+++ /dev/null
-"""CAS login/logout replacement views"""
-
-from urllib import urlencode
-from urlparse import urljoin
-
-from django.http import get_host, HttpResponseRedirect, HttpResponseForbidden
-from django.conf import settings
-from django.contrib.auth import REDIRECT_FIELD_NAME
-
-__all__ = ['login', 'logout']
-
-def _service_url(request, redirect_to = None):
- """Generates application service URL for CAS"""
-
- protocol = ('http://', 'https://')[request.is_secure()]
- host = get_host(request)
- service = protocol + host + request.path
- if redirect_to:
- if '?' in service:
- service += '&'
- else:
- service += '?'
- service += urlencode({REDIRECT_FIELD_NAME: redirect_to.encode('utf-8')})
- return service
-
-
-def _redirect_url(request):
- """Redirects to referring page, or CAS_REDIRECT_URL if no referrer is
- set.
- """
-
- next = request.GET.get(REDIRECT_FIELD_NAME)
- if not next:
- if settings.CAS_IGNORE_REFERER:
- next = settings.CAS_REDIRECT_URL
- else:
- next = request.META.get('HTTP_REFERER', settings.CAS_REDIRECT_URL)
- prefix = (('http://', 'https://')[request.is_secure()] +
- get_host(request))
- if next.startswith(prefix):
- next = next[len(prefix):]
- return next
-
-
-def _login_url(service):
- """Generates CAS login URL"""
-
- params = {'service': service}
- if settings.CAS_EXTRA_LOGIN_PARAMS:
- params.update(settings.CAS_EXTRA_LOGIN_PARAMS)
- return urljoin(settings.CAS_SERVER_URL, 'login') + '?' + urlencode(params)
-
-
-def _logout_url(request, next_page = None):
- """Generates CAS logout URL"""
-
- url = urljoin(settings.CAS_SERVER_URL, 'logout')
- if next_page:
- protocol = ('http://', 'https://')[request.is_secure()]
- host = get_host(request)
- url += '?' + urlencode({'url': protocol + host + next_page})
- return url
-
-
-def login(request, next_page = None, required = False):
- """Forwards to CAS login URL or verifies CAS ticket"""
-
- print "LOGIN original NEXT_PAGE:", next_page
- print request.GET
- if not next_page:
- next_page = _redirect_url(request)
- print "LOGIN redirect NEXT_PAGE:", next_page
-
- if request.user.is_authenticated():
- message = "You are logged in as %s." % request.user.username
- request.user.message_set.create(message = message)
- return HttpResponseRedirect(next_page)
- ticket = request.GET.get('ticket')
- service = _service_url(request, next_page)
- print "TICKET: ", ticket
- print "SERVICE: ", service
- if ticket:
- from django.contrib import auth
- user = auth.authenticate(ticket = ticket, service = service)
- if user is not None:
- auth.login(request, user)
- name = user.first_name or user.username
- message = "Login succeeded. Welcome, %s." % name
- user.message_set.create(message = message)
- return HttpResponseRedirect(next_page)
- elif settings.CAS_RETRY_LOGIN or required:
- return HttpResponseRedirect(_login_url(service))
- else:
- error = "<h1>Forbidden</h1><p>Login failed.</p>"
- return HttpResponseForbidden(error)
-
- else:
- return HttpResponseRedirect(_login_url(service))
-
-
-def logout(request, next_page = None):
- """Redirects to CAS logout page"""
-
- from django.contrib.auth import logout
- logout(request)
- if not next_page:
- next_page = _redirect_url(request)
- if settings.CAS_LOGOUT_COMPLETELY:
- return HttpResponseRedirect(_logout_url(request, next_page))
- else:
- return HttpResponseRedirect(next_page)
fnp / redakcja.git / blobdiff