25
25
# This needs to be importable from outside Apache.
28
import ivle.pulldown_subj
29
29
import ivle.webapp.security
30
30
from ivle.auth import authenticate, AuthError
31
31
from ivle.webapp.base.xhtml import XHTMLView
43
43
fields = req.get_fieldstorage()
44
44
nexturl = fields.getfirst('url')
46
# XXX Warning that Internet Explorer is unsupported
47
# Test if the user is in Internet Explorer
49
useragent = req.headers_in['User-Agent']
50
# A bit of very basic UA string detection
51
ctx['msie'] = ('MSIE' in useragent
52
and 'AppleWebKit' not in useragent
53
and 'Gecko' not in useragent
54
and 'Opera' not in useragent)
58
46
if nexturl is None:
61
# We are already logged in. If it is a POST, they might be trying to
62
# clobber their session with some new credentials. That's their own
63
# business, so we let them do it. Otherwise, we don't bother prompting
64
# and just redirect to the destination.
49
# We are already logged in. Don't bother logging in again.
65
50
# Note that req.user is None even if we are 'logged in', if the user is
66
# invalid (state != enabled, or expired).
67
if req.method != "POST" and req.user is not None:
52
if req.user is not None:
68
53
req.throw_redirect(nexturl)
70
# Don't give any URL if we want /.
74
query_string = '?url=' + urllib.quote(nexturl, safe="/~")
76
ctx['path'] = req.make_path('+login') + query_string
55
ctx['path'] = ivle.util.make_path('+login') + \
56
'?' + urllib.urlencode([('url', nexturl)])
78
58
# If this succeeds, the user is invalid.
79
59
user = ivle.webapp.security.get_user_details(req)
84
64
# if you are not planning to display a ToS page - the ToS
85
65
# acceptance process actually calls usrmgt to create the user
86
66
# jails and related stuff.
87
req.throw_redirect(req.make_path('+tos') + query_string)
67
req.throw_redirect(ivle.util.make_path('+tos') + \
68
'?' + urllib.urlencode([('url', nexturl)]))
88
69
elif user.state == "pending":
89
70
# FIXME: this isn't quite the right answer, but it
90
71
# should be more robust in the short term.
116
# Username is case insensitive
117
user = authenticate.authenticate(req.config, req.store,
118
username.value.lower(), password.value)
97
user = authenticate.authenticate(req.store,
98
username.value, password.value)
119
99
except AuthError, msg:
127
107
session = req.get_session()
128
108
session['login'] = user.login
131
110
user.last_login = datetime.datetime.now()
133
113
# Create cookies for plugins that might request them.
134
114
for plugin in req.config.plugin_index[CookiePlugin]:
139
119
req.add_cookie(mod_python.Cookie.Cookie(cookie,
140
120
plugin.cookies[cookie](user), path='/'))
142
# Add any new enrolments.
143
ivle.pulldown_subj.enrol_user(req.config, req.store, user)
146
122
req.throw_redirect(nexturl)
148
124
# We didn't succeed.
added
removed
ivle/webapp/security/views.py
