def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ if view_func == login: return cas_login(request, *view_args, **view_kwargs) elif view_func == logout: return cas_logout(request, *view_args, **view_kwargs) if settings.CAS_ADMIN_PREFIX: if not request.path.startswith(settings.CAS_ADMIN_PREFIX): return None elif not view_func.__module__.startswith('django.contrib.admin.'): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: error = ('<h1>Forbidden.</h1><p>You do not have admin privileges.</p>') return HttpResponseForbidden(error) params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ def is_admin_authentication(viewf, function_name): """ The previous code here did not work with current admin functionality so we're matching in an admittedly nonpythonic way against the admin login/logout paths. Update to this function quite welcome! """ return viewf.__module__.startswith('django.contrib.admin.sites') and viewf.__name__ is function_name if is_admin_authentication(view_func, 'login'): return cas_login(request, *view_args, **view_kwargs) elif is_admin_authentication(view_func, 'logout'): return cas_logout(request, *view_args, **view_kwargs) if settings.CAS_ADMIN_PREFIX: if not request.path.startswith(settings.CAS_ADMIN_PREFIX): return None elif not view_func.__module__.startswith('django.contrib.admin.'): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: error = ('<h1>Forbidden</h1><p>You do not have staff ' 'privileges.</p>') return HttpResponseForbidden(error) params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ if view_func == login: return cas_login(request, *view_args, **view_kwargs) elif view_func == logout: return cas_logout(request, *view_args, **view_kwargs) if settings.CAS_ADMIN_PREFIX: if not request.path.startswith(settings.CAS_ADMIN_PREFIX): return None elif not view_func.__module__.startswith('django.contrib.admin.'): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: error = ('<h1>Forbidden</h1><p>You do not have staff ' 'privileges.</p>') return HttpResponseForbidden(error) params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ try: next = request.GET['next'][:6] except: next = False if view_func == login and next == "/admin": return cas_login(request, *view_args, **view_kwargs) elif str(view_func)[:16] == str(logout)[:16]: return cas_logout(request, *view_args, **view_kwargs) if settings.CAS_ADMIN_PREFIX: if not request.path.startswith(settings.CAS_ADMIN_PREFIX): return None elif not view_func.__module__.startswith('django.contrib.admin.'): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: error = ( '<h1>Forbidden</h1><p>You do not have staff ' 'privileges. Click <a href="/accounts/logout"> here to log out.<a/></p>' ) return HttpResponseForbidden(error) params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ try: next = request.GET['next'][:6] except: next = False if view_func == login and next == "/admin": return cas_login(request, *view_args, **view_kwargs) elif str(view_func)[:16] == str(logout)[:16]: return cas_logout(request, *view_args, **view_kwargs) if settings.CAS_ADMIN_PREFIX: if not request.path.startswith(settings.CAS_ADMIN_PREFIX): return None elif not view_func.__module__.startswith('django.contrib.admin.'): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: error = ('<h1>Forbidden</h1><p>You do not have staff ' 'privileges. Click <a href="/accounts/logout"> here to log out.<a/></p>') return HttpResponseForbidden(error) params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ if view_func in (login, cas_login) and request.POST.get( 'logoutRequest', ''): if cas_request_logout_allowed(request): return cas_logout(request, *view_args, **view_kwargs) return HttpResponseForbidden() if view_func == login: return cas_login(request, *view_args, **view_kwargs) elif view_func == logout: return cas_logout(request, *view_args, **view_kwargs) # for all view modules except django admin. by default, we redirect to # cas for all admin views # for all other views, we treats the request with respect of views # configuration if not (self._is_an_admin_view(view_func) and settings.CAS_ADMIN_AUTH): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: error = ('<h1>Forbidden</h1><p>You do not have staff ' 'privileges.</p>') return HttpResponseForbidden(error) params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect( '{}?{}'.format(reverse('django_cas:login'), params) )
def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ if view_func == auth.views.login: return cas_login(request, *view_args, **view_kwargs) elif view_func == auth.views.logout: return cas_logout(request, *view_args, **view_kwargs) if not view_func.__module__.startswith('django.contrib.admin.'): # not admin? then we don't care. Pass along the request. return None if not request.user.is_authenticated(): params = urlencode({auth.REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(settings.LOGIN_URL + '?' + params) if request.user.is_staff: return None error = ('<h1>Forbidden</h1><p>You do not have staff ' 'privileges.</p>') return HttpResponseForbidden(error)
