/snf-astakos-app/astakos/im/util.py - Annotate - Synnefo - Greek Research and Technology Network's projects

| Branch: | Tag: | Revision:

root / snf-astakos-app / astakos / im / util.py @ cbc7a32c

History | View | Annotate | Download (11.1 kB)

1	aba1e498	Antony Chazapis	# Copyright 2011-2012 GRNET S.A. All rights reserved.
2	5ce3ce4f	Sofia Papagiannaki	#
3	64cd4730	Antony Chazapis	# Redistribution and use in source and binary forms, with or
4	64cd4730	Antony Chazapis	# without modification, are permitted provided that the following
5	64cd4730	Antony Chazapis	# conditions are met:
6	5ce3ce4f	Sofia Papagiannaki	#
7	64cd4730	Antony Chazapis	# 1. Redistributions of source code must retain the above
8	64cd4730	Antony Chazapis	# copyright notice, this list of conditions and the following
9	64cd4730	Antony Chazapis	# disclaimer.
10	5ce3ce4f	Sofia Papagiannaki	#
11	64cd4730	Antony Chazapis	# 2. Redistributions in binary form must reproduce the above
12	64cd4730	Antony Chazapis	# copyright notice, this list of conditions and the following
13	64cd4730	Antony Chazapis	# disclaimer in the documentation and/or other materials
14	64cd4730	Antony Chazapis	# provided with the distribution.
15	5ce3ce4f	Sofia Papagiannaki	#
16	64cd4730	Antony Chazapis	# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
17	64cd4730	Antony Chazapis	# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
18	64cd4730	Antony Chazapis	# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
19	64cd4730	Antony Chazapis	# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
20	64cd4730	Antony Chazapis	# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
21	64cd4730	Antony Chazapis	# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
22	64cd4730	Antony Chazapis	# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
23	64cd4730	Antony Chazapis	# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
24	64cd4730	Antony Chazapis	# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25	64cd4730	Antony Chazapis	# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
26	64cd4730	Antony Chazapis	# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27	64cd4730	Antony Chazapis	# POSSIBILITY OF SUCH DAMAGE.
28	5ce3ce4f	Sofia Papagiannaki	#
29	64cd4730	Antony Chazapis	# The views and conclusions contained in the software and
30	64cd4730	Antony Chazapis	# documentation are those of the authors and should not be
31	64cd4730	Antony Chazapis	# interpreted as representing official policies, either expressed
32	64cd4730	Antony Chazapis	# or implied, of GRNET S.A.
33	64cd4730	Antony Chazapis
34	0905ccd2	Sofia Papagiannaki	import logging
35	63ecdd20	Sofia Papagiannaki	import datetime
36	18ffbee1	Sofia Papagiannaki	import time
37	6936103e	Kostas Papadimitriou	import urllib
38	63ecdd20	Sofia Papagiannaki
39	c0b26605	Sofia Papagiannaki	from urlparse import urlparse
40	64cd4730	Antony Chazapis	from datetime import tzinfo, timedelta
41	c0b26605	Sofia Papagiannaki
42	440f7c0c	Kostas Papadimitriou	from django.http import HttpResponse, HttpResponseBadRequest, urlencode, \
43	440f7c0c	Kostas Papadimitriou	HttpResponseRedirect
44	0905ccd2	Sofia Papagiannaki	from django.template import RequestContext
45	111f3da6	Sofia Papagiannaki	from django.contrib.auth import authenticate
46	63ecdd20	Sofia Papagiannaki	from django.core.urlresolvers import reverse
47	440f7c0c	Kostas Papadimitriou	from django.shortcuts import redirect
48	9a06d96f	Olga Brani	from django.core.exceptions import ValidationError, ObjectDoesNotExist
49	ae497612	Olga Brani	from django.utils.translation import ugettext as _
50	440f7c0c	Kostas Papadimitriou	from django.core.urlresolvers import reverse
51	ae497612	Olga Brani
52	aab4d540	Sofia Papagiannaki	from astakos.im.models import AstakosUser, Invitation
53	111f3da6	Sofia Papagiannaki	from astakos.im.functions import login
54	0a7a4104	Kostas Papadimitriou	from astakos.im import settings
55	64cd4730	Antony Chazapis
56	ae497612	Olga Brani	import astakos.im.messages as astakos_messages
57	ae497612	Olga Brani
58	e015e9e6	Sofia Papagiannaki	logger = logging.getLogger(__name__)
59	e015e9e6	Sofia Papagiannaki
60	5ce3ce4f	Sofia Papagiannaki
61	64cd4730	Antony Chazapis	class UTC(tzinfo):
62	aab4d540	Sofia Papagiannaki	def utcoffset(self, dt):
63	aab4d540	Sofia Papagiannaki	return timedelta(0)
64	5ce3ce4f	Sofia Papagiannaki
65	aab4d540	Sofia Papagiannaki	def tzname(self, dt):
66	aab4d540	Sofia Papagiannaki	return 'UTC'
67	5ce3ce4f	Sofia Papagiannaki
68	aab4d540	Sofia Papagiannaki	def dst(self, dt):
69	aab4d540	Sofia Papagiannaki	return timedelta(0)
70	64cd4730	Antony Chazapis
71	5ce3ce4f	Sofia Papagiannaki
72	64cd4730	Antony Chazapis	def isoformat(d):
73	aab4d540	Sofia Papagiannaki	"""Return an ISO8601 date string that includes a timezone."""
