from time import time, mktime
from django.conf import settings
-from django.http import HttpResponse, HttpResponseRedirect
+from django.http import HttpResponse, HttpResponseBadRequest
from django.utils.http import urlencode
from django.utils.cache import patch_vary_headers
if not next:
response['X-Auth-User'] = user.uniq
response['X-Auth-Token'] = user.auth_token
- response.status_code = 204
+ response.content = user.uniq + '\n' + user.auth_token + '\n'
+ response.status_code = 200
else:
response['Location'] = next
response.status_code = 302
auth_token_expires = models.DateTimeField('Time of auth token expiration', auto_now_add=True)
created = models.DateTimeField('Time of creation', auto_now_add=True)
updated = models.DateTimeField('Time of last update', auto_now=True)
-
+
class Meta:
verbose_name = u'Pithos User'
-
+
def __unicode__(self):
return self.uniq
def register_shibboleth_user(tokens):
"""Registers a Shibboleth user using the input hash as a source for data."""
-
+
try:
eppn = tokens[Tokens.SHIB_EPPN]
except KeyError:
raise NoUniqueToken("Authentication does not return a unique token")
-
+
if Tokens.SHIB_DISPLAYNAME in tokens:
realname = tokens[Tokens.SHIB_DISPLAYNAME]
elif Tokens.SHIB_CN in tokens:
realname = tokens[Tokens.SHIB_NAME] + ' ' + tokens[Tokens.SHIB_SURNAME]
else:
raise NoRealName("Authentication does not return the user's name")
-
+
affiliation = tokens.get(Tokens.SHIB_EP_AFFILIATION, '')
-
+
return register_user(eppn, realname, affiliation)
# interpreted as representing official policies, either expressed
# or implied, of GRNET S.A.
-# Business Logic for working with users
+import hashlib
-from hashlib import md5
from time import asctime
from datetime import datetime, timedelta
@transaction.commit_on_success
def create_auth_token(user):
- md5 = md5()
+ md5 = hashlib.md5()
md5.update(user.uniq)
md5.update(user.realname.encode('ascii', 'ignore'))
md5.update(asctime())
-
+
user.auth_token = md5.hexdigest()
user.auth_token_created = datetime.now()
user.auth_token_expires = user.auth_token_created + \