/snf-astakos-app/astakos/im/util.py - Annotate - Synnefo - Greek Research and Technology Network's projects

| Branch: | Tag: | Revision:

root / snf-astakos-app / astakos / im / util.py @ 7c3549f0

History | View | Annotate | Download (11.1 kB)

1	aba1e498	Antony Chazapis	# Copyright 2011-2012 GRNET S.A. All rights reserved.
2	5ce3ce4f	Sofia Papagiannaki	#
3	64cd4730	Antony Chazapis	# Redistribution and use in source and binary forms, with or
4	64cd4730	Antony Chazapis	# without modification, are permitted provided that the following
5	64cd4730	Antony Chazapis	# conditions are met:
6	5ce3ce4f	Sofia Papagiannaki	#
7	64cd4730	Antony Chazapis	# 1. Redistributions of source code must retain the above
8	64cd4730	Antony Chazapis	# copyright notice, this list of conditions and the following
9	64cd4730	Antony Chazapis	# disclaimer.
10	5ce3ce4f	Sofia Papagiannaki	#
11	64cd4730	Antony Chazapis	# 2. Redistributions in binary form must reproduce the above
12	64cd4730	Antony Chazapis	# copyright notice, this list of conditions and the following
13	64cd4730	Antony Chazapis	# disclaimer in the documentation and/or other materials
14	64cd4730	Antony Chazapis	# provided with the distribution.
15	5ce3ce4f	Sofia Papagiannaki	#
16	64cd4730	Antony Chazapis	# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17	64cd4730	Antony Chazapis	# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18	64cd4730	Antony Chazapis	# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19	64cd4730	Antony Chazapis	# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20	64cd4730	Antony Chazapis	# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21	64cd4730	Antony Chazapis	# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22	64cd4730	Antony Chazapis	# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23	64cd4730	Antony Chazapis	# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24	64cd4730	Antony Chazapis	# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25	64cd4730	Antony Chazapis	# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26	64cd4730	Antony Chazapis	# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27	64cd4730	Antony Chazapis	# POSSIBILITY OF SUCH DAMAGE.
28	5ce3ce4f	Sofia Papagiannaki	#
29	64cd4730	Antony Chazapis	# The views and conclusions contained in the software and
30	64cd4730	Antony Chazapis	# documentation are those of the authors and should not be
31	64cd4730	Antony Chazapis	# interpreted as representing official policies, either expressed
32	64cd4730	Antony Chazapis	# or implied, of GRNET S.A.
33	64cd4730	Antony Chazapis
34	0905ccd2	Sofia Papagiannaki	import logging
35	63ecdd20	Sofia Papagiannaki	import datetime
36	18ffbee1	Sofia Papagiannaki	import time
37	6936103e	Kostas Papadimitriou	import urllib
38	63ecdd20	Sofia Papagiannaki
39	c0b26605	Sofia Papagiannaki	from urlparse import urlparse
40	64cd4730	Antony Chazapis	from datetime import tzinfo, timedelta
41	c0b26605	Sofia Papagiannaki
42	440f7c0c	Kostas Papadimitriou	from django.http import HttpResponse, HttpResponseBadRequest, urlencode, \
43	440f7c0c	Kostas Papadimitriou	HttpResponseRedirect
44	0905ccd2	Sofia Papagiannaki	from django.template import RequestContext
45	111f3da6	Sofia Papagiannaki	from django.contrib.auth import authenticate
46	63ecdd20	Sofia Papagiannaki	from django.core.urlresolvers import reverse
47	440f7c0c	Kostas Papadimitriou	from django.shortcuts import redirect
48	9a06d96f	Olga Brani	from django.core.exceptions import ValidationError, ObjectDoesNotExist
49	ae497612	Olga Brani	from django.utils.translation import ugettext as _
50	440f7c0c	Kostas Papadimitriou	from django.core.urlresolvers import reverse
51	ae497612	Olga Brani
52	aab4d540	Sofia Papagiannaki	from astakos.im.models import AstakosUser, Invitation
53	111f3da6	Sofia Papagiannaki	from astakos.im.functions import login
54	0a7a4104	Kostas Papadimitriou	from astakos.im import settings
55	64cd4730	Antony Chazapis
56	ae497612	Olga Brani	import astakos.im.messages as astakos_messages
57	ae497612	Olga Brani
58	e015e9e6	Sofia Papagiannaki	logger = logging.getLogger(__name__)
59	e015e9e6	Sofia Papagiannaki
60	5ce3ce4f	Sofia Papagiannaki
61	64cd4730	Antony Chazapis	class UTC(tzinfo):
62	aab4d540	Sofia Papagiannaki	def utcoffset(self, dt):
63	aab4d540	Sofia Papagiannaki	return timedelta(0)
64	5ce3ce4f	Sofia Papagiannaki
65	aab4d540	Sofia Papagiannaki	def tzname(self, dt):
66	aab4d540	Sofia Papagiannaki	return 'UTC'
67	5ce3ce4f	Sofia Papagiannaki
68	aab4d540	Sofia Papagiannaki	def dst(self, dt):
69	aab4d540	Sofia Papagiannaki	return timedelta(0)
70	64cd4730	Antony Chazapis
71	5ce3ce4f	Sofia Papagiannaki
72	64cd4730	Antony Chazapis	def isoformat(d):
73	aab4d540	Sofia Papagiannaki	"""Return an ISO8601 date string that includes a timezone."""
