Revision 9f841089 snf-astakos-app/astakos/im/api.py
b/snf-astakos-app/astakos/im/api.py | ||
---|---|---|
120 | 120 |
if request.method != 'GET': |
121 | 121 |
raise BadRequest('Method not allowed.') |
122 | 122 |
location = request.GET.get('location', '') |
123 |
exclude = [] |
|
124 |
index_url = reverse('index') |
|
125 |
login_url = reverse('login') |
|
126 |
logout_url = reverse('astakos.im.views.logout') |
|
123 | 127 |
absolute = lambda (url): request.build_absolute_uri(url) |
124 |
index_url = absolute(reverse('astakos.im.views.index')) |
|
125 |
if urlparse(location).query.rfind('next=') == -1: |
|
128 |
l = index_url, login_url, logout_url |
|
129 |
forbidden = [] |
|
130 |
for url in l: |
|
131 |
url = url.rstrip('/') |
|
132 |
forbidden.extend([url, url + '/', absolute(url), absolute(url + '/')]) |
|
133 |
if location not in forbidden: |
|
126 | 134 |
index_url = '%s?next=%s' % (index_url, quote(location)) |
127 |
l = [{ 'url': index_url, 'name': "Sign in"}]
|
|
135 |
l = [{ 'url': absolute(index_url), 'name': "Sign in"}]
|
|
128 | 136 |
if request.user.is_authenticated(): |
129 | 137 |
l = [] |
130 | 138 |
l.append({ 'url': absolute(reverse('astakos.im.views.edit_profile')), |
Also available in: Unified diff