def login(request):
"""
CAS Login : Phase 1/3 Call CAS Login
"""
#logger.info("Login Request:%s" % request)
#Form Sets 'next' when user clicks login
records = MaintenanceRecord.active()
disable_login = False
for record in records:
if record.disable_login:
disable_login = True
if 'next' in request.POST:
return cas_loginRedirect(request,
settings.REDIRECT_URL + '/application/')
else:
template = get_template('application/login.html')
variables = RequestContext(
request, {
'site_root': settings.REDIRECT_URL,
'records': [r.json() for r in records],
'disable_login': disable_login
})
output = template.render(variables)
return HttpResponse(output)
def login(request):
"""
CAS Login : Phase 1/3 Call CAS Login
"""
# logger.info("Login Request:%s" % request)
# Form Sets 'next' when user clicks login
records = MaintenanceRecord.active()
disable_login = False
for record in records:
if record.disable_login:
disable_login = True
if "next" in request.POST:
return cas_loginRedirect(request, settings.REDIRECT_URL + "/application/")
else:
template = get_template("application/login.html")
variables = RequestContext(
request,
{
"site_root": settings.REDIRECT_URL,
"records": [r.json() for r in records],
"disable_login": disable_login,
},
)
output = template.render(variables)
return HttpResponse(output)
def redirectApp(request):
"""
Redirects to /application if user is authorized, otherwise forces a login
"""
return cas_loginRedirect(request,
settings.REDIRECT_URL + '/application/',
gateway=True)
def redirectApp(request):
"""
Redirects to /application if user is authorized, otherwise forces a login
"""
return cas_loginRedirect(request,
settings.REDIRECT_URL+'/application/',
gateway=True)
def atmo_login(request, *args, **kwargs):
if not request:
logger.debug("[NOREQUEST] User is being logged out because request"
" is empty")
logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return HttpResponseRedirect(settings.SERVER_URL + "/logout/")
if not request.session:
logger.debug("[NOSESSION] User is being logged out because session"
" object does not exist in request")
logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return HttpResponseRedirect(settings.SERVER_URL + "/logout/")
if not request.session.get('username'):
logger.debug("[NOUSER] User is being logged out because session"
" did not include a username")
logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return HttpResponseRedirect(settings.SERVER_URL + "/logout/")
# logger.info('atmo_login_required session info: %s'
# % request.session.__dict__)
logger.info(
'atmo_login_required authentication: %s' %
request.session.get('username', '<Username not in session>'))
username = request.session.get('username', None)
token = request.session.get('token', None)
redirect = kwargs.get('redirect', request.get_full_path())
emulator = request.session.get('emulated_by', None)
if emulator:
# logger.info("%s\n%s\n%s" % (username, redirect, emulator))
logger.info("Test emulator %s instead of %s" %
(emulator, username))
logger.debug(request.session.__dict__)
# Authenticate the user (Force a CAS test)
user = authenticate(username=emulator,
password="",
auth_token=token,
request=request)
# AUTHORIZED STAFF ONLY
if not user or not user.is_staff:
return HttpResponseRedirect(settings.SERVER_URL + "/logout/")
logger.info("Emulate success - Logging in %s" % user.username)
django_login(request, user)
return func(request, *args, **kwargs)
user = authenticate(username=username,
password="",
auth_token=token,
request=request)
if not user:
logger.info("Could not authenticate user %s" % username)
# logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return cas_loginRedirect(request, redirect)
django_login(request, user)
return func(request, *args, **kwargs)
def atmo_login(request, *args, **kwargs):
"""
Django Requests need to be formally logged in to Django
However, WHO needs to be authenticated is determined
by the available server session data
@redirect - location to redirect user after logging in
"""
if not request:
logger.debug("[NOREQUEST] User is being logged out because request"
" is empty")
logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return HttpResponseRedirect(settings.SERVER_URL+"/logout/")
if not request.session:
logger.debug("[NOSESSION] User is being logged out because session"
" object does not exist in request")
logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return HttpResponseRedirect(settings.SERVER_URL+"/logout/")
if not request.session.get('username'):
logger.debug("[NOUSER] User is being logged out because session"
" did not include a username")
logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return HttpResponseRedirect(settings.SERVER_URL+"/logout/")
#logger.info('atmo_login_required session info: %s'
# % request.session.__dict__)
logger.info('atmo_login_required authentication: %s'
% request.session.get('username',
'<Username not in session>'))
username = request.session.get('username', None)
redirect = kwargs.get('redirect', request.get_full_path())
emulator = request.session.get('emulated_by', None)
if emulator:
#logger.info("%s\n%s\n%s" % (username, redirect, emulator))
logger.info("Test emulator %s instead of %s" %
(emulator, username))
logger.debug(request.session.__dict__)
#Authenticate the user (Force a CAS test)
user = authenticate(username=emulator, password="")
#AUTHORIZED STAFF ONLY
if not user or not user.is_staff:
return HttpResponseRedirect(settings.SERVER_URL+"/logout/")
logger.info("Emulate success - Logging in %s" % user.username)
django_login(request, user)
return func(request, *args, **kwargs)
user = authenticate(username=username, password="")
if not user:
logger.info("Could not authenticate user %s" % username)
#logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return cas_loginRedirect(request, redirect)
django_login(request, user)
return func(request, *args, **kwargs)
def app(request):
try:
if MaintenanceRecord.disable_login_access(request):
return HttpResponseRedirect("/login/")
template = get_template("cf2/index.html")
context = RequestContext(
request, {"site_root": settings.REDIRECT_URL, "debug": settings.DEBUG, "year": datetime.now().year}
)
output = template.render(context)
return HttpResponse(output)
except KeyError, e:
logger.debug("User not logged in.. Redirecting to CAS login")
return cas_loginRedirect(request, settings.REDIRECT_URL + "/application")
def app_beta(request):
logger.debug("APP BETA")
try:
#TODO Reimplment maintenance record check
template = get_template("cf3/index.html")
context = RequestContext(request, {
'site_root': settings.REDIRECT_URL,
'url_root': '/beta/',
'debug': settings.DEBUG,
'year': datetime.now().year
})
output = template.render(context)
return HttpResponse(output)
except KeyError, e:
logger.debug("User not logged in.. Redirecting to CAS login")
return cas_loginRedirect(request, settings.REDIRECT_URL+'/beta')
def app_beta(request):
logger.debug("APP BETA")
try:
#TODO Reimplment maintenance record check
template = get_template("cf3/index.html")
context = RequestContext(request, {
'site_root': settings.REDIRECT_URL,
'url_root': '/beta/',
'debug': settings.DEBUG,
'year': datetime.now().year
})
output = template.render(context)
return HttpResponse(output)
except KeyError, e:
logger.debug("User not logged in.. Redirecting to CAS login")
return cas_loginRedirect(request, settings.REDIRECT_URL+'/beta')
def app(request):
try:
if MaintenanceRecord.disable_login_access(request):
return HttpResponseRedirect('/login/')
# template = get_template("cf2/index.html")
# output = template.render(context)
logger.debug("render to response.")
return render_to_response("cf2/index.html", {
'site_root': settings.REDIRECT_URL,
'debug': settings.DEBUG,
'year': datetime.now().year},
context_instance=RequestContext(request))
#HttpResponse(output)
except KeyError, e:
logger.debug("User not logged in.. Redirecting to CAS login")
return cas_loginRedirect(request, settings.REDIRECT_URL+'/application')
def atmo_login(request, *args, **kwargs):
if not request:
logger.debug("[NOREQUEST] User is being logged out because request" " is empty")
logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return HttpResponseRedirect(settings.SERVER_URL + "/logout/")
if not request.session:
logger.debug("[NOSESSION] User is being logged out because session" " object does not exist in request")
logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return HttpResponseRedirect(settings.SERVER_URL + "/logout/")
if not request.session.get("username"):
logger.debug("[NOUSER] User is being logged out because session" " did not include a username")
logger.debug("%s\n%s\n%s\n%s" % (request, args, kwargs, func))
return HttpResponseRedirect(settings.SERVER_URL + "/logout/")
