def post(self):
        next_url = self.request.arguments.get('next', [None])[0]
        username = self.request.arguments.get('username', [None])[0]
        password = self.request.arguments.get('password', [None])[0]

        if self.current_user:
            return self.redirect(next_url or '/')

        if Settings['login_strategy'] == 'ldap':
            # LDAP is our basic auth strategy.
            if not username or not password:
                return self.render("login.html", page_title="Login", next_url=next_url,
                                   errors="Please enter both a username and a password.")
            if not authenticate_ldap(username, password):
                return self.render("login.html", page_title="Login", next_url=next_url,
                                   errors="Invalid username or password specified.")
            return login(self, username, next_url)

        elif Settings['login_strategy'] == 'saml':
            # They shouldn't be POSTing, but it's cool. Blatantly ignore their
            # form and redirect them to the IdP to try again.
            # SAML doesn't support friendly redirects to next_url for security,
            # so they'll end up on the landing page after auth.
            return self._saml_login()

        # TODO: Turn this into an HTTP status code along 4xx
        # Give them the basic auth page with an error telling them logins are currently botched.
        return self.render("login.html", page_title="Login", next_url=next_url,
                           errors="No login strategy currently configured.")
Ejemplo n.º 2
0
 def test_authenticate(self):
     with mock.patch.object(logging, "exception"):
         T.assert_equal(auth.authenticate_ldap("fake_user", "fake_password"), False)
Ejemplo n.º 3
0
 def test_authenticate(self):
     with mock.patch.object(logging, "exception"):
         T.assert_equal(auth.authenticate_ldap("fake_user", "fake_password"), False)