def logout(request: ExtendedHttpRequestWithUser) -> HttpResponse: auth.authLogLogout(request) request.session['restricted'] = False # Remove restricted logoutUrl = request.user.logout() if logoutUrl is None: logoutUrl = request.session.get('logouturl', None) return auth.webLogout(request, logoutUrl)
def __call__(self, request: ExtendedHttpRequest): self._process_request(request) # Now, check if session is timed out... if request.user: # return HttpResponse(content='Session Expired', status=403, content_type='text/plain') now = timezone.now() expiry = request.session.get(EXPIRY_KEY, now) if expiry < now: webLogout( request=request ) # Ignore the response, just processes usere session logout return HttpResponse(content='Session Expired', status=403) # Update session timeout..self. request.session[EXPIRY_KEY] = now + datetime.timedelta( seconds=GlobalConfig.SESSION_DURATION_ADMIN.getInt( ) if request.user.isStaff( ) else GlobalConfig.SESSION_DURATION_USER.getInt()) response = self._get_response(request) return self._process_response(request, response)
def authCallback(request, authName): """ This url is provided so external SSO authenticators can get an url for redirecting back the users. This will invoke authCallback of the requested idAuth and, if this represents an authenticator that has an authCallback """ from uds.core import auths try: authenticator = Authenticator.objects.get(name=authName) params = request.GET.copy() params.update(request.POST) logger.debug('Request session:%s -> %s, %s', request.ip, request.session.keys(), request.session.session_key) params['_request'] = request # params['_session'] = request.session # params['_user'] = request.user logger.debug('Auth callback for {0} with params {1}'.format( authenticator, params.keys())) user = authenticateViaCallback(authenticator, params) os = OsDetector.getOsFromUA(request.META['HTTP_USER_AGENT']) if user is None: authLogLogin(request, authenticator, '{0}'.format(params), 'Invalid at auth callback') raise auths.Exceptions.InvalidUserException() response = HttpResponseRedirect(reverse('Index')) webLogin(request, response, user, '') # Password is unavailable in this case request.session['OS'] = os # Now we render an intermediate page, so we get Java support from user # It will only detect java, and them redirect to Java return response except auths.Exceptions.Redirect as e: return HttpResponseRedirect(request.build_absolute_uri(str(e))) except auths.Exceptions.Logout as e: return webLogout(request, request.build_absolute_uri(str(e))) except Exception as e: logger.exception('authCallback') return errors.exceptionView(request, e) # Will never reach this raise RuntimeError('Unreachable point reached!!!')
def authCallback_stage2(request: HttpRequest, ticketId: str) -> HttpResponse: try: ticket = TicketStore.get(ticketId) params: typing.Dict[str, typing.Any] = ticket['params'] auth_uuid: str = ticket['auth'] authenticator = Authenticator.objects.get(uuid=auth_uuid) params['_request'] = request # params['_session'] = request.session # params['_user'] = request.user logger.debug('Request session:%s -> %s, %s', request.ip, request.session.keys(), request.session.session_key) user = authenticateViaCallback(authenticator, params) os = OsDetector.getOsFromUA(request.META['HTTP_USER_AGENT']) if user is None: authLogLogin(request, authenticator, '{0}'.format(params), 'Invalid at auth callback') raise auths.exceptions.InvalidUserException() response = HttpResponseRedirect(reverse('page.index')) webLogin(request, response, user, '') # Password is unavailable in this case request.session['OS'] = os # Now we render an intermediate page, so we get Java support from user # It will only detect java, and them redirect to Java return response except auths.exceptions.Redirect as e: return HttpResponseRedirect( request.build_absolute_uri(str(e)) if e.args and e.args[0] else '/' ) except auths.exceptions.Logout as e: return webLogout( request, request.build_absolute_uri(str(e)) if e.args and e.args[0] else None) except Exception as e: logger.exception('authCallback') return errors.exceptionView(request, e) # Will never reach this raise RuntimeError('Unreachable point reached!!!')