74	5ce3ce4f	Sofia Papagiannaki
75	aab4d540	Sofia Papagiannaki	return d.replace(tzinfo=UTC()).isoformat()
76	0905ccd2	Sofia Papagiannaki
77	5ce3ce4f	Sofia Papagiannaki
78	18ffbee1	Sofia Papagiannaki	def epoch(datetime):
79	5ce3ce4f	Sofia Papagiannaki	return int(time.mktime(datetime.timetuple()) * 1000)
80	5ce3ce4f	Sofia Papagiannaki
81	18ffbee1	Sofia Papagiannaki
82	aab4d540	Sofia Papagiannaki	def get_context(request, extra_context=None, **kwargs):
83	aab4d540	Sofia Papagiannaki	extra_context = extra_context or {}
84	0905ccd2	Sofia Papagiannaki	extra_context.update(kwargs)
85	0905ccd2	Sofia Papagiannaki	return RequestContext(request, extra_context)
86	e2125441	Sofia Papagiannaki
87	5ce3ce4f	Sofia Papagiannaki
88	15efc749	Sofia Papagiannaki	def get_invitation(request):
89	15efc749	Sofia Papagiannaki	"""
90	15efc749	Sofia Papagiannaki	Returns the invitation identified by the ``code``.
91	5ce3ce4f	Sofia Papagiannaki
92	0a569195	Sofia Papagiannaki	Raises ValueError if the invitation is consumed or there is another account
93	0a569195	Sofia Papagiannaki	associated with this email.
94	15efc749	Sofia Papagiannaki	"""
95	15efc749	Sofia Papagiannaki	code = request.GET.get('code')
96	15efc749	Sofia Papagiannaki	if request.method == 'POST':
97	15efc749	Sofia Papagiannaki	code = request.POST.get('code')
98	15efc749	Sofia Papagiannaki	if not code:
99	15efc749	Sofia Papagiannaki	return
100	5ce3ce4f	Sofia Papagiannaki	invitation = Invitation.objects.get(code=code)
101	15efc749	Sofia Papagiannaki	if invitation.is_consumed:
102	ae497612	Olga Brani	raise ValueError(_(astakos_messages.INVITATION_CONSUMED_ERR))
103	0a569195	Sofia Papagiannaki	if reserved_email(invitation.username):
104	ae497612	Olga Brani	email = invitation.username
105	c0b26605	Sofia Papagiannaki	raise ValueError(_(astakos_messages.EMAIL_RESERVED) % locals())
106	63ecdd20	Sofia Papagiannaki	return invitation
107	63ecdd20	Sofia Papagiannaki
108	7c3549f0	Kostas Papadimitriou
109	217994f8	Sofia Papagiannaki	def restrict_next(url, domain=None, allowed_schemes=()):
110	217994f8	Sofia Papagiannaki	"""
111	7c3549f0	Kostas Papadimitriou	Utility method to validate that provided url is safe to be used as the
112	7c3549f0	Kostas Papadimitriou	redirect location of an http redirect response. The method parses the
113	7c3549f0	Kostas Papadimitriou	provided url and identifies if it conforms CORS against provided domain
114	7c3549f0	Kostas Papadimitriou	AND url scheme matches any of the schemes in `allowed_schemes` parameter.
115	5b65fb47	Kostas Papadimitriou	If verirication succeeds sanitized safe url is returned. Consider using
116	5b65fb47	Kostas Papadimitriou	the method's result in the response location header and not the originally
117	5b65fb47	Kostas Papadimitriou	provided url. If verification fails the method returns None.
118	e5966bd9	Kostas Papadimitriou
119	217994f8	Sofia Papagiannaki	>>> print restrict_next('/im/feedback', '.okeanos.grnet.gr')
120	217994f8	Sofia Papagiannaki	/im/feedback
121	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('pithos.okeanos.grnet.gr/im/feedback',
122	7c3549f0	Kostas Papadimitriou	... '.okeanos.grnet.gr')
123	55baa300	Sofia Papagiannaki	//pithos.okeanos.grnet.gr/im/feedback
124	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('https://pithos.okeanos.grnet.gr/im/feedback',
125	7c3549f0	Kostas Papadimitriou	... '.okeanos.grnet.gr')
126	217994f8	Sofia Papagiannaki	https://pithos.okeanos.grnet.gr/im/feedback
127	1e960db7	Sofia Papagiannaki	>>> print restrict_next('pithos://127.0.0.1', '.okeanos.grnet.gr')
128	217994f8	Sofia Papagiannaki	None
129	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('pithos://127.0.0.1', '.okeanos.grnet.gr',
130	7c3549f0	Kostas Papadimitriou	... allowed_schemes=('pithos'))
131	7c3549f0	Kostas Papadimitriou	None
132	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('pithos://127.0.0.1', '127.0.0.1',
133	7c3549f0	Kostas Papadimitriou	... allowed_schemes=('pithos'))
134	7c3549f0	Kostas Papadimitriou	pithos://127.0.0.1
135	217994f8	Sofia Papagiannaki	>>> print restrict_next('node1.example.com', '.okeanos.grnet.gr')
136	217994f8	Sofia Papagiannaki	None
137	217994f8	Sofia Papagiannaki	>>> print restrict_next('//node1.example.com', '.okeanos.grnet.gr')
138	217994f8	Sofia Papagiannaki	None
139	217994f8	Sofia Papagiannaki	>>> print restrict_next('https://node1.example.com', '.okeanos.grnet.gr')
140	217994f8	Sofia Papagiannaki	None
141	217994f8	Sofia Papagiannaki	>>> print restrict_next('https://node1.example.com')
142	217994f8	Sofia Papagiannaki	https://node1.example.com
143	217994f8	Sofia Papagiannaki	>>> print restrict_next('//node1.example.com')
144	217994f8	Sofia Papagiannaki	//node1.example.com
145	217994f8	Sofia Papagiannaki	>>> print restrict_next('node1.example.com')
146	55baa300	Sofia Papagiannaki	//node1.example.com
147	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('node1.example.com', allowed_schemes=('pithos',))
148	7c3549f0	Kostas Papadimitriou	None
149	7c3549f0	Kostas Papadimitriou	>>> print restrict_next('pithos://localhost', 'localhost',
150	7c3549f0	Kostas Papadimitriou	... allowed_schemes=('pithos',))
151	7c3549f0	Kostas Papadimitriou	pithos://localhost
152	217994f8	Sofia Papagiannaki	"""
153	217994f8	Sofia Papagiannaki	if not url:
154	7c3549f0	Kostas Papadimitriou	return None
155	7c3549f0	Kostas Papadimitriou
156	217994f8	Sofia Papagiannaki	parts = urlparse(url, scheme='http')
157	55baa300	Sofia Papagiannaki	if not parts.netloc and not parts.path.startswith('/'):
158	217994f8	Sofia Papagiannaki	# fix url if does not conforms RFC 1808
159	217994f8	Sofia Papagiannaki	url = '//%s' % url
160	217994f8	Sofia Papagiannaki	parts = urlparse(url, scheme='http')
161	7c3549f0	Kostas Papadimitriou
162	7c3549f0	Kostas Papadimitriou	if not domain and not allowed_schemes:
