def accept(request):
r = convertToOpenIDRequest(request)
if r is None:
return HttpResponse("Nothing here")
if request.method == "GET":
return render_to_response("users/accept_root.html", {"openid_request": r})
if request.method == "POST":
if request.POST.has_key("cancel"):
return convertToHttpResponse(r.answer(False))
if request.POST.has_key("remember"):
user = getDjangoidUserFromIdentity(r.identity)
root = TrustedRoot.objects.get(root = r.trust_root)
user.trusted_roots.add(root)
return convertToHttpResponse(r.answer(True))
def endpoint(request):
#If this is (most likely) a YADIS request, handle it using the YADIS view function
if checkYadisRequest(request):
return serveryadis(request)
r = convertToOpenIDRequest(request)
#If the request wasnt a valid OpenID server request, render some static page.
#TODO: use render_to_response("about.html")
if r is None:
return HttpResponse("about")
#Check whether we got to do anything...
if r.mode in ["checkid_immediate", "checkid_setup"]:
#Get a DjangoidUser, based on the identity URI
user = getDjangoidUserFromIdentity(r.identity)
#If the user is not in our database yet, or he's not authenticated (or authenticated using some other
#username), redirect to the login page. This is part of the "users" application.
#Make sure we pass all OpenID related information in the URL
if not request.user or request.user.is_authenticated() == False:
return redirect_to_login(urllib.quote(r.encodeToURL("/".join([""] + settings.BASE_URL.split("/")[3:]))) + "&tr=" + urllib.quote(r.trust_root), login_url = settings.BASE_URL + "login/")
if not request.user.username == user.djangouser:
raise Exception, "Logged in as " + request.user.username + " while expecting " + user.djangouser
#Is the user authenticated, and does he trust this trust_root?
if user.authenticate(r.trust_root): #user logged in (using r.identity and r.trust_root)
response = r.answer(True)
#User is logged in, but hasnt added this trust_root to his list of permanently trusted roots.
#If this is an immediate request, we can't ask the user now though. Reply with a failure, passing the
#URI to which a second request (non-immediate) should be made. This is this same view.
elif r.immediate:
response = r.answer(False, settings.BASE_URL)
#Right, we got to ask the user whether he trusts this trust_root, and whether he wants to add it to his
#list of permanently trusted roots. This is handled in the "users" application.
else:
return HttpResponseRedirect(r.encodeToURL(settings.BASE_URL + "accept/"))
#If not, let the OpenID server do everything for us :-)
else:
response = handleOpenIDRequest(r)
return convertToHttpResponse(response)
