1 from django.conf import settings
2 from django.contrib.auth import login as auth_login, \
4 from django.http import HttpResponse, HttpResponseRedirect
5 from django.shortcuts import render_to_response
6 from django.template import RequestContext
7 from forms import LoginForm
8 from models import ServiceTicket, LoginTicket
11 __all__ = ['login', 'validate', 'logout', 'service_validate']
19 (INVALID_TICKET, u'The provided ticket is invalid.'),
20 (INVALID_SERVICE, u'Service is invalid'),
21 (INVALID_REQUEST, u'Not all required parameters were sent.'),
25 def login(request, template_name='cas/login.html', \
26 success_redirect=settings.LOGIN_REDIRECT_URL,
27 warn_template_name='cas/warn.html'):
28 service = request.GET.get('service', None)
29 if request.user.is_authenticated():
30 if service is not None:
31 if request.GET.get('warn', False):
32 return render_to_response(warn_template_name, {
35 }, context_instance=RequestContext(request))
36 ticket = ServiceTicket.objects.create(service=service, user=request.user)
37 return HttpResponseRedirect(ticket.get_redirect_url())
39 return HttpResponseRedirect(success_redirect)
40 if request.method == 'POST':
41 form = LoginForm(request.POST)
43 user = form.get_user()
44 auth_login(request, user)
45 service = form.cleaned_data.get('service')
46 if service is not None:
47 ticket = ServiceTicket.objects.create(service=service, user=user)
48 success_redirect = ticket.get_redirect_url()
49 return HttpResponseRedirect(success_redirect)
51 form = LoginForm(initial={
53 'lt': LoginTicket.objects.create()
55 return render_to_response(template_name, {
57 'errors': form.get_errors()
58 }, context_instance=RequestContext(request))
61 def validate(request):
62 """Validate ticket via CAS v.1 protocol"""
63 service = request.GET.get('service', None)
64 ticket_string = request.GET.get('ticket', None)
65 if service is not None and ticket_string is not None:
67 ticket = ServiceTicket.objects.get(ticket=ticket_string)
68 username = ticket.user.username
70 return HttpResponse("yes\n%s\n" % username)
73 return HttpResponse("no\n\n")
76 def logout(request, template_name='cas/logout.html'):
77 url = request.GET.get('url', None)
79 return render_to_response(template_name, {'url': url}, \
80 context_instance=RequestContext(request))
83 def service_validate(request):
84 """Validate ticket via CAS v.2 protocol"""
85 service = request.GET.get('service', None)
86 ticket_string = request.GET.get('ticket', None)
87 if service is None or ticket_string is None:
88 return _cas2_error_response(INVALID_REQUEST)
91 ticket = ServiceTicket.objects.get(ticket=ticket_string)
92 except ServiceTicket.DoesNotExist:
93 return _cas2_error_response(INVALID_TICKET)
95 if settings.CAS_CHECK_SERVICE and ticket.service != service:
97 return _cas2_error_response(INVALID_SERVICE)
99 username = ticket.user.username
101 return _cas2_sucess_response(username)
104 def _cas2_error_response(code):
105 return HttpResponse(u''''<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
106 <cas:authenticationFailure code="%(code)s">
108 </cas:authenticationFailure>
109 </cas:serviceResponse>''' % {
111 'message': dict(ERROR_MESSAGES).get(code)
112 }, mimetype='text/xml')
115 def _cas2_sucess_response(username):
116 return HttpResponse(u'''<cas:serviceResponse xmlns:cas="http://www.yale.edu/tp/cas">
117 <cas:authenticationSuccess>
118 <cas:user>%(username)s</cas:user>
119 </cas:authenticationSuccess>
120 </cas:serviceResponse>''' % {'username': username}, mimetype='text/xml')