Revision 65dad30c

b/snf-astakos-app/astakos/im/views/target/redirect.py
42 42 

  		





  43
  43
  
    
from urlparse import urlunsplit, urlsplit, parse_qsl


  		





  44
  44
  
    

  		





  45
  
  
    
from astakos.im import settings


  		





  46
  45
  
    
from astakos.im.util import restrict_next


  		





  47
  46
  
    
from astakos.im.functions import login as auth_login, logout


  		





  48
  47
  
    
from astakos.im.views.decorators import cookie_fix


  		





  ......




  54
  53
  
    
logger = logging.getLogger(__name__)


  		





  55
  54
  
    

  		





  56
  55
  
    

  		





  57
  
  
    
@require_http_methods(["GET", "POST"])


  		





  
  56
  
    
@require_http_methods(["GET"])


  		





  58
  57
  
    
@cookie_fix


  		





  59
  58
  
    
def login(request):


  		





  60
  59
  
    
    """


  		





  ......




  63
  62
  
    
    If the request user is authenticated and has signed the approval terms,


  		





  64
  63
  
    
    redirects to `next` request parameter. If not, redirects to approval terms


  		





  65
  64
  
    
    in order to return back here after agreeing with the terms.


  		





  66
  
  
    
    Otherwise, redirects to login in order to return back here after successful login.


  		





  
  65
  
    
    Otherwise, redirects to login in order to return back here after successful


  		





  
  66
  
    
    login.


  		





  67
  67
  
    
    """


  		





  68
  68
  
    
    next = request.GET.get('next')


  		





  69
  69
  
    
    if not next:


  		





  70
  70
  
    
        next = reverse('index')


  		





  71
  71
  
    

  		





  72
  
  
    
    if not restrict_next(


  		





  73
  
  
    
        next, domain=settings.COOKIE_DOMAIN, allowed_schemes=('pithos',)


  		





  74
  
  
    
    ):


  		





  75
  
  
    
        return HttpResponseForbidden(_(astakos_messages.NOT_ALLOWED_NEXT_PARAM))


  		





  
  72
  
    
    if not restrict_next(next, allowed_schemes=('pithos',)):


  		





  
  73
  
    
        return HttpResponseForbidden(_(


  		





  
  74
  
    
            astakos_messages.NOT_ALLOWED_NEXT_PARAM))


  		





  76
  75
  
    
    force = request.GET.get('force', None)


  		





  77
  76
  
    
    response = HttpResponse()


  		





  78
  77
  
    
    if force == '' and request.user.is_authenticated():


  		





  ......




  85
  84
  
    
            # first build next parameter


  		





  86
  85
  
    
            parts = list(urlsplit(request.build_absolute_uri()))


  		





  87
  86
  
    
            params = dict(parse_qsl(parts[3], keep_blank_values=True))


  		





  88
  
  
    
            # delete force parameter


  		





  89
  87
  
    
            parts[3] = urlencode(params)


  		





  90
  88
  
    
            next = urlunsplit(parts)


  		





  91
  89
  
    

  		





  ......




  143
  141
  
    
        response['Location'] = url


  		





  144
  142
  
    
        response.status_code = 302


  		





  145
  143
  
    
        return response


  		





  146
  
  
    

  		












Also available in:
  Unified diff