_DEFAULTS = {
'CAS_TICKET_EXPIRATION': 5, # In minutes
- 'CAS_CHECK_SERVICE': False,
}
for key, value in _DEFAULTS.iteritems():
# TODO: check user SSO session
try:
ticket = ServiceTicket.objects.get(ticket=ticket_string)
+ assert ticket.service == service
username = ticket.user.username
ticket.delete()
return HttpResponse("yes\n%s\n" % username)
except ServiceTicket.DoesNotExist:
return _cas2_error_response(INVALID_TICKET)
- if settings.CAS_CHECK_SERVICE and ticket.service != service:
+ if ticket.service != service:
ticket.delete()
return _cas2_error_response(INVALID_SERVICE)