74	5ce3ce4f	Sofia Papagiannaki
75	aab4d540	Sofia Papagiannaki	return d.replace(tzinfo=UTC()).isoformat()
76	0905ccd2	Sofia Papagiannaki
77	5ce3ce4f	Sofia Papagiannaki
78	18ffbee1	Sofia Papagiannaki	def epoch(datetime):
79	5ce3ce4f	Sofia Papagiannaki	return int(time.mktime(datetime.timetuple()) * 1000)
80	5ce3ce4f	Sofia Papagiannaki
81	18ffbee1	Sofia Papagiannaki
82	aab4d540	Sofia Papagiannaki	def get_context(request, extra_context=None, **kwargs):
83	aab4d540	Sofia Papagiannaki	extra_context = extra_context or {}
84	0905ccd2	Sofia Papagiannaki	extra_context.update(kwargs)
85	0905ccd2	Sofia Papagiannaki	return RequestContext(request, extra_context)
86	e2125441	Sofia Papagiannaki
87	5ce3ce4f	Sofia Papagiannaki
88	15efc749	Sofia Papagiannaki	def get_invitation(request):
89	15efc749	Sofia Papagiannaki	"""
90	15efc749	Sofia Papagiannaki	Returns the invitation identified by the ``code``.
91	5ce3ce4f	Sofia Papagiannaki
92	0a569195	Sofia Papagiannaki	Raises ValueError if the invitation is consumed or there is another account
93	0a569195	Sofia Papagiannaki	associated with this email.
94	15efc749	Sofia Papagiannaki	"""
95	15efc749	Sofia Papagiannaki	code = request.GET.get('code')
96	15efc749	Sofia Papagiannaki	if request.method == 'POST':
97	15efc749	Sofia Papagiannaki	code = request.POST.get('code')
98	15efc749	Sofia Papagiannaki	if not code:
99	15efc749	Sofia Papagiannaki	return
100	5ce3ce4f	Sofia Papagiannaki	invitation = Invitation.objects.get(code=code)
101	15efc749	Sofia Papagiannaki	if invitation.is_consumed:
102	ae497612	Olga Brani	raise ValueError(_(astakos_messages.INVITATION_CONSUMED_ERR))
103	0a569195	Sofia Papagiannaki	if reserved_email(invitation.username):
104	ae497612	Olga Brani	email = invitation.username
105	c0b26605	Sofia Papagiannaki	raise ValueError(_(astakos_messages.EMAIL_RESERVED) % locals())
106	63ecdd20	Sofia Papagiannaki	return invitation
107	63ecdd20	Sofia Papagiannaki
108	7c3549f0	Kostas Papadimitriou
109	217994f8	Sofia Papagiannaki	def restrict_next(url, domain=None, allowed_schemes=()):
110	217994f8	Sofia Papagiannaki	"""
111	7c3549f0	Kostas Papadimitriou	Utility method to validate that provided url is safe to be used as the
112	7c3549f0	Kostas Papadimitriou	redirect location of an http redirect response. The method parses the
113	7c3549f0	Kostas Papadimitriou	provided url and identifies if it conforms CORS against provided domain
114	7c3549f0	Kostas Papadimitriou	AND url scheme matches any of the schemes in `allowed_schemes` parameter.
