← Back to branch summary

~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/webapp/security/views.py

  • Committer: William Grant
  • Date: 2010-02-11 05:09:56 UTC
  • Revision ID: grantw@unimelb.edu.au-20100211050956-t5i2z6b8iulxteza
Unbreak existing tests.

Show diffs side-by-side

added added

removed removed

Lines of Context:
ivle/webapp/security/views.py
25
25
    # This needs to be importable from outside Apache.
26
26
    pass
27
27
 
28
 
import ivle.util
29
 
import ivle.dispatch.login
 
28
import ivle.pulldown_subj
 
29
import ivle.webapp.security
30
30
from ivle.auth import authenticate, AuthError
31
31
from ivle.webapp.base.xhtml import XHTMLView
32
32
from ivle.webapp.base.plugins import CookiePlugin
33
 
from ivle.dispatch.login import get_user_details
34
33
 
35
34
class LoginView(XHTMLView):
36
35
    '''A view to allow a user to log in.'''
47
46
        if nexturl is None:
48
47
            nexturl = '/'
49
48
 
50
 
        # We are already logged in. Don't bother logging in again.
 
49
        # We are already logged in. If it is a POST, they might be trying to
 
50
        # clobber their session with some new credentials. That's their own
 
51
        # business, so we let them do it. Otherwise, we don't bother prompting
 
52
        # and just redirect to the destination.
51
53
        # Note that req.user is None even if we are 'logged in', if the user is
52
 
        # invalid.
53
 
        if req.user is not None:
 
54
        # invalid (state != enabled, or expired).
 
55
        if req.method != "POST" and req.user is not None:
54
56
            req.throw_redirect(nexturl)
55
57
 
56
 
        ctx['path'] = ivle.util.make_path('+login') + \
57
 
                         '?' + urllib.urlencode([('url', nexturl)])
 
58
        # Don't give any URL if we want /.
 
59
        if nexturl == '/':
 
60
            query_string = ''
 
61
        else:
 
62
            query_string = '?url=' + urllib.quote(nexturl, safe="/~")
 
63
 
 
64
        ctx['path'] = req.make_path('+login') + query_string
58
65
 
59
66
        # If this succeeds, the user is invalid.
60
 
        user = get_user_details(req)
 
67
        user = ivle.webapp.security.get_user_details(req)
61
68
        if user is not None:
62
69
            if user.state == "no_agreement":
63
70
                # Authenticated, but need to accept the ToS. Send them there.
65
72
                # if you are not planning to display a ToS page - the ToS
66
73
                # acceptance process actually calls usrmgt to create the user
67
74
                # jails and related stuff.
68
 
                req.throw_redirect(ivle.util.make_path('+tos') + \
69
 
                        '?' + urllib.urlencode([('url', nexturl)]))
 
75
                req.throw_redirect(req.make_path('+tos') + query_string)
70
76
            elif user.state == "pending":
71
77
                # FIXME: this isn't quite the right answer, but it
72
78
                # should be more robust in the short term.
80
86
        if req.method == "POST":
81
87
            # While req.user is normally set to get_user_details, it won't set
82
88
            # it if the account isn't valid. So we get it ourselves.
83
 
            user = get_user_details(req)
 
89
            user = ivle.webapp.security.get_user_details(req)
84
90
 
85
91
            badlogin = None
86
92
 
95
101
                else:
96
102
                    user = None
97
103
                    try:
98
 
                        user = authenticate.authenticate(req.store,
99
 
                                    username.value, password.value)
 
104
                        # Username is case insensitive
 
105
                        user = authenticate.authenticate(req.config, req.store,
 
106
                                    username.value.lower(), password.value)
100
107
                    except AuthError, msg:
101
108
                        badlogin = msg
102
109
                    if user is None:
108
115
                        session = req.get_session()
109
116
                        session['login'] = user.login
110
117
                        session.save()
 
118
                        session.unlock()
111
119
                        user.last_login = datetime.datetime.now()
112
 
                        req.store.commit()
113
120
 
114
121
                        # Create cookies for plugins that might request them.
115
 
                        for plugin in req.plugin_index[CookiePlugin]:
 
122
                        for plugin in req.config.plugin_index[CookiePlugin]:
116
123
                            for cookie in plugin.cookies:
117
124
                                # The function can be None if they just need to be
118
125
                                # deleted at logout.
120
127
                                    req.add_cookie(mod_python.Cookie.Cookie(cookie,
121
128
                                          plugin.cookies[cookie](user), path='/'))
122
129
 
 
130
                        # Add any new enrolments.
 
131
                        ivle.pulldown_subj.enrol_user(req.config, req.store, user)
 
132
                        req.store.commit()
 
133
 
123
134
                        req.throw_redirect(nexturl)
124
135
 
125
136
                # We didn't succeed.
135
146
    def authorize(self, req):
136
147
        # This can be used by any authenticated user, even if they haven't
137
148
        # accepted the ToS yet.
138
 
        return ivle.dispatch.login.get_user_details(req) is not None
 
149
        return ivle.webapp.security.get_user_details(req) is not None
139
150
 
140
151
    def populate(self, req, ctx):
141
152
        if req.method == "POST":
142
153
            req.logout()
143
154
        else:
144
 
            ctx['path'] =  ivle.util.make_path('+logout')
 
155
            ctx['path'] =  req.make_path('+logout')