def login():
cas_token_session_key = current_app.config['CAS_TOKEN_SESSION_KEY']
redirect_url = create_cas_login_url(
current_app.config['CAS_SERVER'],
current_app.config['CAS_LOGIN_ROUTE'],
flask.url_for('.login', _external=True))
if flask.request.method == "POST":
if 'ticket' in flask.request.form:
flask.session[cas_token_session_key] = flask.request.form['ticket']
if cas_token_session_key in flask.session:
if validate(flask.session[cas_token_session_key]):
# 如果配置了登陆记录logger,写入登陆记录
if 'CAS_LOGIN_RECORDS_LOGGER' in current_app.config:
cas_login_records = current_app.config['CAS_LOGIN_RECORDS_LOGGER']
username = flask.session.get(current_app.config['CAS_USERNAME_SESSION_KEY'])
uid = flask.session.get(current_app.config['CAS_UID_SESSION_KEY'])
cas_login_records.info('[User:%s UID:%s logged in]' % (username, uid))
if 'CAS_AFTER_LOGIN_SESSION_URL' in flask.session:
redirect_url = flask.session.pop('CAS_AFTER_LOGIN_SESSION_URL')
else:
redirect_url = flask.url_for(
current_app.config['CAS_AFTER_LOGIN'])
else:
del flask.session[cas_token_session_key]
current_app.logger.debug('Redirecting to: {0}'.format(redirect_url))
return flask.redirect(redirect_url)
def test_minimal(self):
self.assertEqual(
create_cas_login_url(
'http://sso.pdx.edu',
'/cas',
'http://localhost:5000',
),
'http://sso.pdx.edu/cas?service=http%3A%2F%2Flocalhost%3A5000',
)
def test_minimal(self):
self.assertEqual(
create_cas_login_url(
'http://sso.pdx.edu',
'/cas',
'http://localhost:5000',
),
'http://sso.pdx.edu/cas?service=http%3A%2F%2Flocalhost%3A5000',
)
def test_with_gateway(self):
self.assertEqual(
create_cas_login_url(
'http://sso.pdx.edu',
'/cas',
'http://localhost:5000',
gateway="true",
),
'http://sso.pdx.edu/cas?service=http%3A%2F%2Flocalhost%3A5000&gateway=true',
)
def test_with_gateway(self):
self.assertEqual(
create_cas_login_url(
'http://sso.pdx.edu',
'/cas',
'http://localhost:5000',
gateway="true",
),
'http://sso.pdx.edu/cas?service=http%3A%2F%2Flocalhost%3A5000&gateway=true',
)
def login(self,
app: App,
session: Session,
host: http.Host,
port: http.Port,
scheme: http.Scheme,
ticket: str = None):
"""
This route has two purposes. First, it is used by the user
to login. Second, it is used by the CAS to respond with the
`ticket` after the user logs in successfully.
When the user accesses this url, they are redirected to the CAS
to login. If the login was successful, the CAS will respond to this
route with the ticket in the url. The ticket is then validated.
If validation was successful the logged in username is saved in
the user's session under the key `CAS_USERNAME_SESSION_KEY` and
the user's attributes are saved under the key
'CAS_USERNAME_ATTRIBUTE_KEY'
"""
login_url = f"{scheme}://{host}:{port}{app.reverse_url('view:cas:login')}"
cas_token_session_key = settings['CAS_TOKEN_SESSION_KEY']
redirect_url = create_cas_login_url(settings['CAS_SERVER'],
settings['CAS_LOGIN_ROUTE'],
login_url)
if ticket:
session[cas_token_session_key] = ticket
if validate(ticket, login_url, session):
if 'CAS_AFTER_LOGIN_SESSION_URL' in session:
redirect_url = session.pop('CAS_AFTER_LOGIN_SESSION_URL')
else:
redirect_url = app.reverse_url(settings['CAS_AFTER_LOGIN'])
else:
del session[cas_token_session_key]
logger.debug('Redirecting to: {0}'.format(redirect_url))
return redirect(redirect_url)
