sso/conf.py
@@ -1,4 +1,5 @@
 from django.conf import settings
+from loguru import logger
 
 GOOGLE_SSO_CLIENT_ID = getattr(settings, "GOOGLE_SSO_CLIENT_ID", None)
 
@@ -60,4 +61,12 @@
 SSO_USE_ALTERNATE_W003 = getattr(settings, "SSO_USE_ALTERNATE_W003", False)
 
 if SSO_USE_ALTERNATE_W003:
-    from django_microsoft_sso.checks.warnings import register_sso_check  # noqa
+    from django_google_sso.checks.warnings import register_sso_check  # noqa
+
+GOOGLE_SSO_ENABLE_LOGS = getattr(settings, "GOOGLE_SSO_ENABLE_LOGS", True)
+GOOGLE_SSO_ENABLE_MESSAGES = getattr(settings, "GOOGLE_SSO_ENABLE_MESSAGES", True)
+
+if GOOGLE_SSO_ENABLE_LOGS:
+    logger.enable("django_google_sso")
+else:
+    logger.disable("django_google_sso")
diff --git a/django_google_sso/utils.py b/django_google_sso/utils.py
@@ -0,0 +1,15 @@
+from django.contrib import messages
+from loguru import logger
+
+from django_google_sso import conf
+
+
+def send_message(request, message, level: str = "error"):
+    getattr(logger, level.lower())(message)
+    if conf.GOOGLE_SSO_ENABLE_MESSAGES:
+        messages.add_message(request, getattr(messages, level.upper()), message)
+
+
+def show_credential(credential):
+    credential = str(credential)
+    return f"{credential[:5]}...{credential[-5:]}"
diff --git a/django_google_sso/views.py b/django_google_sso/views.py
@@ -1,15 +1,16 @@
 import importlib
 from urllib.parse import urlparse
 
-from django.contrib import messages
 from django.contrib.auth import login
 from django.http import HttpRequest, HttpResponseRedirect
 from django.urls import reverse
 from django.utils.translation import gettext_lazy as _
 from django.views.decorators.http import require_http_methods
+from loguru import logger
 
 from django_google_sso import conf
 from django_google_sso.main import GoogleAuth, UserHelper
+from django_google_sso.utils import send_message, show_credential
 
 
 @require_http_methods(["GET"])
@@ -51,31 +52,37 @@ def callback(request: HttpRequest) -> HttpResponseRedirect:
 
     # Check if Google SSO is enabled
     if not conf.GOOGLE_SSO_ENABLED:
-        messages.add_message(request, messages.ERROR, _("Google SSO not enabled."))
+        send_message(request, _("Google SSO not enabled."))
         return HttpResponseRedirect(login_failed_url)
 
     # First, check for authorization code
     if not code:
-        messages.add_message(
-            request, messages.ERROR, _("Authorization Code not received from SSO.")
-        )
+        send_message(request, _("Authorization Code not received from SSO."))
         return HttpResponseRedirect(login_failed_url)
 
     # Then, check state.
     request_state = request.session.get("sso_state")
     next_url = request.session.get("sso_next_url")
 
     if not request_state or state != request_state:
-        messages.add_message(
-            request, messages.ERROR, _("State Mismatch. Time expired?")
-        )
+        send_message(request, _("State Mismatch. Time expired?"))
         return HttpResponseRedirect(login_failed_url)
 
     # Get Access Token from Google
     try:
         google.flow.fetch_token(code=code)
     except Exception as error:
-        messages.add_message(request, messages.ERROR, str(error))
+        send_message(request, _(f"Error while fetching token from SSO: {error}."))
+        logger.debug(
+            f"GOOGLE_SSO_CLIENT_ID: {show_credential(conf.GOOGLE_SSO_CLIENT_ID)}"
+        )
+        logger.debug(
+            f"GOOGLE_SSO_PROJECT_ID: {show_credential(conf.GOOGLE_SSO_PROJECT_ID)}"
+        )
+        logger.debug(
+            f"GOOGLE_SSO_CLIENT_SECRET: "
+            f"{show_credential(conf.GOOGLE_SSO_CLIENT_SECRET)}"
+        )
         return HttpResponseRedirect(login_failed_url)
 
     # Get User Info from Google
@@ -84,9 +91,8 @@ def callback(request: HttpRequest) -> HttpResponseRedirect:
 
     # Check if User Info is valid to login
     if not user_helper.email_is_valid:
-        messages.add_message(
+        send_message(
             request,
-            messages.ERROR,
             _(
                 f"Email address not allowed: {user_helper.user_email}. "
                 f"Please contact your administrator."

diff --git a/docs/settings.md b/docs/settings.md
@@ -11,6 +11,8 @@
 | `GOOGLE_SSO_CLIENT_ID`                   | The Google OAuth 2.0 Web Application Client ID. Default: `None`                                                                                                                    |
 | `GOOGLE_SSO_CLIENT_SECRET`               | The Google OAuth 2.0 Web Application Client Secret. Default: `None`                                                                                                                |
 | `GOOGLE_SSO_DEFAULT_LOCALE`              | Default code for Google locale. Default: `en`                                                                                                                                      |
+| `GOOGLE_SSO_ENABLE_LOGS`                 | Show Logs from the library. Default: `True`                                                                                                                                        |
+| `GOOGLE_SSO_ENABLE_MESSAGES`             | Show Messages using Django Messages Framework. Default: `True`                                                                                                                     |
 | `GOOGLE_SSO_ENABLED`                     | Enable or disable the plugin. Default: `True`                                                                                                                                      |
 | `GOOGLE_SSO_LOGIN_FAILED_URL`            | The named url path that the user will be redirected to if an authentication error is encountered. Default: `admin:index`                                                           |
 | `GOOGLE_SSO_LOGO_URL`                    | The URL of the logo to be used on the login button. Default: `https://upload.wikimedia.org/wikipedia/commons/thumb/5/53/Google_%22G%22_Logo.svg/512px-Google_%22G%22_Logo.svg.png` |

diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md
@@ -23,6 +23,13 @@
     Middleware, for example). Please check the [Example App](https://github.com/megalus/django-google-sso/tree/main/example_google_app)
     for more details.
 
+??? question "My callback URL is http://example.com/google_sso/callback/ but my project is running at http://localhost:8000"
+    This error occurs because your Project is using the Django Sites Framework and the current site is not configured correctly.
+    Please make sure that the current site is configured for your needs or, alternatively, use the `GOOGLE_SSO_CALLBACK_DOMAIN` setting.
+
+??? question "There's too much information on logs and messages from this app."
+    You can disable the logs using the `GOOGLE_SSO_ENABLE_LOGS` setting and the messages using the `GOOGLE_SSO_ENABLE_MESSAGES` setting.
+
 ### Example App
 
 To test this library please check the `Example App` provided [here](https://github.com/megalus/django-google-sso/tree/main/example_google_app).

diff --git a/example_google_app/settings.py b/example_google_app/settings.py
@@ -218,3 +218,9 @@
 
 # Uncomment to hide the login form on admin page
 SSO_SHOW_FORM_ON_ADMIN_PAGE = False  # default: True
+
+# Optional: Disable Logs
+# GOOGLE_SSO_ENABLE_LOGS = False
+
+# Optional: Disable Django Messages
+# GOOGLE_SSO_ENABLE_MESSAGES = False