def voter_booth_login(request, election, poll, voter_uuid, voter_secret): voter = None if poll.jwt_auth: messages.error(request, _("Poll does not support voter url login.")) return HttpResponseRedirect(reverse('error', kwargs={'code': 403})) try: voter = Voter.objects.get(poll=poll, uuid=voter_uuid) if voter.excluded_at: raise PermissionDenied('37') except Voter.DoesNotExist: raise PermissionDenied("Invalid election") if request.zeususer.is_authenticated() and request.zeususer.is_voter: return HttpResponseRedirect( reverse('election_poll_index', kwargs={ 'election_uuid': request.zeususer._user.poll.election.uuid, 'poll_uuid': request.zeususer._user.poll.uuid })) if request.zeususer.is_authenticated() and ( not request.zeususer.is_voter or \ request.zeususer._user.pk != voter.pk): messages.error( request, _("You need to logout from your current account " "to access this view.")) return HttpResponseRedirect(reverse('error', kwargs={'code': 403})) if voter.voter_password != unicode(voter_secret): raise PermissionDenied("Invalid secret") if poll.oauth2_thirdparty: oauth2 = poll.get_oauth2_module if oauth2.type_id == 'google': oauth2.set_login_hint(voter.voter_email) poll.logger.info("[thirdparty] setting thirdparty voter " + \ "session data (%s, %s)", voter.voter_email, voter.uuid) request.session['oauth2_voter_email'] = voter.voter_email request.session['oauth2_voter_uuid'] = voter.uuid url = oauth2.get_code_url() poll.logger.info("[thirdparty] code handshake from %s", url) context = {'url': url} tpl = 'voter_redirect' return render_template(request, tpl, context) elif poll.shibboleth_auth: poll.logger.info("[thirdparty] shibboleth redirect for voter (%s, %s)", voter.voter_email, voter.uuid) constraints = poll.get_shibboleth_constraints() endpoint = constraints.get('endpoint') request.session['shibboleth_voter_email'] = voter.voter_email request.session['shibboleth_voter_uuid'] = voter.uuid url = auth.make_shibboleth_login_url(endpoint) context = {'url': url} tpl = 'voter_redirect' return render_template(request, tpl, context) else: user = auth.ZeusUser(voter) user.authenticate(request) poll.logger.info("Poll voter '%s' logged in", voter.voter_login_id) return HttpResponseRedirect(poll_reverse(poll, 'index'))
def voter_booth_login(request, election, poll, voter_uuid, voter_secret): voter = None if poll.jwt_auth: messages.error(request, _("Poll does not support voter url login.")) return HttpResponseRedirect(reverse("error", kwargs={"code": 403})) try: voter = Voter.objects.get(poll=poll, uuid=voter_uuid) if voter.excluded_at: raise PermissionDenied("37") except Voter.DoesNotExist: raise PermissionDenied("Invalid election") if request.zeususer.is_authenticated() and request.zeususer.is_voter: return HttpResponseRedirect( reverse( "election_poll_index", kwargs={ "election_uuid": request.zeususer._user.poll.election.uuid, "poll_uuid": request.zeususer._user.poll.uuid, }, ) ) if request.zeususer.is_authenticated() and (not request.zeususer.is_voter or request.zeususer._user.pk != voter.pk): messages.error(request, _("You need to logout from your current account " "to access this view.")) return HttpResponseRedirect(reverse("error", kwargs={"code": 403})) if voter.voter_password != unicode(voter_secret): raise PermissionDenied("Invalid secret") if poll.oauth2_thirdparty: oauth2 = poll.get_oauth2_module if oauth2.type_id == "google": oauth2.set_login_hint(voter.voter_email) poll.logger.info( "[thirdparty] setting thirdparty voter " + "session data (%s, %s)", voter.voter_email, voter.uuid ) request.session["oauth2_voter_email"] = voter.voter_email request.session["oauth2_voter_uuid"] = voter.uuid url = oauth2.get_code_url() poll.logger.info("[thirdparty] code handshake from %s", url) context = {"url": url} tpl = "voter_redirect" return render_template(request, tpl, context) elif poll.shibboleth_auth: poll.logger.info("[thirdparty] shibboleth redirect for voter (%s, %s)", voter.voter_email, voter.uuid) constraints = poll.get_shibboleth_constraints() endpoint = constraints.get("endpoint") request.session["shibboleth_voter_email"] = voter.voter_email request.session["shibboleth_voter_uuid"] = voter.uuid url = auth.make_shibboleth_login_url(endpoint) context = {"url": url} tpl = "voter_redirect" return render_template(request, tpl, context) else: user = auth.ZeusUser(voter) user.authenticate(request) poll.logger.info("Poll voter '%s' logged in", voter.voter_login_id) return HttpResponseRedirect(poll_reverse(poll, "index"))