def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ if view_func in (login, cas_login) and request.POST.get( 'logoutRequest', ''): if cas_request_logout_allowed(request): return cas_logout(request, *view_args, **view_kwargs) return HttpResponseForbidden() if view_func == login: return cas_login(request, *view_args, **view_kwargs) elif view_func == logout: return cas_logout(request, *view_args, **view_kwargs) # for all view modules except django admin. by default, we redirect to # cas for all admin views # for all other views, we treats the request with respect of views # configuration if not (self._is_an_admin_view(view_func) and settings.CAS_ADMIN_AUTH): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: error = ('<h1>Forbidden</h1><p>You do not have staff ' 'privileges.</p>') return HttpResponseForbidden(error) params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect('{}?{}'.format(reverse('django_cas:login'), params))
def cas_connection(request): """ Allows to log in using CAS """ if request.user.is_authenticated(): return redirect(urlresolvers.reverse('main.views.welcome')) # Remember the login method request.session['auth_method'] = 'CAS' return cas_login(request)
def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ if view_func == login: return cas_login(request, *view_args, **view_kwargs) elif view_func == logout: return cas_logout(request, *view_args, **view_kwargs) if settings.CAS_ADMIN_PREFIX and \ not request.path.startswith(settings.CAS_ADMIN_PREFIX): # Ignore static if view_func.__module__.startswith('django.views.static'): return None # Log out admins that stray off the admin section if getattr(settings, "CAS_ADMIN_VIEWS_RESTRICTED", False): if request.user.is_authenticated(): if request.user.is_staff: return user_logout(request) return None elif not view_func.__module__.startswith('django.contrib.admin.'): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: error = ('<h1>Forbidden</h1><p>You do not have staff ' 'privileges.</p>') return HttpResponseForbidden(error) # Allow admins to log in by other means elif getattr(settings, 'CAS_ADMIN_IGNORE', False): return None params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs): """ Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ if view_func == login: return cas_login(request, *view_args, **view_kwargs) if view_func == logout: return cas_logout(request, *view_args, **view_kwargs) # The rest of this method amends the Django admin authorization wich # will post a username/password dialog to authenticate to django admin. if not view_func.__module__.startswith("django.contrib.admin."): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: raise PermissionDenied("No staff priviliges") params = urlencode({auth.REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(settings.LOGIN_URL + "?" + params)
def process_view(self, request, view_func, view_args, view_kwargs): """Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ if view_func == login: # how to get the next query of the URL? url = request.get_full_path() qs = parse_qs(urlparse(url).query) # print qs # print "appended QUERY string:", request.GET.urlencode() if REDIRECT_FIELD_NAME in qs: # print qs redirect = qs[REDIRECT_FIELD_NAME][0] res = re.match(r"^/loginredirect/(?P<identity>\w+)/", redirect) if res is not None and res.group('identity') == "student": return cas_login(request) return login(request, *view_args, **view_kwargs) elif view_func == logout: return cas_logout(request, *view_args, **view_kwargs) if settings.CAS_ADMIN_PREFIX: if not request.path.startswith(settings.CAS_ADMIN_PREFIX): return None elif not view_func.__module__.startswith('django.contrib.admin.'): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: error = ('<h1>Forbidden</h1><p>You do not have staff ' 'privileges.</p>') return HttpResponseForbidden(error) params = urlencode({REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(reverse(cas_login) + '?' + params)
def process_view(self, request, view_func, view_args, view_kwargs): """ Forwards unauthenticated requests to the admin page to the CAS login URL, as well as calls to django.contrib.auth.views.login and logout. """ if view_func == login: return cas_login(request, *view_args, **view_kwargs) if view_func == logout: return cas_logout(request, *view_args, **view_kwargs) # The rest of this method amends the Django admin authorization wich # will post a username/password dialog to authenticate to django admin. if not view_func.__module__.startswith('django.contrib.admin.'): return None if request.user.is_authenticated(): if request.user.is_staff: return None else: raise PermissionDenied("No staff priviliges") params = urlencode({auth.REDIRECT_FIELD_NAME: request.get_full_path()}) return HttpResponseRedirect(settings.LOGIN_URL + '?' + params)