def authCallback(request, authName): """ This url is provided so external SSO authenticators can get an url for redirecting back the users. This will invoke authCallback of the requested idAuth and, if this represents an authenticator that has an authCallback """ from uds.core import auths try: authenticator = Authenticator.objects.get(name=authName) params = request.GET.copy() params.update(request.POST) params['_request'] = request # params['_session'] = request.session # params['_user'] = request.user logger.debug('Auth callback for {0} with params {1}'.format(authenticator, params.keys())) user = authenticateViaCallback(authenticator, params) os = OsDetector.getOsFromUA(request.META['HTTP_USER_AGENT']) if user is None: authLogLogin(request, authenticator, '{0}'.format(params), 'Invalid at auth callback') raise auths.Exceptions.InvalidUserException() response = HttpResponseRedirect(reverse('Index')) webLogin(request, response, user, '') # Password is unavailable in this case request.session['OS'] = os # Now we render an intermediate page, so we get Java support from user # It will only detect java, and them redirect to Java return response except auths.Exceptions.Redirect as e: return HttpResponseRedirect(request.build_absolute_uri(str(e))) except auths.Exceptions.Logout as e: return webLogout(request, request.build_absolute_uri(str(e))) except Exception as e: logger.exception('authCallback') return errors.exceptionView(request, e) # Will never reach this raise RuntimeError('Unreachable point reached!!!')
def index(request): """ Renders the main page. :param request: http request """ if request.session.get('ticket') == '1': return webLogout(request) # Session data os = request.os # We look for services for this authenticator groups. User is logged in in just 1 authenticator, so his groups must coincide with those assigned to ds groups = list(request.user.getGroups()) availServices = DeployedService.getDeployedServicesForGroups(groups) availUserServices = UserService.getUserAssignedServices(request.user) # Information for administrators nets = '' validTrans = '' logger.debug('OS: {0}'.format(os['OS'])) if request.user.isStaff(): nets = ','.join([n.name for n in Network.networksFor(request.ip)]) tt = [] for t in Transport.objects.all(): if t.validForIp(request.ip): tt.append(t.name) validTrans = ','.join(tt) # Extract required data to show to user services = [] # Select assigned user services (manually assigned) for svr in availUserServices: trans = [] for t in svr.transports.all().order_by('priority'): typeTrans = t.getType() if t.validForIp(request.ip) and typeTrans.supportsOs( os['OS']) and t.validForOs(os['OS']): if typeTrans.ownLink is True: link = reverse('TransportOwnLink', args=('A' + svr.uuid, t.uuid)) else: link = html.udsAccessLink(request, 'A' + svr.uuid, t.uuid) trans.append({'id': t.uuid, 'name': t.name, 'link': link}) servicePool = svr.deployed_service if servicePool.image is not None: imageId = servicePool.image.uuid else: imageId = 'x' # Invalid # Extract app group group = servicePool.servicesPoolGroup if servicePool.servicesPoolGroup is not None else ServicesPoolGroup.default( ).as_dict services.append({ 'id': 'A' + svr.uuid, 'name': servicePool.name, 'visual_name': servicePool.visual_name, 'description': servicePool.comments, 'group': group, 'transports': trans, 'imageId': imageId, 'show_transports': servicePool.show_transports, 'allow_users_remove': servicePool.allow_users_remove, 'allow_users_reset': servicePool.allow_users_reset, 'maintenance': servicePool.isInMaintenance(), 'not_accesible': not servicePool.isAccessAllowed(), 'in_use': svr.in_use, 'to_be_replaced': False, # Manually assigned will not be autoremoved never 'comments': servicePool.comments, }) logger.debug(services) # Now generic user service for svr in availServices: trans = [] for t in svr.transports.all().order_by('priority'): typeTrans = t.getType() if typeTrans is None: # This may happen if we "remove" a transport type but we have a transport of that kind on DB continue if