root / snf-astakos-app / astakos / im / views / target / redirect.py @ feebcc02
History | View | Annotate | Download (5.4 kB)
1 | aba1e498 | Antony Chazapis | # Copyright 2011-2012 GRNET S.A. All rights reserved.
|
---|---|---|---|
2 | 64cd4730 | Antony Chazapis | #
|
3 | 64cd4730 | Antony Chazapis | # Redistribution and use in source and binary forms, with or
|
4 | 64cd4730 | Antony Chazapis | # without modification, are permitted provided that the following
|
5 | 64cd4730 | Antony Chazapis | # conditions are met:
|
6 | 64cd4730 | Antony Chazapis | #
|
7 | 64cd4730 | Antony Chazapis | # 1. Redistributions of source code must retain the above
|
8 | 64cd4730 | Antony Chazapis | # copyright notice, this list of conditions and the following
|
9 | 64cd4730 | Antony Chazapis | # disclaimer.
|
10 | 64cd4730 | Antony Chazapis | #
|
11 | 64cd4730 | Antony Chazapis | # 2. Redistributions in binary form must reproduce the above
|
12 | 64cd4730 | Antony Chazapis | # copyright notice, this list of conditions and the following
|
13 | 64cd4730 | Antony Chazapis | # disclaimer in the documentation and/or other materials
|
14 | 64cd4730 | Antony Chazapis | # provided with the distribution.
|
15 | 64cd4730 | Antony Chazapis | #
|
16 | 64cd4730 | Antony Chazapis | # THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS
|
17 | 64cd4730 | Antony Chazapis | # OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
18 | 64cd4730 | Antony Chazapis | # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
19 | 64cd4730 | Antony Chazapis | # PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A OR
|
20 | 64cd4730 | Antony Chazapis | # CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
21 | 64cd4730 | Antony Chazapis | # SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
|
22 | 64cd4730 | Antony Chazapis | # LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
|
23 | 64cd4730 | Antony Chazapis | # USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
|
24 | 64cd4730 | Antony Chazapis | # AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
25 | 64cd4730 | Antony Chazapis | # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
|
26 | 64cd4730 | Antony Chazapis | # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
27 | 64cd4730 | Antony Chazapis | # POSSIBILITY OF SUCH DAMAGE.
|
28 | 64cd4730 | Antony Chazapis | #
|
29 | 64cd4730 | Antony Chazapis | # The views and conclusions contained in the software and
|
30 | 64cd4730 | Antony Chazapis | # documentation are those of the authors and should not be
|
31 | 64cd4730 | Antony Chazapis | # interpreted as representing official policies, either expressed
|
32 | 64cd4730 | Antony Chazapis | # or implied, of GRNET S.A.
|
33 | 64cd4730 | Antony Chazapis | |
34 | 148b0cde | Sofia Papagiannaki | from django.core.urlresolvers import reverse |
35 | a196eb7e | Sofia Papagiannaki | from django.utils.translation import ugettext as _ |
36 | a196eb7e | Sofia Papagiannaki | from django.utils.http import urlencode |
37 | 111f3da6 | Sofia Papagiannaki | from django.contrib.auth import authenticate |
38 | 217994f8 | Sofia Papagiannaki | from django.http import ( |
39 | 73fbaec4 | Sofia Papagiannaki | HttpResponse, HttpResponseBadRequest, HttpResponseForbidden) |
40 | 27e26a41 | Sofia Papagiannaki | from django.core.exceptions import ValidationError |
41 | 9a06d96f | Olga Brani | from django.views.decorators.http import require_http_methods |
42 | a196eb7e | Sofia Papagiannaki | |
43 | aab4d540 | Sofia Papagiannaki | from urlparse import urlunsplit, urlsplit, parse_qsl |
44 | 64cd4730 | Antony Chazapis | |
45 | b2ffa772 | Sofia Papagiannaki | from astakos.im.util import restrict_next |
46 | 111f3da6 | Sofia Papagiannaki | from astakos.im.functions import login as auth_login, logout |
47 | 70e11eaa | Sofia Papagiannaki | from astakos.im.views.decorators import cookie_fix |
48 | 860b37f0 | Sofia Papagiannaki | |
49 | ae497612 | Olga Brani | import astakos.im.messages as astakos_messages |
50 | 184f551f | Georgios D. Tsoukalas | from astakos.im.settings import REDIRECT_ALLOWED_SCHEMES |
51 | ae497612 | Olga Brani | |
52 | e015e9e6 | Sofia Papagiannaki | import logging |
53 | e015e9e6 | Sofia Papagiannaki | |
54 | e015e9e6 | Sofia Papagiannaki | logger = logging.getLogger(__name__) |
55 | e015e9e6 | Sofia Papagiannaki | |
56 | 5ce3ce4f | Sofia Papagiannaki | |
57 | 65dad30c | Sofia Papagiannaki | @require_http_methods(["GET"]) |
58 | 222305b7 | Sofia Papagiannaki | @cookie_fix
|
59 | 64cd4730 | Antony Chazapis | def login(request): |
60 | a196eb7e | Sofia Papagiannaki | """
|
61 | 09e7393c | Sofia Papagiannaki | If there is no ``next`` request parameter redirects to astakos index page
|
62 | 09e7393c | Sofia Papagiannaki | displaying an error message.
