~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to ivle/webapp/security/views.py

• browse files at revision 1823
• compare with another revision
• download diff
• download tarball
• view history from revision 1823

• reverse the comparison (1823 to 1092.1.42)
• stop comparing with revision 1092.1.42

Show diffs side-by-side

added

removed

ivle/webapp/security/views.py

25

25

    # This needs to be importable from outside Apache.

26

26

    pass

27

27

 

28

 

import ivle.util

29

 

import ivle.dispatch.login

 

28

import ivle.pulldown_subj

 

29

import ivle.webapp.security

30

30

from ivle.auth import authenticate, AuthError

31

31

from ivle.webapp.base.xhtml import XHTMLView

32

32

from ivle.webapp.base.plugins import CookiePlugin

33

 

from ivle.dispatch.login import get_user_details

34

33

 

35

34

class LoginView(XHTMLView):

36

35

    '''A view to allow a user to log in.'''

37

36

    template = 'login.html'

 

37

    allow_overlays = False

38

38

 

39

39

    def authorize(self, req):

40

40

        return True

43

43

        fields = req.get_fieldstorage()

44

44

        nexturl = fields.getfirst('url')

45

45

 

 

46

        # XXX Warning that Internet Explorer is unsupported

 

47

        # Test if the user is in Internet Explorer

 

48

        try:

 

49

            useragent = req.headers_in['User-Agent']

 

50

            # A bit of very basic UA string detection

 

51

            ctx['msie'] = ('MSIE' in useragent

 

52

                           and 'AppleWebKit' not in useragent

 

53

                           and 'Gecko' not in useragent

 

54

                           and 'Opera' not in useragent)

 

55

        except KeyError:

 

56

            ctx['msie'] = False

 

57

 

46

58

        if nexturl is None:

47

59

            nexturl = '/'

48

60

 

49

 

        # We are already logged in. Don't bother logging in again.

 

61

        # We are already logged in. If it is a POST, they might be trying to

 

62

        # clobber their session with some new credentials. That's their own

 

63

        # business, so we let them do it. Otherwise, we don't bother prompting

 

64

        # and just redirect to the destination.

50

65

        # Note that req.user is None even if we are 'logged in', if the user is

51

 

        # invalid.

52

 

        if req.user is not None:

 

66

        # invalid (state != enabled, or expired).

 

67

        if req.method != "POST" and req.user is not None:

53

68

            req.throw_redirect(nexturl)

54

69

 

55

 

        ctx['path'] = ivle.util.make_path('+login') + \

56

 

                         '?' + urllib.urlencode([('url', nexturl)])

 

70

        # Don't give any URL if we want /.

 

71

        if nexturl == '/':

 

72

            query_string = ''

 

73

        else:

 

74

            query_string = '?url=' + urllib.quote(nexturl, safe="/~")

 

75

 

 

76

        ctx['path'] = req.make_path('+login') + query_string

57

77

 

58

78

        # If this succeeds, the user is invalid.

59

 

        user = get_user_details(req)

 

79

        user = ivle.webapp.security.get_user_details(req)

60

80

        if user is not None:

61

81

            if user.state == "no_agreement":

62

82

                # Authenticated, but need to accept the ToS. Send them there.

64

84

                # if you are not planning to display a ToS page - the ToS

65

85

                # acceptance process actually calls usrmgt to create the user

66

86

                # jails and related stuff.

67

 

                req.throw_redirect(ivle.util.make_path('+tos') + \

68

 

                        '?' + urllib.urlencode([('url', nexturl)]))

 

87

                req.throw_redirect(req.make_path('+tos') + query_string)

69

88

            elif user.state == "pending":

70

89

                # FIXME: this isn't quite the right answer, but it

71

90

                # should be more robust in the short term.

79

98

        if req.method == "POST":

80

99

            # While req.user is normally set to get_user_details, it won't set

81

100

            # it if the account isn't valid. So we get it ourselves.

82

 

            user = get_user_details(req)

 

101

            user = ivle.webapp.security.get_user_details(req)

83

102

 

84

103

            badlogin = None

85

104

 

94

113

                else:

95

114

                    user = None

96

115

                    try:

97

 

                        user = authenticate.authenticate(req.store,

98

 

                                    username.value, password.value)

 

116

                        # Username is case insensitive

 

117

                        user = authenticate.authenticate(req.config, req.store,

 

118

                                    username.value.lower(), password.value)

99

119

                    except AuthError, msg:

100

120

                        badlogin = msg

101

121

                    if user is None:

107

127

                        session = req.get_session()

108

128

                        session['login'] = user.login

109

129

                        session.save()

 

130

                        session.unlock()

110

131

                        user.last_login = datetime.datetime.now()

111

 

                        req.store.commit()

112

132

 

113

133

                        # Create cookies for plugins that might request them.

114

 

                        for plugin in req.plugin_index[CookiePlugin]:

 

134

                        for plugin in req.config.plugin_index[CookiePlugin]:

115

135

                            for cookie in plugin.cookies:

116

136

                                # The function can be None if they just need to be

117

137

                                # deleted at logout.

119

139

                                    req.add_cookie(mod_python.Cookie.Cookie(cookie,

120

140

                                          plugin.cookies[cookie](user), path='/'))

121

141

 

 

142

                        # Add any new enrolments.

 

143

                        ivle.pulldown_subj.enrol_user(req.config, req.store, user)

 

144

                        req.store.commit()

 

145

 

122

146

                        req.throw_redirect(nexturl)

123

147

 

124

148

                # We didn't succeed.

129

153

class LogoutView(XHTMLView):

130

154

    '''A view to log the current session out.'''

131

155

    template = 'logout.html'

 

156

    allow_overlays = False

132

157

 

133

158

    def authorize(self, req):

134

159

        # This can be used by any authenticated user, even if they haven't

135

160

        # accepted the ToS yet.

136

 

        return ivle.dispatch.login.get_user_details(req) is not None

 

161

        return ivle.webapp.security.get_user_details(req) is not None

137

162

 

138

163

    def populate(self, req, ctx):

139

164

        if req.method == "POST":

140

165

            req.logout()

141

166

        else:

142

 

            ctx['path'] =  ivle.util.make_path('+logout')

 

167

            ctx['path'] =  req.make_path('+logout')

• Older »

Loggerhead is a web-based interface for Breezy
Version: 2.0.1