115	7c3549f0	Kostas Papadimitriou	If verirication succeeds sanitized safe url is returned so you must use
116	7c3549f0	Kostas Papadimitriou	the method's response in the response location header and not the
117	7c3549f0	Kostas Papadimitriou	originally provided url. If verification fails the method returns None.
118	e5966bd9	Kostas Papadimitriou
119	217994f8	Sofia Papagiannaki	>>> print restrict_next('/im/feedback', '.okeanos.grnet.gr')
120	217994f8	Sofia Papagiannaki	/im/feedback
121	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('pithos.okeanos.grnet.gr/im/feedback',
122	7c3549f0	Kostas Papadimitriou	... '.okeanos.grnet.gr')
123	55baa300	Sofia Papagiannaki	//pithos.okeanos.grnet.gr/im/feedback
124	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('https://pithos.okeanos.grnet.gr/im/feedback',
125	7c3549f0	Kostas Papadimitriou	... '.okeanos.grnet.gr')
126	217994f8	Sofia Papagiannaki	https://pithos.okeanos.grnet.gr/im/feedback
127	1e960db7	Sofia Papagiannaki	>>> print restrict_next('pithos://127.0.0.1', '.okeanos.grnet.gr')
128	217994f8	Sofia Papagiannaki	None
129	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('pithos://127.0.0.1', '.okeanos.grnet.gr',
130	7c3549f0	Kostas Papadimitriou	... allowed_schemes=('pithos'))
131	7c3549f0	Kostas Papadimitriou	None
132	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('pithos://127.0.0.1', '127.0.0.1',
133	7c3549f0	Kostas Papadimitriou	... allowed_schemes=('pithos'))
134	7c3549f0	Kostas Papadimitriou	pithos://127.0.0.1
135	217994f8	Sofia Papagiannaki	>>> print restrict_next('node1.example.com', '.okeanos.grnet.gr')
136	217994f8	Sofia Papagiannaki	None
137	217994f8	Sofia Papagiannaki	>>> print restrict_next('//node1.example.com', '.okeanos.grnet.gr')
138	217994f8	Sofia Papagiannaki	None
139	217994f8	Sofia Papagiannaki	>>> print restrict_next('https://node1.example.com', '.okeanos.grnet.gr')
140	217994f8	Sofia Papagiannaki	None
141	217994f8	Sofia Papagiannaki	>>> print restrict_next('https://node1.example.com')
142	217994f8	Sofia Papagiannaki	https://node1.example.com
143	217994f8	Sofia Papagiannaki	>>> print restrict_next('//node1.example.com')
144	217994f8	Sofia Papagiannaki	//node1.example.com
145	217994f8	Sofia Papagiannaki	>>> print restrict_next('node1.example.com')
146	55baa300	Sofia Papagiannaki	//node1.example.com
147	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('node1.example.com', allowed_schemes=('pithos',))
148	7c3549f0	Kostas Papadimitriou	None
149	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('pithos://localhost', 'localhost',
150	7c3549f0	Kostas Papadimitriou	... allowed_schemes=('pithos',))
151	7c3549f0	Kostas Papadimitriou	pithos://localhost
152	217994f8	Sofia Papagiannaki	"""
153	217994f8	Sofia Papagiannaki	if not url:
154	7c3549f0	Kostas Papadimitriou	return None
155	7c3549f0	Kostas Papadimitriou
156	217994f8	Sofia Papagiannaki	parts = urlparse(url, scheme='http')
157	55baa300	Sofia Papagiannaki	if not parts.netloc and not parts.path.startswith('/'):
158	217994f8	Sofia Papagiannaki	# fix url if does not conforms RFC 1808
159	217994f8	Sofia Papagiannaki	url = '//%s' % url
160	217994f8	Sofia Papagiannaki	parts = urlparse(url, scheme='http')
161	7c3549f0	Kostas Papadimitriou