|
63 | 09e7393c | Sofia Papagiannaki | If the request user is authenticated and has signed the approval terms,
|
64 | 09e7393c | Sofia Papagiannaki | redirects to `next` request parameter. If not, redirects to approval terms
|
65 | 09e7393c | Sofia Papagiannaki | in order to return back here after agreeing with the terms.
|
66 | 65dad30c | Sofia Papagiannaki | Otherwise, redirects to login in order to return back here after successful
|
67 | 65dad30c | Sofia Papagiannaki | login.
|
68 | a196eb7e | Sofia Papagiannaki | """
|
69 | ebd369d0 | Sofia Papagiannaki | next = request.GET.get('next')
|
70 | ebd369d0 | Sofia Papagiannaki | if not next: |
71 | aacb777e | Kostas Papadimitriou | next = reverse('index')
|
72 | ed1999ad | Kostas Papadimitriou | |
73 | 184f551f | Georgios D. Tsoukalas | if not restrict_next(next, allowed_schemes=REDIRECT_ALLOWED_SCHEMES): |
74 | 65dad30c | Sofia Papagiannaki | return HttpResponseForbidden(_(
|
75 | 65dad30c | Sofia Papagiannaki | astakos_messages.NOT_ALLOWED_NEXT_PARAM)) |
76 | ebd369d0 | Sofia Papagiannaki | force = request.GET.get('force', None) |
77 | ebd369d0 | Sofia Papagiannaki | response = HttpResponse() |
78 | 0d4ffc7f | Kostas Papadimitriou | if force == '' and request.user.is_authenticated(): |
79 | ebd369d0 | Sofia Papagiannaki | logout(request) |
80 | 0d4ffc7f | Kostas Papadimitriou | |
81 | 148b0cde | Sofia Papagiannaki | if request.user.is_authenticated():
|
82 | e510fae4 | Sofia Papagiannaki | # if user has not signed the approval terms
|
83 | e510fae4 | Sofia Papagiannaki | # redirect to approval terms with next the request path
|
84 | fcf90160 | Sofia Papagiannaki | if not request.user.signed_terms: |
85 | e510fae4 | Sofia Papagiannaki | # first build next parameter
|
86 | e510fae4 | Sofia Papagiannaki | parts = list(urlsplit(request.build_absolute_uri()))
|
87 | e510fae4 | Sofia Papagiannaki | params = dict(parse_qsl(parts[3], keep_blank_values=True)) |
88 | e510fae4 | Sofia Papagiannaki | parts[3] = urlencode(params)
|
89 | e510fae4 | Sofia Papagiannaki | next = urlunsplit(parts) |
90 | 5ce3ce4f | Sofia Papagiannaki | |
91 | e510fae4 | Sofia Papagiannaki | # build url location
|
92 | e510fae4 | Sofia Papagiannaki | parts[2] = reverse('latest_terms') |
93 | 5ce3ce4f | Sofia Papagiannaki | params = {'next': next} |
94 | e510fae4 | Sofia Papagiannaki | parts[3] = urlencode(params)
|
95 | e510fae4 | Sofia Papagiannaki | url = urlunsplit(parts) |
96 | e510fae4 | Sofia Papagiannaki | response['Location'] = url
|
97 | e510fae4 | Sofia Papagiannaki | response.status_code = 302
|
98 | e510fae4 | Sofia Papagiannaki | return response
|
99 | 860b37f0 | Sofia Papagiannaki | renew = request.GET.get('renew', None) |
100 | ebd369d0 | Sofia Papagiannaki | if renew == '': |
101 | bf0c6de5 | Sofia Papagiannaki | request.user.renew_token( |
