def _process(self):
login_reason = session.pop('login_reason', None)
# User is already logged in
if session.user is not None:
multipass.set_next_url()
return multipass.redirect_success()
# Some clients attempt to incorrectly resolve redirections internally.
# See https://github.com/indico/indico/issues/4720 for details
user_agent = request.headers.get('User-Agent', '')
sso_redirect = not any(s in user_agent
for s in ('ms-office', 'Microsoft Office'))
# If we have only one provider, and this provider is external, we go there immediately
# However, after a failed login we need to show the page to avoid a redirect loop
if not session.pop(
'_multipass_auth_failed', False
) and 'provider' not in request.view_args and sso_redirect:
single_auth_provider = multipass.single_auth_provider
if single_auth_provider and single_auth_provider.is_external:
multipass.set_next_url()
return redirect(
url_for('.login', provider=single_auth_provider.name))
# Save the 'next' url to go to after login
multipass.set_next_url()
# If there's a provider in the URL we start the external login process
if 'provider' in request.view_args:
provider = _get_provider(request.view_args['provider'], True)
return provider.initiate_external_login()
# If we have a POST request we submitted a login form for a local provider
rate_limit_exceeded = False
if request.method == 'POST':
active_provider = provider = _get_provider(
request.form['_provider'], False)
form = provider.login_form()
rate_limit_exceeded = not login_rate_limiter.test()
if not rate_limit_exceeded and form.validate_on_submit():
response = multipass.handle_login_form(provider, form.data)
if response:
return response
# re-check since a failed login may have triggered the rate limit
rate_limit_exceeded = not login_rate_limiter.test()
# Otherwise we show the form for the default provider
else:
active_provider = multipass.default_local_auth_provider
form = active_provider.login_form() if active_provider else None
providers = list(multipass.auth_providers.values())
retry_in = login_rate_limiter.get_reset_delay(
) if rate_limit_exceeded else None
return render_template('auth/login_page.html',
form=form,
providers=providers,
active_provider=active_provider,
login_reason=login_reason,
retry_in=retry_in)
def _process(self):
login_reason = session.pop('login_reason', None)
# User is already logged in
if session.user is not None:
multipass.set_next_url()
return multipass.redirect_success()
# If we have only one provider, and this provider is external, we go there immediately
# However, after a failed login we need to show the page to avoid a redirect loop
if not session.pop('_multipass_auth_failed',
False) and 'provider' not in request.view_args:
single_auth_provider = multipass.single_auth_provider
if single_auth_provider and single_auth_provider.is_external:
multipass.set_next_url()
return redirect(
url_for('.login', provider=single_auth_provider.name))
# Save the 'next' url to go to after login
multipass.set_next_url()
# If there's a provider in the URL we start the external login process
if 'provider' in request.view_args:
provider = _get_provider(request.view_args['provider'], True)
return provider.initiate_external_login()
# If we have a POST request we submitted a login form for a local provider
if request.method == 'POST':
active_provider = provider = _get_provider(
request.form['_provider'], False)
form = provider.login_form()
if form.validate_on_submit():
response = multipass.handle_login_form(provider, form.data)
if response:
return response
# Otherwise we show the form for the default provider
else:
active_provider = multipass.default_local_auth_provider
form = active_provider.login_form() if active_provider else None
providers = multipass.auth_providers.values()
return render_template('auth/login_page.html',
form=form,
providers=providers,
active_provider=active_provider,
login_reason=login_reason)
def _process(self):
login_reason = session.pop('login_reason', None)
# User is already logged in
if session.user is not None:
multipass.set_next_url()
return multipass.redirect_success()
# If we have only one provider, and this provider is external, we go there immediately
# However, after a failed login we need to show the page to avoid a redirect loop
if not session.pop('_multipass_auth_failed', False) and 'provider' not in request.view_args:
single_auth_provider = multipass.single_auth_provider
if single_auth_provider and single_auth_provider.is_external:
multipass.set_next_url()
return redirect(url_for('.login', provider=single_auth_provider.name))
# Save the 'next' url to go to after login
multipass.set_next_url()
# If there's a provider in the URL we start the external login process
if 'provider' in request.view_args:
provider = _get_provider(request.view_args['provider'], True)
return provider.initiate_external_login()
# If we have a POST request we submitted a login form for a local provider
if request.method == 'POST':
active_provider = provider = _get_provider(request.form['_provider'], False)
form = provider.login_form()
if form.validate_on_submit():
response = multipass.handle_login_form(provider, form.data)
if response:
return response
# Otherwise we show the form for the default provider
else:
active_provider = multipass.default_local_auth_provider
form = active_provider.login_form() if active_provider else None
providers = multipass.auth_providers.values()
return render_template('auth/login_page.html', form=form, providers=providers, active_provider=active_provider,
login_reason=login_reason)