162	7c3549f0	Kostas Papadimitriou	if not domain and not allowed_schemes:
163	217994f8	Sofia Papagiannaki	return url
164	5ce3ce4f	Sofia Papagiannaki
165	7c3549f0	Kostas Papadimitriou	if domain:
166	7c3549f0	Kostas Papadimitriou	if not parts.netloc:
167	7c3549f0	Kostas Papadimitriou	return url
168	7c3549f0	Kostas Papadimitriou	if parts.netloc.endswith(domain):
169	7c3549f0	Kostas Papadimitriou	return url
170	7c3549f0	Kostas Papadimitriou	else:
171	7c3549f0	Kostas Papadimitriou	return None
172	7c3549f0	Kostas Papadimitriou
173	7c3549f0	Kostas Papadimitriou	if allowed_schemes:
174	7c3549f0	Kostas Papadimitriou	if parts.scheme in allowed_schemes:
175	7c3549f0	Kostas Papadimitriou	return url
176	7c3549f0	Kostas Papadimitriou
177	7c3549f0	Kostas Papadimitriou	return None
178	7c3549f0	Kostas Papadimitriou
179	7c3549f0	Kostas Papadimitriou
180	8fbf5367	root	def prepare_response(request, user, next='', renew=False):
181	63ecdd20	Sofia Papagiannaki	"""Return the unique username and the token
182	63ecdd20	Sofia Papagiannaki	as 'X-Auth-User' and 'X-Auth-Token' headers,
183	63ecdd20	Sofia Papagiannaki	or redirect to the URL provided in 'next'
184	63ecdd20	Sofia Papagiannaki	with the 'user' and 'token' as parameters.
185	5ce3ce4f	Sofia Papagiannaki
186	63ecdd20	Sofia Papagiannaki	Reissue the token even if it has not yet
187	63ecdd20	Sofia Papagiannaki	expired, if the 'renew' parameter is present
188	63ecdd20	Sofia Papagiannaki	or user has not a valid token.
189	63ecdd20	Sofia Papagiannaki	"""
190	63ecdd20	Sofia Papagiannaki	renew = renew or (not user.auth_token)
191	67920ea0	Giorgos Korfiatis	renew = renew or user.token_expired()
192	63ecdd20	Sofia Papagiannaki	if renew:
193	bf0c6de5	Sofia Papagiannaki	user.renew_token(
194	bf0c6de5	Sofia Papagiannaki	flush_sessions=True,
195	bf0c6de5	Sofia Papagiannaki	current_key=request.session.session_key
196	bf0c6de5	Sofia Papagiannaki	)
197	27e26a41	Sofia Papagiannaki	try:
198	27e26a41	Sofia Papagiannaki	user.save()
199	27e26a41	Sofia Papagiannaki	except ValidationError, e:
200	e5966bd9	Kostas Papadimitriou	return HttpResponseBadRequest(e)
201	e5966bd9	Kostas Papadimitriou
202	0a7a4104	Kostas Papadimitriou	next = restrict_next(next, domain=settings.COOKIE_DOMAIN)
203	e5966bd9	Kostas Papadimitriou
204	0a7a4104	Kostas Papadimitriou	if settings.FORCE_PROFILE_UPDATE and \
205	0a7a4104	Kostas Papadimitriou	not user.is_verified and not user.is_superuser:
206	63ecdd20	Sofia Papagiannaki	params = ''
207	63ecdd20	Sofia Papagiannaki	if next:
208	63ecdd20	Sofia Papagiannaki	params = '?' + urlencode({'next': next})
209	6ff7a7ca	Sofia Papagiannaki	next = reverse('edit_profile') + params
210	5ce3ce4f	Sofia Papagiannaki
211	63ecdd20	Sofia Papagiannaki	response = HttpResponse()
212	5ce3ce4f	Sofia Papagiannaki
213	8fbf5367	root	# authenticate before login
214	8fbf5367	root	user = authenticate(email=user.email, auth_token=user.auth_token)
215	8fbf5367	root	login(request, user)
216	b42b0987	Sofia Papagiannaki	request.session.set_expiry(user.auth_token_expires)
217	5ce3ce4f	Sofia Papagiannaki
218	63ecdd20	Sofia Papagiannaki	if not next:
219	0a7a4104	Kostas Papadimitriou	next = settings.LOGIN_SUCCESS_URL
220	e5966bd9	Kostas Papadimitriou
