Revision 9f841089 snf-astakos-app/astakos/im/api.py
| b/snf-astakos-app/astakos/im/api.py | ||
|---|---|---|
| 120 | 120 |
if request.method != 'GET': |
| 121 | 121 |
raise BadRequest('Method not allowed.')
|
| 122 | 122 |
location = request.GET.get('location', '')
|
| 123 |
exclude = [] |
|
| 124 |
index_url = reverse('index')
|
|
| 125 |
login_url = reverse('login')
|
|
| 126 |
logout_url = reverse('astakos.im.views.logout')
|
|
| 123 | 127 |
absolute = lambda (url): request.build_absolute_uri(url) |
| 124 |
index_url = absolute(reverse('astakos.im.views.index'))
|
|
| 125 |
if urlparse(location).query.rfind('next=') == -1:
|
|
| 128 |
l = index_url, login_url, logout_url |
|
| 129 |
forbidden = [] |
|
| 130 |
for url in l: |
|
| 131 |
url = url.rstrip('/')
|
|
| 132 |
forbidden.extend([url, url + '/', absolute(url), absolute(url + '/')]) |
|
| 133 |
if location not in forbidden: |
|
| 126 | 134 |
index_url = '%s?next=%s' % (index_url, quote(location)) |
| 127 |
l = [{ 'url': index_url, 'name': "Sign in"}]
|
|
| 135 |
l = [{ 'url': absolute(index_url), 'name': "Sign in"}]
|
|
| 128 | 136 |
if request.user.is_authenticated(): |
| 129 | 137 |
l = [] |
| 130 | 138 |
l.append({ 'url': absolute(reverse('astakos.im.views.edit_profile')),
|
Also available in: Unified diff