# logger.info('atmo_login_required session info: %s'
# % request.session.__dict__)
logger.info(
"atmo_login_required authentication: %s" % request.session.get("username", "<Username not in session>")
)
username = request.session.get("username", None)
token = request.session.get("token", None)
redirect = kwargs.get("redirect", request.get_full_path())
emulator = request.session.get("emulated_by", None)
if emulator:
logger.info("Test emulator %s instead of %s" % (emulator, username))
logger.debug(request.session.__dict__)
# Authenticate the user (Force a CAS test)
user = authenticate(username=emulator, password="", auth_token=token, request=request)
# AUTHORIZED STAFF ONLY
if not user or not user.is_staff:
return HttpResponseRedirect(settings.SERVER_URL + "/logout/")
logger.info("Emulate success - Logging in %s" % user.username)
django_login(request, user)
return func(request, *args, **kwargs)
user = authenticate(username=username, password="", auth_token=token, request=request)
if not user:
logger.info("Could not authenticate user %s" % username)
return cas_loginRedirect(request, redirect)
django_login(request, user)
return func(request, *args, **kwargs)
def token_auth(request):
"""
VERSION 2 AUTH
Authentication is based on the POST parameters:
* Username (Required)
* Password (Not Required if CAS authenticated previously)
NOTE: This authentication is SEPARATE from
django model authentication
Use this to give out tokens to access the API
"""
logger.info('Request to auth')
logger.info(request)
token = request.POST.get('token', None)
emulate_user = request.POST.get('emulate_user', None)
username = request.POST.get('username', None)
#CAS authenticated user already has session data
#without passing any parameters
if not username:
username = request.session.get('username', None)
password = request.POST.get('password', None)
#LDAP Authenticate if password provided.
if username and password:
if ldap_validate(username, password):
logger.info("LDAP User %s validated. Creating auth token" % username)
token = createAuthToken(username)
expireTime = token.issuedTime + secrets.TOKEN_EXPIRY_TIME
auth_json = {
'token': token.key,
'username': token.user.username,
'expires': expireTime.strftime("%b %d, %Y %H:%M:%S")
}
return HttpResponse(
content=json.dumps(auth_json),
status=status.HTTP_201_CREATED,
content_type='application/json')
else:
logger.debug("[LDAP] Failed to validate %s" % username)
return HttpResponse("LDAP login failed", status=401)
#if request.session and request.session.get('token'):
# logger.info("User %s already authenticated, renewing token" % username)
# token = validateToken(username, request.session.get('token'))
#ASSERT: Token exists here
if token:
expireTime = token.issuedTime + secrets.TOKEN_EXPIRY_TIME
auth_json = {
'token': token.key,
'username': token.user.username,
'expires': expireTime.strftime("%b %d, %Y %H:%M:%S")
}
return HttpResponse(
content=json.dumps(auth_json),
content_type='application/json')
if not username and not password:
#The user and password were not found
#force user to login via CAS
return cas_loginRedirect(request, '/auth/')
#CAS Authenticate by Proxy (Password not necessary):
if cas_validateUser(username):
logger.info("CAS User %s validated. Creating auth token" % username)
token = createAuthToken(username)
expireTime = token.issuedTime + secrets.TOKEN_EXPIRY_TIME
auth_json = {
'token': token.key,
'username': token.user.username,
'expires': expireTime.strftime("%b %d, %Y %H:%M:%S")
}
return HttpResponse(
content=json.dumps(auth_json),
content_type='application/json')
else:
logger.debug("[CAS] Failed to validate - %s" % username)
return HttpResponse("CAS Login Failure", status=401)
template = get_template("cf2/index.html")
context = RequestContext(
request, {
'site_root': settings.REDIRECT_URL,
'debug': settings.DEBUG,
'year': datetime.now().year
})
output = template.render(context)
return HttpResponse(output)
except KeyError, e:
logger.debug("User not logged in.. Redirecting to CAS login")
return cas_loginRedirect(request,
settings.REDIRECT_URL + '/application')
except Exception, e:
logger.exception(e)
return cas_loginRedirect(request,
settings.REDIRECT_URL + '/application')
def app_beta(request):
logger.debug("APP BETA")
try:
#TODO Reimplment maintenance record check
template = get_template("cf3/index.html")
context = RequestContext(
request, {
'site_root': settings.REDIRECT_URL,
'url_root': '/beta/',