t.validForIp(request.ip) and typeTrans.supportsOs( os['OS']) and t.validForOs(os['OS']): if typeTrans.ownLink is True: link = reverse('TransportOwnLink', args=('F' + svr.uuid, t.uuid)) else: link = html.udsAccessLink(request, 'F' + svr.uuid, t.uuid) trans.append({'id': t.uuid, 'name': t.name, 'link': link}) if svr.image is not None: imageId = svr.image.uuid else: imageId = 'x' # Locate if user service has any already assigned user service for this ads = UserServiceManager.manager().getExistingAssignationForUser( svr, request.user) if ads is None: in_use = False else: in_use = ads.in_use group = svr.servicesPoolGroup.as_dict if svr.servicesPoolGroup is not None else ServicesPoolGroup.default( ).as_dict tbr = svr.toBeReplaced() if tbr is not None: tbr = formats.date_format(tbr, "SHORT_DATETIME_FORMAT") tbrt = ugettext( 'This service is about to be replaced by a new version. Please, close the session before {} and save all your work to avoid loosing it.' ).format(tbr) else: tbrt = '' services.append({ 'id': 'F' + svr.uuid, 'name': svr.name, 'visual_name': svr.visual_name, 'description': svr.comments, 'group': group, 'transports': trans, 'imageId': imageId, 'show_transports': svr.show_transports, 'allow_users_remove': svr.allow_users_remove, 'allow_users_reset': svr.allow_users_reset, 'maintenance': svr.isInMaintenance(), 'not_accesible': not svr.isAccessAllowed(), 'in_use': in_use, 'to_be_replaced': tbr, 'to_be_replaced_text': tbrt, 'comments': svr.comments, }) logger.debug('Services: {0}'.format(services)) services = sorted(services, key=lambda s: s['name'].upper()) autorun = False if len(services) == 1 and GlobalConfig.AUTORUN_SERVICE.getBool( True) and len(services[0]['transports']) > 0: if request.session.get('autorunDone', '0') == '0': request.session['autorunDone'] = '1' autorun = True # return redirect('uds.web.views.service', idService=services[0]['id'], idTransport=services[0]['transports'][0]['id']) # List of services groups allGroups = [ v for v in sorted([ser['group'] for ser in services], key=lambda s: s['priority']) ] # Now remove duplicates groups = [] already = [] for g in allGroups: if g['name'] not in already: already.append(g['name']) groups.append(g) logger.debug('Groups: {}'.format(groups)) response = render( request, theme.template('index.html'), { 'groups': groups, 'services': services, 'ip': request.ip, 'nets': nets, 'transports': validTrans, 'autorun': autorun }) return response
def logout(request): authLogLogout(request) return webLogout(request, request.user.logout())
def logout(request): authLogLogout(request) logoutUrl = request.user.logout() if logoutUrl is None: logoutUrl = request.session.get('logouturl', None) return webLogout(request, logoutUrl)
def logout(request: HttpRequest) -> HttpResponse: auth.authLogLogout(request) logoutUrl = request.user.logout() if logoutUrl is None: logoutUrl = request.session.get('logouturl', None) return auth.webLogout(request, logoutUrl)
def logout(request): authLogLogout(request) logoutUrl = request.user.logout() if logoutUrl is None: logoutUrl = request.session.get('logouturl', None) return webLogout(request, logoutUrl)
def index(request): """ Renders the main page. :param request: http request """ if request.session.get('ticket') == '1': return webLogout(request) # Session data os = request.os # We look for services for this authenticator groups. User is logged in in just 1 authenticator, so his groups must coincide with those assigned to ds groups = list(request.user.getGroups()) availServices = DeployedService.getDeployedServicesForGroups(groups) availUserServices = UserService.getUserAssignedServices(request.user) # Information for administrators nets = '' validTrans = '' logger.debug('OS: {0}'.format(os['OS'])) if request.user.isStaff(): nets = ','.join([n.name for n in Network.networksFor(request.ip)]) tt = [] for t in Transport.objects.all(): if t.validForIp(request.ip): tt.append(t.name) validTrans = ','.join(tt) # Extract required data to show to user services = [] # Select assigned user services (manually assigned) for svr in availUserServices: trans = [] for t in svr.transports.all().order_by('priority'): typeTrans = t.getType() if t.validForIp(request.ip) and typeTrans.supportsOs(os['OS']) and t.validForOs(os['OS']): if typeTrans.ownLink is True: link = reverse('TransportOwnLink', args=('A' + svr.uuid, t.uuid)) else: link = html.udsAccessLink(request, 'A' + svr.uuid, t.uuid) trans.append( { 'id': t.uuid, 'name': t.name, 'link': link } ) servicePool = svr.deployed_service if servicePool.image is not None: imageId = servicePool.image.uuid else: imageId = 'x' # Invalid # Extract app group group = servicePool.servicesPoolGroup if servicePool.servicesPoolGroup is not None else ServicesPoolGroup.default().as_dict services.append({ 'id': 'A' + svr.uuid, 'name': servicePool.name, 'visual_name': servicePool.visual_name, 'description': servicePool.comments, 'group': group, 'transports': trans, 'imageId': imageId, 'show_transports': servicePool.show_transports, 'allow_users_remove': servicePool.allow_users_remove, 'maintenance': servicePool.isInMaintenance(), 'not_accesible': not servicePool.isAccessAllowed(), 'in_use': svr.in_use, 'to_be_replaced': False, # Manually assigned will not be autoremoved never 'comments': servicePool.comments, }) logger.debug(services) # Now generic user service for svr in availServices: trans = [] for t in svr.transports.all().order_by('priority'): typeTrans = t.getType() if typeTrans is None: # This may happen if we "remove" a transport type but we have a transport of that kind on DB continue if t.validForIp(request.ip) and typeTrans.supportsOs(os['OS']) and t.validForOs(os['OS']): if typeTrans.ownLink is True: link = reverse('TransportOwnLink', args=('F' + svr.uuid, t.uuid)) else: link = html.udsAccessLink(request, 'F' + svr.uuid, t.uuid) trans.append( { 'id': t.uuid, 'name': t.name, 'link': link } ) if svr.image is not None: imageId = svr.image.uuid else: imageId = 'x' # Locate if user service has any already assigned user service for this ads = UserServiceManager.manager().getExistingAssignationForUser(svr, request.user) if ads is None: in_use = False else: in_use = ads.in_use group = svr.servicesPoolGroup.as_dict if svr.servicesPoolGroup is not None else ServicesPoolGroup.default().as_dict tbr = svr.toBeReplaced() if tbr is not None: tbr = formats.date_format(tbr, "SHORT_DATETIME_FORMAT") tbrt = ugettext('This service is about to be replaced by a new version. Please, close the session before {} and save all your work to avoid loosing it.').format(tbr) else: tbrt = '' services.append({ 'id': 'F' + svr.uuid, 'name': svr.name, 'visual_name': svr.visual_name, 'description': svr.comments, 'group': group, 'transports': trans, 'imageId': imageId, 'show_transports': svr.show_transports, 'allow_users_remove': svr.allow_users_remove, 'maintenance': svr.isInMaintenance(), 'not_accesible': not svr.isAccessAllowed(), 'in_use': in_use, 'to_be_replaced': tbr, 'to_be_replaced_text': tbrt, 'comments': svr.comments, }) logger.debug('Services: {0}'.format(services)) services = sorted(services, key=lambda s: s['name'].upper()) autorun = False if len(services) == 1 and GlobalConfig.AUTORUN_SERVICE.getBool(True) and len(services[0]['transports']) > 0: if request.session.get('autorunDone', '0') == '0': request.session['autorunDone'] = '1' autorun = True # return redirect('uds.web.views.service', idService=services[0]['id'], idTransport=services[0]['transports'][0]['id']) # List of services groups allGroups = [v for v in sorted([ser['group'] for ser in services], key=lambda s: s['priority'])] # Now remove duplicates groups = [] already = [] for g in allGroups: if g['name'] not in already: already.append(g['name']) groups.append(g) logger.debug('Groups: {}'.format(groups)) response = render( request, theme.template('index.html'), { 'groups': groups, 'services': services, 'ip': request.ip, 'nets': nets, 'transports': validTrans, 'autorun': autorun } ) return response
def logout(request): authLogLogout(request) return webLogout(request, request.user.logout())