Revision 60de282a aai/middleware.py
b/aai/middleware.py | ||
---|---|---|
19 | 19 |
try: |
20 | 20 |
user = SynnefoUser.objects.get(auth_token = request.META[self.auth_token]) |
21 | 21 |
except SynnefoUser.DoesNotExist: |
22 |
return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
|
|
22 |
return HttpResponseRedirect(settings.LOGIN_PATH)
|
|
23 | 23 |
|
24 | 24 |
#Check user's auth token |
25 | 25 |
if (time.time() - |
26 | 26 |
time.mktime(user.auth_token_created.timetuple()) + |
27 | 27 |
settings.AUTH_TOKEN_DURATION * 3600) > 0: |
28 | 28 |
#The user's token has expired, re-login |
29 |
return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
|
|
29 |
return HttpResponseRedirect(settings.LOGIN_PATH)
|
|
30 | 30 |
|
31 | 31 |
request.user = user |
32 | 32 |
return |
... | ... | |
37 | 37 |
#SIB headers when coming from a URL whitelist, |
38 | 38 |
#or a similar form of restriction |
39 | 39 |
if request.get_host() not in settings.SHIBBOLETH_WHITELIST.keys(): |
40 |
return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
|
|
40 |
return HttpResponseRedirect(settings.LOGIN_PATH)
|
|
41 | 41 |
|
42 | 42 |
user = None |
43 | 43 |
try: |
... | ... | |
58 | 58 |
response.status_code = 302 |
59 | 59 |
return response |
60 | 60 |
else: |
61 |
return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
|
|
61 |
return HttpResponseRedirect(settings.LOGIN_PATH)
|
|
62 | 62 |
|
63 | 63 |
#User and authentication token valid, user allowed to proceed |
64 | 64 |
return |
... | ... | |
87 | 87 |
|
88 | 88 |
if settings.TEST: |
89 | 89 |
if 'TEST-AAI' in request.META: |
90 |
return HttpResponseRedirect(settings.SHIBBOLETH_HOST)
|
|
90 |
return HttpResponseRedirect(settings.LOGIN_PATH)
|
|
91 | 91 |
else: |
92 |
#No authentication info found in headers, redirect to Shibboleth |
|
93 |
return HttpResponseRedirect(settings.SHIBBOLETH_HOST) |
|
92 |
#Avoid redirect loops |
|
93 |
if 'Referer' in request.META and request.META['Referer'].endswith(settings.LOGIN_PATH): |
|
94 |
return |
|
95 |
else : |
|
96 |
#No authentication info found in headers, redirect to Shibboleth |
|
97 |
return HttpResponseRedirect(settings.LOGIN_PATH) |
|
94 | 98 |
|
95 | 99 |
def process_response(self, request, response): |
96 | 100 |
#Tell proxies and other interested parties that the |
Also available in: Unified diff