'debug': settings.DEBUG,
'year': datetime.now().year
})
output = template.render(context)
if MaintenanceRecord.disable_login_access(request):
return HttpResponseRedirect('/login/')
template = get_template("cf2/index.html")
context = RequestContext(request, {
'site_root': settings.REDIRECT_URL,
'debug': settings.DEBUG,
'year': datetime.now().year
})
output = template.render(context)
return HttpResponse(output)
except KeyError, e:
logger.debug("User not logged in.. Redirecting to CAS login")
return cas_loginRedirect(request, settings.REDIRECT_URL+'/application')
except Exception, e:
logger.exception(e)
return cas_loginRedirect(request, settings.REDIRECT_URL+'/application')
def app_beta(request):
logger.debug("APP BETA")
try:
#TODO Reimplment maintenance record check
template = get_template("cf3/index.html")
context = RequestContext(request, {
'site_root': settings.REDIRECT_URL,
'url_root': '/beta/',
'debug': settings.DEBUG,
'year': datetime.now().year
})
output = template.render(context)
return HttpResponse(output)
except KeyError, e:
def token_auth(request):
"""
VERSION 2 AUTH
Authentication is based on the POST parameters:
* Username (Required)
* Password (Not Required if CAS authenticated previously)
NOTE: This authentication is SEPARATE from
django model authentication
Use this to give out tokens to access the API
"""
logger.info('Request to auth')
logger.info(request)
token = None
username = request.POST.get('username', None)
#CAS authenticated user already has session data
#without passing any parameters
if not username:
username = request.session.get('username', None)
password = request.POST.get('password', None)
#LDAP Authenticate if password provided.
if username and password:
if ldap_validate(username, password):
logger.info("LDAP User %s validated. Creating auth token" % username)
token = createAuthToken(username)
expireTime = token.issuedTime + secrets.TOKEN_EXPIRY_TIME
auth_json = {
'token': token.key,
'username': token.user.username,
'expires': expireTime.strftime("%b %d, %Y %H:%M:%S")
}
return HttpResponse(
content=json.dumps(auth_json),
status=status.HTTP_201_CREATED,
content_type='application/json')
else:
logger.debug("[LDAP] Failed to validate %s" % username)
return HttpResponse("LDAP login failed", status=401)
#if request.session and request.session.get('token'):
# logger.info("User %s already authenticated, renewing token" % username)
# token = validateToken(username, request.session.get('token'))
#ASSERT: Token exists here
if token:
expireTime = token.issuedTime + secrets.TOKEN_EXPIRY_TIME
auth_json = {
'token': token.key,
'username': token.user.username,
'expires': expireTime.strftime("%b %d, %Y %H:%M:%S")
}
return HttpResponse(
content=json.dumps(auth_json),
content_type='application/json')
if not username and not password:
#The user and password were not found
#force user to login via CAS
return cas_loginRedirect(request, '/auth/')
#CAS Authenticate by Proxy (Password not necessary):
if cas_validateUser(username):
logger.info("CAS User %s validated. Creating auth token" % username)
token = createAuthToken(username)
expireTime = token.issuedTime + secrets.TOKEN_EXPIRY_TIME
auth_json = {
'token': token.key,
'username': token.user.username,
'expires': expireTime.strftime("%b %d, %Y %H:%M:%S")
}
return HttpResponse(
content=json.dumps(auth_json),
content_type='application/json')
else:
logger.debug("[CAS] Failed to validate - %s" % username)
return HttpResponse("CAS Login Failure", status=401)
def app(request):
try:
if MaintenanceRecord.disable_login_access(request):
return HttpResponseRedirect("/login/")
template = get_template("cf2/index.html")
context = RequestContext(
request, {"site_root": settings.REDIRECT_URL, "debug": settings.DEBUG, "year": datetime.now().year}
)
output = template.render(context)
return HttpResponse(output)
except KeyError, e:
logger.debug("User not logged in.. Redirecting to CAS login")
return cas_loginRedirect(request, settings.REDIRECT_URL + "/application")
except Exception, e:
logger.exception(e)
return cas_loginRedirect(request, settings.REDIRECT_URL + "/application")
def app_beta(request):
logger.debug("APP BETA")
try:
# TODO Reimplment maintenance record check
template = get_template("cf3/index.html")
context = RequestContext(
request,
{
"site_root": settings.REDIRECT_URL,
"url_root": "/beta/",
"debug": settings.DEBUG,
"year": datetime.now().year,
},