# or implied, of GRNET S.A.
from django.http import HttpResponseBadRequest
+from django.utils.translation import ugettext as _
+from django.contrib import messages
+from django.template import RequestContext
+from django.views.decorators.http import require_http_methods
+from django.db.models import Q
+from django.core.exceptions import ValidationError
+from django.http import HttpResponseRedirect
+from django.core.urlresolvers import reverse
+from urlparse import urlunsplit, urlsplit
+from django.utils.http import urlencode
-from astakos.im.util import get_or_create_user, prepare_response
-from astakos.im.views import requires_anonymous
+from astakos.im.util import prepare_response, get_context, get_invitation
+from astakos.im.views import requires_anonymous, render_response
+from astakos.im.settings import ENABLE_LOCAL_ACCOUNT_MIGRATION, BASEURL
+
+from astakos.im.models import AstakosUser, PendingThirdPartyUser
+from astakos.im.forms import LoginForm
+from astakos.im.activation_backends import get_backend, SimpleBackend
+
+import logging
+
+logger = logging.getLogger(__name__)
class Tokens:
# these are mapped by the Shibboleth SP software
SHIB_DISPLAYNAME = "HTTP_SHIB_INETORGPERSON_DISPLAYNAME"
SHIB_EP_AFFILIATION = "HTTP_SHIB_EP_AFFILIATION"
SHIB_SESSION_ID = "HTTP_SHIB_SESSION_ID"
+ SHIB_MAIL = "HTTP_SHIB_MAIL"
+@require_http_methods(["GET", "POST"])
@requires_anonymous
-def login(request):
+def login(
+ request,
+ on_login_template='im/login.html',
+ on_signup_template='im/third_party_check_local.html',
+ extra_context=None):
+ extra_context = extra_context or {}
+
tokens = request.META
try:
return HttpResponseBadRequest("Missing user name in request")
affiliation = tokens.get(Tokens.SHIB_EP_AFFILIATION, '')
-
- user = get_or_create_user(eppn, realname=realname, affiliation=affiliation, provider='shibboleth', level=0)
- return prepare_response(request,
- user,
- request.GET.get('next'),
- 'renew' in request.GET)
+ email = tokens.get(Tokens.SHIB_MAIL, '')
+
+ try:
+ user = AstakosUser.objects.get(
+ provider='shibboleth',
+ third_party_identifier=eppn
+ )
+ if user.is_active:
+ return prepare_response(request,
+ user,
+ request.GET.get('next'),
+ 'renew' in request.GET)
+ else:
+ message = _('Inactive account')
+ messages.add_message(request, messages.ERROR, message)
+ return render_response(on_login_template,
+ login_form = LoginForm(request=request),
+ context_instance=RequestContext(request))
+ except AstakosUser.DoesNotExist, e:
+ # First time
+ try:
+ user, created = PendingThirdPartyUser.objects.get_or_create(
+ third_party_identifier=eppn,
+ provider='shibboleth',
+ defaults=dict(
+ realname=realname,
+ affiliation=affiliation,
+ email=email
+ )
+ )
+ user.save()
+ except BaseException, e:
+ logger.exception(e)
+ template = on_login_template
+ extra_context['login_form'] = LoginForm(request=request)
+ messages.error(request, _('Something went wrong.'))
+ else:
+ if not ENABLE_LOCAL_ACCOUNT_MIGRATION:
+ url = reverse(
+ 'astakos.im.target.shibboleth.signup'
+ )
+ parts = list(urlsplit(url))
+ parts[3] = urlencode({'key': user.username})
+ url = urlunsplit(parts)
+ return HttpResponseRedirect(url)
+ else:
+ template = on_signup_template
+ extra_context['key'] = user.username
+
+ extra_context['provider']='shibboleth'
+ return render_response(
+ template,
+ context_instance=get_context(request, extra_context)
+ )
+
+@require_http_methods(["GET"])
+@requires_anonymous
+def signup(request,
+ backend=None,
+ on_creation_template='im/third_party_registration.html',
+ extra_context=None
+):
+ extra_context = extra_context or {}
+ username = request.GET.get('key')
+ if not username:
+ return HttpResponseBadRequest(_('Missing key parameter.'))
+ try:
+ pending = PendingThirdPartyUser.objects.get(username=username)
+ except BaseException, e:
+ logger.exception(e)
+ return HttpResponseBadRequest(_('Invalid key.'))
+ else:
+ d = pending.__dict__
+ d.pop('_state', None)
+ d.pop('id', None)
+ user = AstakosUser(**d)
+ try:
+ backend = backend or get_backend(request)
+ except ImproperlyConfigured, e:
+ messages.error(request, e)
+ else:
+ extra_context['form'] = backend.get_signup_form(
+ provider='shibboleth',
+ instance=user
+ )
+ extra_context['provider']='shibboleth'
+ return render_response(
+ on_creation_template,
+ context_instance=get_context(request, extra_context)
+ )
\ No newline at end of file
projects / astakos / blobdiff