163	217994f8	Sofia Papagiannaki	return url
164	5ce3ce4f	Sofia Papagiannaki
165	5b65fb47	Kostas Papadimitriou	# domain validation
166	7c3549f0	Kostas Papadimitriou	if domain:
167	7c3549f0	Kostas Papadimitriou	if not parts.netloc:
168	7c3549f0	Kostas Papadimitriou	return url
169	7c3549f0	Kostas Papadimitriou	if parts.netloc.endswith(domain):
170	7c3549f0	Kostas Papadimitriou	return url
171	7c3549f0	Kostas Papadimitriou	else:
172	7c3549f0	Kostas Papadimitriou	return None
173	7c3549f0	Kostas Papadimitriou
174	5b65fb47	Kostas Papadimitriou	# scheme validation
175	7c3549f0	Kostas Papadimitriou	if allowed_schemes:
176	7c3549f0	Kostas Papadimitriou	if parts.scheme in allowed_schemes:
177	7c3549f0	Kostas Papadimitriou	return url
178	7c3549f0	Kostas Papadimitriou
179	7c3549f0	Kostas Papadimitriou	return None
180	7c3549f0	Kostas Papadimitriou
181	7c3549f0	Kostas Papadimitriou
182	8fbf5367	root	def prepare_response(request, user, next='', renew=False):
183	63ecdd20	Sofia Papagiannaki	"""Return the unique username and the token
184	63ecdd20	Sofia Papagiannaki	as 'X-Auth-User' and 'X-Auth-Token' headers,
185	63ecdd20	Sofia Papagiannaki	or redirect to the URL provided in 'next'
186	63ecdd20	Sofia Papagiannaki	with the 'user' and 'token' as parameters.
187	5ce3ce4f	Sofia Papagiannaki
188	63ecdd20	Sofia Papagiannaki	Reissue the token even if it has not yet
189	63ecdd20	Sofia Papagiannaki	expired, if the 'renew' parameter is present
190	63ecdd20	Sofia Papagiannaki	or user has not a valid token.
191	63ecdd20	Sofia Papagiannaki	"""
192	63ecdd20	Sofia Papagiannaki	renew = renew or (not user.auth_token)
193	67920ea0	Giorgos Korfiatis	renew = renew or user.token_expired()
194	63ecdd20	Sofia Papagiannaki	if renew:
195	bf0c6de5	Sofia Papagiannaki	user.renew_token(
196	bf0c6de5	Sofia Papagiannaki	flush_sessions=True,
197	bf0c6de5	Sofia Papagiannaki	current_key=request.session.session_key
198	bf0c6de5	Sofia Papagiannaki	)
199	27e26a41	Sofia Papagiannaki	try:
200	27e26a41	Sofia Papagiannaki	user.save()
201	27e26a41	Sofia Papagiannaki	except ValidationError, e:
202	e5966bd9	Kostas Papadimitriou	return HttpResponseBadRequest(e)
203	e5966bd9	Kostas Papadimitriou
204	0a7a4104	Kostas Papadimitriou	next = restrict_next(next, domain=settings.COOKIE_DOMAIN)
205	e5966bd9	Kostas Papadimitriou
206	0a7a4104	Kostas Papadimitriou	if settings.FORCE_PROFILE_UPDATE and \
207	0a7a4104	Kostas Papadimitriou	not user.is_verified and not user.is_superuser:
208	63ecdd20	Sofia Papagiannaki	params = ''
209	63ecdd20	Sofia Papagiannaki	if next:
210	63ecdd20	Sofia Papagiannaki	params = '?' + urlencode({'next': next})
211	6ff7a7ca	Sofia Papagiannaki	next = reverse('edit_profile') + params
212	5ce3ce4f	Sofia Papagiannaki
213	63ecdd20	Sofia Papagiannaki	response = HttpResponse()
214	5ce3ce4f	Sofia Papagiannaki
215	8fbf5367	root	# authenticate before login
216	8fbf5367	root	user = authenticate(email=user.email, auth_token=user.auth_token)
217	8fbf5367	root	login(request, user)
218	b42b0987	Sofia Papagiannaki	request.session.set_expiry(user.auth_token_expires)
219	5ce3ce4f	Sofia Papagiannaki
220	63ecdd20	Sofia Papagiannaki	if not next:
221	0a7a4104	Kostas Papadimitriou	next = settings.LOGIN_SUCCESS_URL
222	e5966bd9	Kostas Papadimitriou