102 | bf0c6de5 | Sofia Papagiannaki | flush_sessions=True,
|
103 | bf0c6de5 | Sofia Papagiannaki | current_key=request.session.session_key |
104 | bf0c6de5 | Sofia Papagiannaki | ) |
105 | 27e26a41 | Sofia Papagiannaki | try:
|
106 | 27e26a41 | Sofia Papagiannaki | request.user.save() |
107 | 27e26a41 | Sofia Papagiannaki | except ValidationError, e:
|
108 | 27e26a41 | Sofia Papagiannaki | return HttpResponseBadRequest(e)
|
109 | ebd369d0 | Sofia Papagiannaki | # authenticate before login
|
110 | c700f742 | Sofia Papagiannaki | user = authenticate( |
111 | c700f742 | Sofia Papagiannaki | username=request.user.username, |
112 | c700f742 | Sofia Papagiannaki | auth_token=request.user.auth_token |
113 | c700f742 | Sofia Papagiannaki | ) |
114 | ebd369d0 | Sofia Papagiannaki | auth_login(request, user) |
115 | c700f742 | Sofia Papagiannaki | logger.info('Token reset for %s' % user.username)
|
116 | ebd369d0 | Sofia Papagiannaki | parts = list(urlsplit(next)) |
117 | c700f742 | Sofia Papagiannaki | parts[3] = urlencode({
|
118 | f7c3c4c4 | Sofia Papagiannaki | 'uuid': request.user.uuid,
|
119 | c700f742 | Sofia Papagiannaki | 'token': request.user.auth_token
|
120 | c700f742 | Sofia Papagiannaki | }) |
121 | ebd369d0 | Sofia Papagiannaki | url = urlunsplit(parts) |
122 | ebd369d0 | Sofia Papagiannaki | response['Location'] = url
|
123 | ebd369d0 | Sofia Papagiannaki | response.status_code = 302
|
124 | ebd369d0 | Sofia Papagiannaki | return response
|
125 | 148b0cde | Sofia Papagiannaki | else:
|
126 | e510fae4 | Sofia Papagiannaki | # redirect to login with next the request path
|
127 | 5ce3ce4f | Sofia Papagiannaki | |
128 | ebd369d0 | Sofia Papagiannaki | # first build next parameter
|
129 | ebd369d0 | Sofia Papagiannaki | parts = list(urlsplit(request.build_absolute_uri()))
|
130 | ebd369d0 | Sofia Papagiannaki | params = dict(parse_qsl(parts[3], keep_blank_values=True)) |
131 | ebd369d0 | Sofia Papagiannaki | # delete force parameter
|
132 | ebd369d0 | Sofia Papagiannaki | if 'force' in params: |
133 | ebd369d0 | Sofia Papagiannaki | del params['force'] |
134 | ebd369d0 | Sofia Papagiannaki | parts[3] = urlencode(params)
|
135 | ebd369d0 | Sofia Papagiannaki | next = urlunsplit(parts) |
136 | 5ce3ce4f | Sofia Papagiannaki | |
137 | ebd369d0 | Sofia Papagiannaki | # build url location
|
138 | 1ecda536 | Kostas Papadimitriou | parts[2] = reverse('login') |
139 | 5ce3ce4f | Sofia Papagiannaki | params = {'next': next} |
140 | ebd369d0 | Sofia Papagiannaki | parts[3] = urlencode(params)
|
141 | ebd369d0 | Sofia Papagiannaki | url = urlunsplit(parts) |
142 | ebd369d0 | Sofia Papagiannaki | response['Location'] = url
|
143 | ebd369d0 | Sofia Papagiannaki | response.status_code = 302
|
144 | 5ce3ce4f | Sofia Papagiannaki | return response |