221	63ecdd20	Sofia Papagiannaki	response['Location'] = next
222	63ecdd20	Sofia Papagiannaki	response.status_code = 302
223	8fbf5367	root	return response
224	c301698f	Sofia Papagiannaki
225	270dd48d	Sofia Papagiannaki	class lazy_string(object):
226	270dd48d	Sofia Papagiannaki	def __init__(self, function, args, *kwargs):
227	5ce3ce4f	Sofia Papagiannaki	self.function = function
228	5ce3ce4f	Sofia Papagiannaki	self.args = args
229	5ce3ce4f	Sofia Papagiannaki	self.kwargs = kwargs
230	5ce3ce4f	Sofia Papagiannaki
231	270dd48d	Sofia Papagiannaki	def __str__(self):
232	270dd48d	Sofia Papagiannaki	if not hasattr(self, 'str'):
233	5ce3ce4f	Sofia Papagiannaki	self.str = self.function(self.args, *self.kwargs)
234	270dd48d	Sofia Papagiannaki	return self.str
235	270dd48d	Sofia Papagiannaki
236	5ce3ce4f	Sofia Papagiannaki
237	270dd48d	Sofia Papagiannaki	def reverse_lazy(args, *kwargs):
238	270dd48d	Sofia Papagiannaki	return lazy_string(reverse, args, *kwargs)
239	270dd48d	Sofia Papagiannaki
240	5ce3ce4f	Sofia Papagiannaki
241	0a569195	Sofia Papagiannaki	def reserved_email(email):
242	e5966bd9	Kostas Papadimitriou	return AstakosUser.objects.user_exists(email)
243	5ce3ce4f	Sofia Papagiannaki
244	0a569195	Sofia Papagiannaki
245	43332a76	Kostas Papadimitriou	def reserved_verified_email(email):
246	43332a76	Kostas Papadimitriou	return AstakosUser.objects.verified_user_exists(email)
247	43332a76	Kostas Papadimitriou
248	43332a76	Kostas Papadimitriou
249	0a569195	Sofia Papagiannaki	def get_query(request):
250	f627a979	Sofia Papagiannaki	try:
251	f627a979	Sofia Papagiannaki	return request.__getattribute__(request.method)
252	f627a979	Sofia Papagiannaki	except AttributeError:
253	9a06d96f	Olga Brani	return {}
254	9a06d96f	Olga Brani
255	9efcce2a	Sofia Papagiannaki	def get_properties(obj):
256	2f732a9b	Sofia Papagiannaki	def get_class_attr(_class, attr):
257	2f732a9b	Sofia Papagiannaki	try:
258	2f732a9b	Sofia Papagiannaki	return getattr(_class, attr)
259	2f732a9b	Sofia Papagiannaki	except AttributeError:
260	2f732a9b	Sofia Papagiannaki	return
261	64492c49	Kostas Papadimitriou
262	9efcce2a	Sofia Papagiannaki	return (i for i in vars(obj.__class__) \
263	2f732a9b	Sofia Papagiannaki	if isinstance(get_class_attr(obj.__class__, i), property))
264	9a06d96f	Olga Brani
265	9a06d96f	Olga Brani	def model_to_dict(obj, exclude=['AutoField', 'ForeignKey', 'OneToOneField'],
266	9a06d96f	Olga Brani	include_empty=True):
267	9a06d96f	Olga Brani	'''
268	9a06d96f	Olga Brani	serialize model object to dict with related objects
269	9a06d96f	Olga Brani
270	9a06d96f	Olga Brani	author: Vadym Zakovinko <vp@zakovinko.com>
271	9a06d96f	Olga Brani	date: January 31, 2011
272	9a06d96f	Olga Brani	http://djangosnippets.org/snippets/2342/
273	9a06d96f	Olga Brani	'''
274	9a06d96f	Olga Brani	tree = {}
275	9a06d96f	Olga Brani	for field_name in obj._meta.get_all_field_names():
276	9a06d96f	Olga Brani	try:
277	9a06d96f	Olga Brani	field = getattr(obj, field_name)
278	9a06d96f	Olga Brani	except (ObjectDoesNotExist, AttributeError):
279	9a06d96f	Olga Brani	continue
280	9a06d96f	Olga Brani
281	9a06d96f	Olga Brani	if field.__class__.__name__ in ['RelatedManager', 'ManyRelatedManager']:
282	9a06d96f	Olga Brani	if field.model.__name__ in exclude:
283	9a06d96f	Olga Brani	continue
284	9a06d96f	Olga Brani
285	9a06d96f	Olga Brani	if field.__class__.__name__ == 'ManyRelatedManager':
286	9a06d96f	Olga Brani	exclude.append(obj.__class__.__name__)
287	9a06d96f	Olga Brani	subtree = []
288	9a06d96f	Olga Brani	for related_obj in getattr(obj, field_name).all():
289	9a06d96f	Olga Brani	value = model_to_dict(related_obj, exclude=exclude)
290	9a06d96f	Olga Brani	if value or include_empty:
291	9a06d96f	Olga Brani	subtree.append(value)
292	9a06d96f	Olga Brani	if subtree or include_empty:
293	9a06d96f	Olga Brani	tree[field_name] = subtree
294	9a06d96f	Olga Brani	continue
295	9a06d96f	Olga Brani
296	9a06d96f	Olga Brani	field = obj._meta.get_field_by_name(field_name)[0]
297	9a06d96f	Olga Brani	if field.__class__.__name__ in exclude:
298	9a06d96f	Olga Brani	continue
299	9a06d96f	Olga Brani
300	9a06d96f	Olga Brani	if field.__class__.__name__ == 'RelatedObject':
301	9a06d96f	Olga Brani	exclude.append(field.model.__name__)
302	9a06d96f	Olga Brani	tree[field_name] = model_to_dict(getattr(obj, field_name),
303	9a06d96f	Olga Brani	exclude=exclude)
304	9a06d96f	Olga Brani	continue
305	9a06d96f	Olga Brani
306	9a06d96f	Olga Brani	value = getattr(obj, field_name)
307	9a06d96f	Olga Brani	if field.__class__.__name__ == 'ForeignKey':
308	9a06d96f	Olga Brani	value = unicode(value) if value is not None else value
309	9a06d96f	Olga Brani	if value or include_empty:
310	9a06d96f	Olga Brani	tree[field_name] = value
311	9efcce2a	Sofia Papagiannaki	properties = list(get_properties(obj))
312	9efcce2a	Sofia Papagiannaki	for p in properties:
313	9efcce2a	Sofia Papagiannaki	tree[p] = getattr(obj, p)
314	9efcce2a	Sofia Papagiannaki	tree['str_repr'] = obj.__str__()
315	9a06d96f	Olga Brani
316	9a06d96f	Olga Brani	return tree
317	6936103e	Kostas Papadimitriou
318	6936103e	Kostas Papadimitriou	def login_url(request):
319	6936103e	Kostas Papadimitriou	attrs = {}
320	6936103e	Kostas Papadimitriou	for attr in ['login', 'key', 'code']:
321	6936103e	Kostas Papadimitriou	val = request.REQUEST.get(attr, None)
322	6936103e	Kostas Papadimitriou	if val:
323	6936103e	Kostas Papadimitriou	attrs[attr] = val
324	6936103e	Kostas Papadimitriou	return "%s?%s" % (reverse('login'), urllib.urlencode(attrs))
325	440f7c0c	Kostas Papadimitriou
326	440f7c0c	Kostas Papadimitriou
327	440f7c0c	Kostas Papadimitriou	def redirect_back(request, default='index'):
328	440f7c0c	Kostas Papadimitriou	"""
329	440f7c0c	Kostas Papadimitriou	Redirect back to referer if safe and possible.
330	440f7c0c	Kostas Papadimitriou	"""
331	440f7c0c	Kostas Papadimitriou	referer = request.META.get('HTTP_REFERER')
332	440f7c0c	Kostas Papadimitriou
333	fb9ba8d5	Kostas Papadimitriou	safedomain = settings.BASE_URL.replace("https://", "").replace(
334	440f7c0c	Kostas Papadimitriou	"http://", "")
335	440f7c0c	Kostas Papadimitriou	safe = restrict_next(referer, safedomain)
336	440f7c0c	Kostas Papadimitriou	# avoid redirect loop
337	440f7c0c	Kostas Papadimitriou	loops = referer == request.get_full_path()
338	440f7c0c	Kostas Papadimitriou	if referer and safe and not loops:
339	440f7c0c	Kostas Papadimitriou	return redirect(referer)
340	440f7c0c	Kostas Papadimitriou	return redirect(reverse(default))