223	63ecdd20	Sofia Papagiannaki	response['Location'] = next
224	63ecdd20	Sofia Papagiannaki	response.status_code = 302
225	8fbf5367	root	return response
226	c301698f	Sofia Papagiannaki
227	270dd48d	Sofia Papagiannaki	class lazy_string(object):
228	270dd48d	Sofia Papagiannaki	def __init__(self, function, args, *kwargs):
229	5ce3ce4f	Sofia Papagiannaki	self.function = function
230	5ce3ce4f	Sofia Papagiannaki	self.args = args
231	5ce3ce4f	Sofia Papagiannaki	self.kwargs = kwargs
232	5ce3ce4f	Sofia Papagiannaki
233	270dd48d	Sofia Papagiannaki	def __str__(self):
234	270dd48d	Sofia Papagiannaki	if not hasattr(self, 'str'):
235	5ce3ce4f	Sofia Papagiannaki	self.str = self.function(self.args, *self.kwargs)
236	270dd48d	Sofia Papagiannaki	return self.str
237	270dd48d	Sofia Papagiannaki
238	5ce3ce4f	Sofia Papagiannaki
239	270dd48d	Sofia Papagiannaki	def reverse_lazy(args, *kwargs):
240	270dd48d	Sofia Papagiannaki	return lazy_string(reverse, args, *kwargs)
241	270dd48d	Sofia Papagiannaki
242	5ce3ce4f	Sofia Papagiannaki
243	0a569195	Sofia Papagiannaki	def reserved_email(email):
244	e5966bd9	Kostas Papadimitriou	return AstakosUser.objects.user_exists(email)
245	5ce3ce4f	Sofia Papagiannaki
246	0a569195	Sofia Papagiannaki
247	43332a76	Kostas Papadimitriou	def reserved_verified_email(email):
248	43332a76	Kostas Papadimitriou	return AstakosUser.objects.verified_user_exists(email)
249	43332a76	Kostas Papadimitriou
250	43332a76	Kostas Papadimitriou
251	0a569195	Sofia Papagiannaki	def get_query(request):
252	f627a979	Sofia Papagiannaki	try:
253	f627a979	Sofia Papagiannaki	return request.__getattribute__(request.method)
254	f627a979	Sofia Papagiannaki	except AttributeError:
255	9a06d96f	Olga Brani	return {}
256	9a06d96f	Olga Brani
257	9efcce2a	Sofia Papagiannaki	def get_properties(obj):
258	2f732a9b	Sofia Papagiannaki	def get_class_attr(_class, attr):
259	2f732a9b	Sofia Papagiannaki	try:
260	2f732a9b	Sofia Papagiannaki	return getattr(_class, attr)
261	2f732a9b	Sofia Papagiannaki	except AttributeError:
262	2f732a9b	Sofia Papagiannaki	return
263	64492c49	Kostas Papadimitriou
264	9efcce2a	Sofia Papagiannaki	return (i for i in vars(obj.__class__) \
265	2f732a9b	Sofia Papagiannaki	if isinstance(get_class_attr(obj.__class__, i), property))
266	9a06d96f	Olga Brani
267	68a8935f	Giorgos Korfiatis	def model_to_dict(obj, exclude=None, include_empty=True):
268	9a06d96f	Olga Brani	'''
269	9a06d96f	Olga Brani	serialize model object to dict with related objects
270	9a06d96f	Olga Brani
271	9a06d96f	Olga Brani	author: Vadym Zakovinko <vp@zakovinko.com>
272	9a06d96f	Olga Brani	date: January 31, 2011
273	9a06d96f	Olga Brani	http://djangosnippets.org/snippets/2342/
274	9a06d96f	Olga Brani	'''
275	68a8935f	Giorgos Korfiatis
276	68a8935f	Giorgos Korfiatis	if exclude is None:
277	68a8935f	Giorgos Korfiatis	exclude = ['AutoField', 'ForeignKey', 'OneToOneField']
278	9a06d96f	Olga Brani	tree = {}
279	9a06d96f	Olga Brani	for field_name in obj._meta.get_all_field_names():
280	9a06d96f	Olga Brani	try:
281	9a06d96f	Olga Brani	field = getattr(obj, field_name)
282	9a06d96f	Olga Brani	except (ObjectDoesNotExist, AttributeError):
283	9a06d96f	Olga Brani	continue
284	9a06d96f	Olga Brani
285	9a06d96f	Olga Brani	if field.__class__.__name__ in ['RelatedManager', 'ManyRelatedManager']:
286	9a06d96f	Olga Brani	if field.model.__name__ in exclude:
287	9a06d96f	Olga Brani	continue
288	9a06d96f	Olga Brani
289	9a06d96f	Olga Brani	if field.__class__.__name__ == 'ManyRelatedManager':
290	9a06d96f	Olga Brani	exclude.append(obj.__class__.__name__)
291	9a06d96f	Olga Brani	subtree = []
292	9a06d96f	Olga Brani	for related_obj in getattr(obj, field_name).all():
293	9a06d96f	Olga Brani	value = model_to_dict(related_obj, exclude=exclude)
294	9a06d96f	Olga Brani	if value or include_empty:
295	9a06d96f	Olga Brani	subtree.append(value)
296	9a06d96f	Olga Brani	if subtree or include_empty:
297	9a06d96f	Olga Brani	tree[field_name] = subtree
298	9a06d96f	Olga Brani	continue
299	9a06d96f	Olga Brani
300	9a06d96f	Olga Brani	field = obj._meta.get_field_by_name(field_name)[0]
301	9a06d96f	Olga Brani	if field.__class__.__name__ in exclude:
302	9a06d96f	Olga Brani	continue
303	9a06d96f	Olga Brani
304	9a06d96f	Olga Brani	if field.__class__.__name__ == 'RelatedObject':
305	9a06d96f	Olga Brani	exclude.append(field.model.__name__)
306	9a06d96f	Olga Brani	tree[field_name] = model_to_dict(getattr(obj, field_name),
307	9a06d96f	Olga Brani	exclude=exclude)
308	9a06d96f	Olga Brani	continue
309	9a06d96f	Olga Brani
310	9a06d96f	Olga Brani	value = getattr(obj, field_name)
311	9a06d96f	Olga Brani	if field.__class__.__name__ == 'ForeignKey':
312	9a06d96f	Olga Brani	value = unicode(value) if value is not None else value
313	9a06d96f	Olga Brani	if value or include_empty:
314	9a06d96f	Olga Brani	tree[field_name] = value
315	9efcce2a	Sofia Papagiannaki	properties = list(get_properties(obj))
316	9efcce2a	Sofia Papagiannaki	for p in properties:
317	9efcce2a	Sofia Papagiannaki	tree[p] = getattr(obj, p)
318	9efcce2a	Sofia Papagiannaki	tree['str_repr'] = obj.__str__()
319	9a06d96f	Olga Brani
320	9a06d96f	Olga Brani	return tree
321	6936103e	Kostas Papadimitriou
322	6936103e	Kostas Papadimitriou	def login_url(request):
323	6936103e	Kostas Papadimitriou	attrs = {}
324	6936103e	Kostas Papadimitriou	for attr in ['login', 'key', 'code']:
325	6936103e	Kostas Papadimitriou	val = request.REQUEST.get(attr, None)
326	6936103e	Kostas Papadimitriou	if val:
327	6936103e	Kostas Papadimitriou	attrs[attr] = val
328	6936103e	Kostas Papadimitriou	return "%s?%s" % (reverse('login'), urllib.urlencode(attrs))
329	440f7c0c	Kostas Papadimitriou
330	440f7c0c	Kostas Papadimitriou
331	440f7c0c	Kostas Papadimitriou	def redirect_back(request, default='index'):
332	440f7c0c	Kostas Papadimitriou	"""
333	440f7c0c	Kostas Papadimitriou	Redirect back to referer if safe and possible.
334	440f7c0c	Kostas Papadimitriou	"""
335	440f7c0c	Kostas Papadimitriou	referer = request.META.get('HTTP_REFERER')
336	440f7c0c	Kostas Papadimitriou
337	fb9ba8d5	Kostas Papadimitriou	safedomain = settings.BASE_URL.replace("https://", "").replace(
338	440f7c0c	Kostas Papadimitriou	"http://", "")
339	440f7c0c	Kostas Papadimitriou	safe = restrict_next(referer, safedomain)
340	440f7c0c	Kostas Papadimitriou	# avoid redirect loop
341	440f7c0c	Kostas Papadimitriou	loops = referer == request.get_full_path()
342	440f7c0c	Kostas Papadimitriou	if referer and safe and not loops:
343	440f7c0c	Kostas Papadimitriou	return redirect(referer)
344	440f7c0c	Kostas Papadimitriou	return redirect(reverse(default))