Esempio n. 1
0
def userpage(request, uid):
        #Check whether this is a YADIS request
        if checkYadisRequest(request):
                return useryadis(request, uid)

        user = get_object_or_404(DjangoidUser.objects, djangouser = uid)
        user.attributes = user.get_attributes(True)
        mid = microid(user.get_user_page(), user.get_user_page())
        res = render_to_response("users/userpage.html", {"server_url": settings.BASE_URL[:-1] + urlreverse("djangoid.server.views.endpoint"), "user": user, "microid": mid})
        res["X-XRDS-Location"] = user.get_yadis_uri()
        return res
Esempio n. 2
0
def endpoint(request):
        #If this is (most likely) a YADIS request, handle it using the YADIS view function
        if checkYadisRequest(request):
                return serveryadis(request)

        r = convertToOpenIDRequest(request)

        #If the request wasnt a valid OpenID server request, render some static page.
        #TODO: use render_to_response("about.html")
        if r is None:
                return HttpResponse("about")

        #Check whether we got to do anything...
        if r.mode in ["checkid_immediate", "checkid_setup"]:
                #Get a DjangoidUser, based on the identity URI
                user = getDjangoidUserFromIdentity(r.identity)
                #If the user is not in our database yet, or he's not authenticated (or authenticated using some other
                #username), redirect to the login page. This is part of the "users" application.
                #Make sure we pass all OpenID related information in the URL
                if not request.user or request.user.is_authenticated() == False:
                        return redirect_to_login(urllib.quote(r.encodeToURL("/".join([""] + settings.BASE_URL.split("/")[3:]))) + "&tr=" + urllib.quote(r.trust_root), login_url = settings.BASE_URL + "login/")
                if not request.user.username == user.djangouser:
                        raise Exception, "Logged in as " + request.user.username + " while expecting " + user.djangouser

                #Is the user authenticated, and does he trust this trust_root?
                if user.authenticate(r.trust_root): #user logged in (using r.identity and r.trust_root)
                        response = r.answer(True)
                #User is logged in, but hasnt added this trust_root to his list of permanently trusted roots.
                #If this is an immediate request, we can't ask the user now though. Reply with a failure, passing the
                #URI to which a second request (non-immediate) should be made. This is this same view.
                elif r.immediate:
                        response = r.answer(False, settings.BASE_URL)
                #Right, we got to ask the user whether he trusts this trust_root, and whether he wants to add it to his
                #list of permanently trusted roots. This is handled in the "users" application.
                else:
                        return HttpResponseRedirect(r.encodeToURL(settings.BASE_URL + "accept/"))
        #If not, let the OpenID server do everything for us :-)
        else:
                response = handleOpenIDRequest(r)

        return convertToHttpResponse(response)