X-Git-Url: https://git.mdrn.pl/django-cas-provider.git/blobdiff_plain/ee96de13f0492bc9a783cb1097621b14a84e72b7..d36533f533bc0420622298afb19c61991d48eba8:/cas_provider/views.py diff --git a/cas_provider/views.py b/cas_provider/views.py index ea72805..2e5e1f5 100644 --- a/cas_provider/views.py +++ b/cas_provider/views.py @@ -19,27 +19,27 @@ from . import signals __all__ = ['login', 'validate', 'logout'] +def _build_service_url(service, ticket): + if service.find('?') == -1: + return service + '?ticket=' + ticket.ticket + else: + return service + '&ticket=' + ticket.ticket + + def login(request, template_name='cas/login.html', success_redirect='/account/', merge=False): logging.debug('CAS Provider Login view. Method is %s, merge is %s, template is %s.', request.method, merge, template_name) + service = request.GET.get('service', None) if service is not None: + # Save the service on the session, for later use if we end up + # in one of the more complicated workflows. request.session['service'] = service - if request.user.is_authenticated(): - if service is not None: - ticket = create_service_ticket(request.user, service) - if service.find('?') == -1: - url = service + '?ticket=' + ticket.ticket - logging.debug('Redirecting to %s', url) - return HttpResponseRedirect(url) - else: - url = service + '&ticket=' + ticket.ticket - logging.debug('Redirecting to %s', url) - return HttpResponseRedirect() - else: - logging.debug('Redirecting to %s', success_redirect) - return HttpResponseRedirect(success_redirect) + + user = request.user + errors = [] + if request.method == 'POST': if merge: form = MergeLoginForm(request.POST, request=request) @@ -76,26 +76,38 @@ def login(request, template_name='cas/login.html', success_redirect='/account/', logging.debug('Redirecting to %s', url) return HttpResponseRedirect(url) - if user is not None: + if user is None: + errors.append('Incorrect username and/or password.') + else: if user.is_active: auth_login(request, user) - if service is not None: - ticket = create_service_ticket(user, service) - url = service + '?ticket=' + ticket.ticket - logging.debug('Redirecting to %s', url) - return HttpResponseRedirect(url) - else: - logging.debug('Redirecting to %s', success_redirect) - return HttpResponseRedirect(success_redirect) - else: - errors.append('This account is disabled.') - else: - errors.append('Incorrect username and/or password.') - else: + + else: # Not a POST... if merge: form = MergeLoginForm(initial={'service': service, 'email': request.GET.get('email')}) else: form = LoginForm(initial={'service': service}) + + if user is not None and user.is_authenticated(): + # We have an authenticated user. + if not user.is_active: + errors.append('This account is disabled.') + else: + if service is None: + # Normal internal success redirection. + logging.debug('Redirecting to %s', success_redirect) + return HttpResponseRedirect(success_redirect) + else: + # Create a service ticket and redirect to the service. + ticket = create_service_ticket(request.user, service) + if 'service' in request.session: + # Don't need this any more. + del request.session['service'] + + url = _build_service_url(service, ticket.ticket) + logging.debug('Redirecting to %s', url) + return HttpResponseRedirect(url) + logging.debug('Rendering response on %s, merge is %s', template_name, merge) return render_to_response(template_name, {'form': form, 'errors': errors}, context_instance=RequestContext(request)) @@ -106,7 +118,7 @@ def socialauth_login(request, template_name='cas/login.html', success_redirect=' """ user = request.user user.backend = 'django.contrib.auth.backends.ModelBackend' - if request.session.has_key('service'): + if 'service' in request.session: service = request.session['service'] del request.session['service'] else: @@ -117,13 +129,13 @@ def socialauth_login(request, template_name='cas/login.html', success_redirect=' auth_login(request, user) if service is not None: ticket = create_service_ticket(user, service) - return HttpResponseRedirect(service + '?ticket=' + ticket.ticket) + return HttpResponseRedirect(_build_service_url(service, ticket.ticket)) else: return HttpResponseRedirect(success_redirect) else: errors.append('This account is disabled.') else: - errors.append('Incorrect username and/or password.') + errors.append('Incorrect username and/or password.') return render_to_response(template_name, {'errors': errors}, context_instance=RequestContext(request)) @@ -136,6 +148,8 @@ def validate(request): ticket = ServiceTicket.objects.get(ticket=ticket_string) except ServiceTicket.DoesNotExist: logger.exception("Tried to validate with an invalid ticket %s for %s", ticket_string, service) + except Exception as e: + logger.exception('Got an exception: %s', e) else: username = ticket.user.username ticket.delete() @@ -145,6 +159,7 @@ def validate(request): logger.info('Validated %s %s', username, "(also %s)" % histories if histories else '') return HttpResponse("yes\n%s\n%s" % (username, histories)) + logger.info('Validation failed.') return HttpResponse("no\n\n")