def passwd_do(request):
if not config.get("use_change_passwd"):
raise Http404
passwd_form = PasswdForm(data=request.POST)
user_name = request.POST.get('user_name')
if user_name.find('@') >= 0:
mail_address = user_name
else:
mail_address = user_name + '@' + config.get('apps_domain')
if not passwd_form.is_valid():
t = utils.gh_get_template(request, 'idp/passwd.html')
c = RequestContext(request, {
'mail_address': mail_address,
'backURL': request.POST.get('backURL'),
'form': passwd_form})
return HttpResponse(t.render(c))
passwd_engine = passwd.createPasswdEngine(
engine=config.get('passwd_engine'), config=config)
try:
passwd_engine.changePassword(passwd_form.cleaned_data.get('user_name'),
passwd_form.cleaned_data.get('old_password'),
passwd_form.cleaned_data.get('new_password'))
except passwd.PasswdException, e:
# changing password failed
logging.error(e)
time.sleep(config.get('sleep_time', 3))
t = utils.gh_get_template(request, 'idp/passwd.html')
c = RequestContext(request, {
'mail_address': mail_address,
'flash': _('Failed to change password'),
'backURL': passwd_form.cleaned_data.get('backURL'),
'form': passwd_form})
return HttpResponse(t.render(c))
def password(request):
if not config.get("use_change_passwd"):
return render_error(request, _('Changing password is not available here'), status=404)
# first retrieve user_name from request
user_name = request.REQUEST.get('user_name')
if user_name is None:
user_name = request.session.get(const.USER_NAME)
if user_name is None:
return render_error(request, _('Can not retrieve user name.'), status=400)
backURL = request.REQUEST.get('backURL')
# TODO: sanitize user_name and backURL
passwd_form = PasswdForm(initial={"user_name": user_name,
"backURL": backURL})
if user_name.find('@') >= 0:
mail_address = user_name
else:
mail_address = user_name + '@' + config.get('apps_domain')
t = utils.gh_get_template(request, 'idp/passwd.html')
c = RequestContext(request, {'mail_address': mail_address,
'backURL': backURL,
'form': passwd_form})
return HttpResponse(t.render(c))
def render_error(request, message, status=500):
t = utils.gh_get_template(request, 'idp/error.html')
c = RequestContext(request, {'message': message})
return HttpResponse(t.render(c), status=status)
def reset_password(request):
if not config.get("use_reset_passwd"):
raise Http404
t = utils.gh_get_template(request, 'idp/reset-password.html')
c = RequestContext(request, {'form': ResetForm()})
return HttpResponse(t.render(c))
if utils.is_user_authenticated(request):
return utils.create_saml_response(request, authn_request, RelayState,
request.session.get(const.USER_NAME),
set_time=False)
if authn_request.is_passive == 'true':
#TODO: Passive!
logging.warn('TODO: Correspond with passive authn_request.')
if config.get('always_remember_me'):
login_form_cls = LoginForm
else:
login_form_cls = LoginFormWithCheckBox
initial = {}
initial={'SAMLRequest': request.REQUEST.get("SAMLRequest"),
'RelayState': request.REQUEST.get("RelayState")}
login_form = login_form_cls(initial=initial)
t = utils.gh_get_template(request, 'idp/login.html')
c = RequestContext(request, {'form': login_form,
'flash': utils.get_flash(request)})
return HttpResponse(t.render(c))
def login_do(request):
try:
(authn_request, RelayState) = utils.parse_saml_request(
request, samlp.AuthnRequestFromString)
except Exception, e:
logging.error(e)
return render_error(request, _('Invalid SAMLRequest'), status=400)
if config.get('always_remember_me'):
login_form_cls = LoginForm
else: