def logout(request):
"""
log out the user and return to the home page
"""
_logout(request)
messages.add_message(request, messages.INFO, _('Vous êtes désormais déconnecté.'))
return redirect('home')
def logout(request):
if not request.user.is_authenticated:
messages.error(request, 'Not logged in!')
return redirect('xasdb1:index')
_logout(request)
messages.success(request, 'Logged out!')
return redirect('xasdb1:index')
def logout(request):
"""
This view logs the user out and redirects to index page.
"""
_logout(request)
messages.success(request, "You have logged out succesfully!")
return redirect('task_manager:index')
def logout(request):
from django.contrib.auth import logout as _logout # for login I've added wrapper below - called login
if "search_state" in request.session:
request.session["search_state"].set_logged_out()
request.session.modified = True
_logout(request)
def activation(request, action_key):
"""
Activates user based on activation key
Activate user - set is_active to true
"""
try:
# активация или восстановление пароля
action = ActionRecord.objects.get(action_key=action_key)
if action.action_type == 'R':
action_type = 'reset_password'
else:
action_type = 'activate'
user = authenticate(activation_key=action_key, action=action_type)
if not user:
# action key does not exist or expired
return HttpResponseForbidden(u'Запись о регистрации не найдена или просрочена. \
Чтобы получить код активации регистрации заново, пройдите по <a href="%s">ссылке</a>.' % reverse('resend_activation_code'))
except ActionRecord.DoesNotExist:
return HttpResponseForbidden(u'Запись о регистрации не найдена или просрочена. \
Чтобы получить код активации регистрации заново, пройдите по <a href="%s">ссылке</a>.' % reverse('resend_activation_code'))
_login(request, user)
# перелинковка в зависимости от активации или восстановления пароля
if action.action_type == 'R':
messages.success(request, u'Новый пароль был выслан на Вашу почту')
_logout(request)
return HttpResponseRedirect('/')
else:
return HttpResponseRedirect('/')
def logout(request):
"""
Log user out and return the homepage
:param request:
:return:
"""
_logout(request)
return redirect("home_page")
def logout(request):
"""
log out the user and return to the home page
"""
_logout(request)
messages.add_message(request, messages.INFO,
_('Vous êtes désormais déconnecté.'))
return redirect('home')
def logout(request):
if request.user.is_authenticated:
_logout(request)
return HttpResponseRedirect("/")
else:
pass
return HttpResponseRedirect("/")
def logout(request):
from django.contrib.auth import logout as _logout#for login I've added wrapper below - called login
if 'search_state' in request.session:
request.session['search_state'].set_logged_out()
request.session.modified = True
_logout(request)
if settings.USE_EXTERNAL_LEGACY_LOGIN == True:
EXTERNAL_LOGIN_APP.api.logout(request)
def logout(request):
"""
:param request:
:return:
"""
_logout(request)
return api_response(1, "用户已注销", '')
def logout(self, request):
"""ログアウト API
"""
_logout(request)
serializer = self.get_serializer(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
return Response(serializer.data, status=status.HTTP_200_OK)
def view_user(request, name_user):
profile = request.user.get_profile()
if not profile.user.is_superuser:
raise Http404
_logout(request)
user_obj_temp = User.objects.get(username=name_user)
user_obj = authenticate(username=user_obj_temp.username, password=user_obj_temp.password)
_login(request, user_obj)
return HttpResponseRedirect(reverse('service_choice'))
def logout(request):
""" The logout page """
try:
remove_secondary_password(request)
except Exception as error:
logger.critical(error, extra=log_extra_data(request))
logger_mail.exception(error)
finally:
_logout(request)
return redirect(login)
def logout(request):
if request.user.__class__.__name__ is 'AnonymousUser':
messages.error(request, msg.users_logout_error)
messages.info(request, msg.users_logout_error_info)
else:
_logout(request)
messages.success(request, msg.users_logout_success)
messages.info(request, msg.users_logout_success_info)
return HttpResponseRedirect(reverse("home"))
def logout(request):
"""
Destroys a user's session, logging them off
:return: Redirect to index page
"""
_logout(request)
return redirect('index')
def logout(request):
if request.user.__class__.__name__ is 'AnonymousUser':
messages.error(request, msg.users_logout_error)
messages.info(request, msg.users_logout_error_info)
else:
_logout(request)
messages.success(request, msg.users_logout_success)
messages.info(request, msg.users_logout_success_info)
return HttpResponseRedirect(reverse("home"))
def logout(request):
""" The logout page """
try:
remove_secondary_password(request)
except Exception as error:
logger.critical(error, extra=log_extra_data(request))
logger_mail.exception(error)
finally:
_logout(request)
return redirect(login)
def logout(request, db=None, ctx={}):
"""You have been logged out.
Login to proceed.
"""
session_id = request.session.session_key
_logout(request)
request.session.logged_out = True
ctx['app_messages'] = ['You have been logged out']
return _home(request, db, ctx)
def logout(request, db=None, ctx={}):
"""You have been logged out.
Login to proceed.
"""
session_id = request.session.session_key
_logout(request)
request.session.logged_out = True
ctx['app_messages'] = ['You have been logged out']
return _home(request, db, ctx)
def logout(request):
"""
Log user out and clear all sessions
:param request:
:return:
"""
_logout(request)
next_url = request.GET.get("next")
if next_url:
return redirect(next_url)
else:
return redirect("home")
def delete_account(request):
if request.method == 'POST':
form = XASDBUserDeletionForm(request.user, request.POST)
if form.is_valid():
user = request.user
_logout(request)
user.delete()
messages.success(request, 'Your account has been removed')
return redirect('xasdb1:index')
else:
messages.error(request, 'Please correct the errors below.')
else:
form = XASDBUserDeletionForm(request.user)
return render(request, 'xasdb1/delete_account.html', {'form': form})
def logout(request, template='registration/logout.html'):
"""
user logout
use `next` GET param to override REGISTRATION['LOGOUT_REDIRECT']
"""
next = request.GET.get('next', '')
LOGOUT_REDIRECT = settings.REGISTRATION['LOGOUT_REDIRECT']
context = {
'section': 'registration_logout',
}
_logout(request)
# redirect the user
# ignore if registration_logout was requested
if LOGOUT_REDIRECT != 'registration_logout':
if next:
return HttpResponseRedirect(next)
else:
return HttpResponseRedirect(reverse(settings.REGISTRATION['LOGOUT_REDIRECT']))
return render(request, template, context)
def editpassword(request):
if request.method == 'POST':
# password
password = request.POST['pwd']
# check present password
if not request.user.check_password(password):
messages.error(request, msg.users_change_pwd_error)
messages.info(request, msg.users_pwd_not_correct)
return HttpResponseRedirect(reverse("users:editpwd"))
# check if new password is equal to new password confirmation
new_password = request.POST['confirm_new_pwd']
new_password_confirmation = request.POST['confirm_new_pwd']
if new_password != new_password_confirmation:
messages.error(request, msg.users_change_pwd_error)
messages.info(request, msg.users_confirm_pwd_error)
return HttpResponseRedirect(reverse("users:editpwd"))
else:
# check if new password is valid
try:
User.objects.validate_password(new_password)
except ValidationError:
messages.error(request, msg.users_change_pwd_error)
messages.info(request, msg.users_invalid_pwd)
return HttpResponseRedirect(reverse("users:editpwd"))
# set new password
request.user.set_password(new_password)
request.user.save()
_logout(request)
messages.success(request, msg.users_change_pwd_success)
messages.info(request, msg.users_change_pwd_success_info)
return HttpResponseRedirect(reverse("users:login"))
boardlist = Board.objects.all()
return render(request, "users/editpwd.html", {'boardlist' : boardlist})
def editpassword(request):
if request.method == 'POST':
# password
password = request.POST['pwd']
# check present password
if not request.user.check_password(password):
messages.error(request, msg.users_change_pwd_error)
messages.info(request, msg.users_pwd_not_correct)
return HttpResponseRedirect(reverse("users:editpwd"))
# check if new password is equal to new password confirmation
new_password = request.POST['confirm_new_pwd']
new_password_confirmation = request.POST['confirm_new_pwd']
if new_password != new_password_confirmation:
messages.error(request, msg.users_change_pwd_error)
messages.info(request, msg.users_confirm_pwd_error)
return HttpResponseRedirect(reverse("users:editpwd"))
else:
# check if new password is valid
try:
User.objects.validate_password(new_password)
except ValidationError:
messages.error(request, msg.users_change_pwd_error)
messages.info(request, msg.users_invalid_pwd)
return HttpResponseRedirect(reverse("users:editpwd"))
# set new password
request.user.set_password(new_password)
request.user.save()
_logout(request)
messages.success(request, msg.users_change_pwd_success)
messages.info(request, msg.users_change_pwd_success_info)
return HttpResponseRedirect(reverse("users:signin"))
return render(request, "users/editpwd.html")
def logout(request):
_logout(request)
return redirect('index')
def logout(request):
_logout(request)
return redirect('home')
def logout(request):
if request.method == 'POST':
_logout(request)
return redirect('home')
def logout(request):
_logout(request)
return redirect(Login)
def logout(request):
if logged_in(request):
_logout(request)
return index(request, logoutFlag=True)
else:
return index(request)
def logout(request):
#destroy session
_logout(request)
return JsonResponse({"tip":'ok'})
def logout(request) :
_logout(request)
return redirect(reverse('summary:login'))
def login(request):
""" The login page """
user = None
oreq = request.session.get('openid_request', None)
# this can be POST or GET, and can be null or empty
next = request.REQUEST.get('next') or reverse(index)
is_otp = False
login_form = None
login_form_class = OpenIDLoginForm if oreq else LoginForm
strong_auth_req = 'strong_auth_requested' in request.session
try:
if request.method != 'POST':
pass
elif 'cancel' in request.POST:
# note: this wipes request.session
_logout(request)
if oreq is not None:
oresp = oreq.answer(False)
return render_openid_response(request, oresp)
elif 'otp_token' in request.POST:
# if user's not authenticated, go back to square one
if not request.user.is_authenticated():
raise OkupyError('OTP verification timed out')
is_otp = True
otp_form = OTPForm(request.POST)
if otp_form.is_valid():
token = otp_form.cleaned_data['otp_token']
else:
raise OkupyError('OTP verification failed')
dev = django_otp.match_token(request.user, token)
if not dev:
raise OkupyError('OTP verification failed')
django_otp.login(request, dev)
else:
login_form = login_form_class(request.POST)
if login_form.is_valid():
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
else:
raise OkupyError('Login failed')
"""
Perform authentication, if it retrieves a user object then
it was successful. If it retrieves None then it failed to login
"""
try:
user = authenticate(username=username, password=password)
except Exception as error:
logger.critical(error, extra=log_extra_data(request))
logger_mail.exception(error)
raise OkupyError(
"Can't contact the LDAP server or the database")
if not user:
raise OkupyError('Login failed')
if oreq:
request.session['auto_logout'] = (
login_form.cleaned_data['auto_logout'])
except OkupyError as error:
messages.error(request, str(error))
if user and user.is_active:
_login(request, user)
# prepare devices, and see if OTP is enabled
init_otp(request)
try:
set_secondary_password(request=request, password=password)
except Exception as error:
logger.critical(error, extra=log_extra_data(request))
logger_mail.exception(error)
raise OkupyError("Can't contact LDAP server")
if (request.user.is_authenticated()
and (not strong_auth_req
or 'secondary_password' in request.session)):
if request.user.is_verified():
return redirect(next)
login_form = OTPForm()
is_otp = True
if login_form is None:
login_form = login_form_class()
if is_otp or strong_auth_req:
ssl_auth_form = None
ssl_auth_uri = None
else:
if 'encrypted_id' not in request.session:
# .cache_key is a very good property since it ensures
# that the cache is actually created, and works from first
# request
session_id = request.session.cache_key
# since it always starts with the backend module name
# and __init__() expects pure id, we can strip that
assert(session_id.startswith('django.contrib.sessions.cache'))
session_id = session_id[29:]
request.session['encrypted_id'] = base64.b64encode(
cipher.encrypt(session_id))
# TODO: it fails when:
# 1. site is accessed via IP (auth.127.0.0.1),
# 2. HTTP used on non-standard port (https://...:8000).
ssl_auth_form = SSLCertLoginForm({
'session_id': request.session['encrypted_id'],
'next': request.build_absolute_uri(next),
'login_uri': request.build_absolute_uri(request.get_full_path()),
})
ssl_auth_host = 'auth.' + request.get_host()
ssl_auth_path = reverse(ssl_auth)
ssl_auth_uri = urljoin('https://' + ssl_auth_host, ssl_auth_path)
return render(request, 'login.html', {
'login_form': login_form,
'openid_request': oreq,
'next': next,
'ssl_auth_uri': ssl_auth_uri,
'ssl_auth_form': ssl_auth_form,
'is_otp': is_otp,
})
def login(request):
""" The login page """
user = None
oreq = request.session.get('openid_request', None)
# this can be POST or GET, and can be null or empty
next = request.REQUEST.get('next') or reverse(index)
is_otp = False
login_form = None
strong_auth_req = 'strong_auth_requested' in request.session
if oreq:
login_form_class = OpenIDLoginForm
elif ('strong_auth_requested' in request.session
and request.user.is_authenticated()):
login_form_class = StrongAuthForm
else:
login_form_class = LoginForm
try:
if request.method != 'POST':
pass
elif 'cancel' in request.POST:
# note: this wipes request.session
_logout(request)
if oreq is not None:
oresp = oreq.answer(False)
return render_openid_response(request, oresp)
elif 'otp_token' in request.POST:
# if user's not authenticated, go back to square one
if not request.user.is_authenticated():
raise OkupyError('OTP verification timed out')
is_otp = True
otp_form = OTPForm(request.POST)
if otp_form.is_valid():
token = otp_form.cleaned_data['otp_token']
else:
raise OkupyError('OTP verification failed')
# prevent replay attacks and race conditions
if not RevokedToken.add(token, request.user):
raise OkupyError('OTP verification failed')
dev = django_otp.match_token(request.user, token)
if not dev:
raise OkupyError('OTP verification failed')
django_otp.login(request, dev)
else:
login_form = login_form_class(request.POST)
if login_form.is_valid():
if login_form_class != StrongAuthForm:
username = login_form.cleaned_data['username']
else:
username = request.user.username
password = login_form.cleaned_data['password']
else:
raise OkupyError('Login failed')
"""
Perform authentication, if it retrieves a user object then
it was successful. If it retrieves None then it failed to login
"""
try:
user = authenticate(
request=request,
username=username,
password=password)
except Exception as error:
logger.critical(error, extra=log_extra_data(request))
logger_mail.exception(error)
raise OkupyError(
"Can't contact the LDAP server or the database")
if not user:
raise OkupyError('Login failed')
if oreq:
request.session['auto_logout'] = (
login_form.cleaned_data['auto_logout'])
except OkupyError as error:
messages.error(request, str(error))
if user and user.is_active:
_login(request, user)
# prepare devices, and see if OTP is enabled
init_otp(request)
set_secondary_password(request=request, password=password)
if request.user.is_authenticated():
if (strong_auth_req
and not 'secondary_password' in request.session):
if request.method != 'POST':
messages.info(request, 'You need to type in your password'
+ ' again to perform this action')
else:
if request.user.is_verified():
return redirect(next)
login_form = OTPForm()
is_otp = True
if login_form is None:
login_form = login_form_class()
if is_otp or strong_auth_req:
ssl_auth_form = None
ssl_auth_uri = None
ssh_auth_command = None
else:
encrypted_id = sessionrefcipher.encrypt(request.session)
# TODO: it fails when:
# 1. site is accessed via IP (auth.127.0.0.1),
# 2. HTTP used on non-standard port (https://...:8000).
ssl_auth_form = SSLCertLoginForm({
'session': encrypted_id,
'next': request.build_absolute_uri(next),
'login_uri': request.build_absolute_uri(request.get_full_path()),
})
ssl_auth_host = 'auth.' + request.get_host()
ssl_auth_path = reverse(ssl_auth)
ssl_auth_uri = urljoin('https://' + ssl_auth_host, ssl_auth_path)
if settings.SSH_BIND[1] == 22:
ssh_port_opt = ''
else:
ssh_port_opt = '-p %d ' % settings.SSH_BIND[1]
ssh_auth_command = 'ssh %sauth+%s@%s' % (
ssh_port_opt,
encrypted_id,
request.get_host().split(':')[0])
return render(request, 'login.html', {
'login_form': login_form,
'openid_request': oreq,
'next': next,
'ssl_auth_uri': ssl_auth_uri,
'ssl_auth_form': ssl_auth_form,
'ssh_auth_command': ssh_auth_command,
'is_otp': is_otp,
})
def logout(request):
_logout(request)
return redirect('/app')
def logout(request):
if request.user.is_authenticated:
invalidate_session(request)
_logout(request)
return redirect_next(request)
def openid_auth_site(request):
try:
oreq = request.session['openid_request']
except KeyError:
return render(request,
'openid-auth-site.html', {
'error':
'No OpenID request associated. The request may have \
expired.',
},
status=400)
sreg = SRegRequest.fromOpenIDRequest(oreq)
ax = FetchRequest.fromOpenIDRequest(oreq)
sreg_fields = set(sreg.allRequestedFields())
if ax:
for uri in ax.requested_attributes:
k = openid_ax_attribute_mapping.get(uri)
if k:
sreg_fields.add(k)
ldap_user = LDAPUser.objects.get(username=request.user.username)
if sreg_fields:
sreg_data = {
'nickname': ldap_user.username,
'email': ldap_user.email,
'fullname': ldap_user.full_name,
'dob': ldap_user.birthday,
}
for k in list(sreg_data):
if not sreg_data[k]:
del sreg_data[k]
else:
sreg_data = {}
sreg_fields = sreg_data.keys()
# Read preferences from the db.
try:
saved_pref = OpenID_Attributes.objects.get(
uid=ldap_user.uid,
trust_root=oreq.trust_root,
)
except OpenID_Attributes.DoesNotExist:
saved_pref = None
auto_auth = False
else:
auto_auth = saved_pref.always_auth
if auto_auth or request.POST:
if auto_auth:
# TODO: can we do this nicer?
form_inp = model_to_dict(saved_pref)
else:
form_inp = request.POST
form = SiteAuthForm(form_inp, instance=saved_pref)
# can it be invalid somehow?
assert (form.is_valid())
attrs = form.save(commit=False)
# nullify fields that were not requested
for fn in form.cleaned_data:
if fn in ('always_auth', ):
pass
elif hasattr(attrs, fn) and fn not in sreg_fields:
setattr(attrs, fn, None)
if auto_auth or 'accept' in request.POST:
# prepare sreg response
for fn, send in form.cleaned_data.items():
if fn not in sreg_data:
pass
elif not send:
del sreg_data[fn]
elif isinstance(sreg_data[fn], list):
form_key = 'which_%s' % fn
val = form.cleaned_data[form_key]
if val not in sreg_data[fn]:
raise NotImplementedError(
'Changing choices not implemented yet')
sreg_data[fn] = val
if not auto_auth:
setattr(attrs, form_key, val)
if not auto_auth:
# save prefs in the db
# (if auto_auth, then nothing changed)
attrs.uid = ldap_user.uid
attrs.trust_root = oreq.trust_root
attrs.save()
oresp = oreq.answer(True,
identity=request.build_absolute_uri(
reverse(user_page,
args=(request.user.username, ))))
sreg_resp = SRegResponse.extractResponse(sreg, sreg_data)
oresp.addExtension(sreg_resp)
if ax:
ax_resp = FetchResponse(ax)
for uri in ax.requested_attributes:
k = openid_ax_attribute_mapping.get(uri)
if k and k in sreg_data:
ax_resp.addValue(uri, sreg_data[k])
oresp.addExtension(ax_resp)
elif 'reject' in request.POST:
oresp = oreq.answer(False)
else:
return render(request,
'openid-auth-site.html', {
'error': 'Invalid request submitted.',
},
status=400)
if request.session.get('auto_logout', False):
# _logout clears request.session
_logout(request)
else:
del request.session['openid_request']
return render_openid_response(request, oresp)
form = SiteAuthForm(instance=saved_pref)
sreg_form = {}
# Fill in lists for choices
for f in sreg_fields:
if f not in sreg_data:
pass
elif isinstance(sreg_data[f], list):
form.fields['which_%s' % f].widget.choices = [
(x, x) for x in sreg_data[f]
]
sreg_form[f] = form['which_%s' % f]
else:
sreg_form[f] = format_html(
"<input type='text'" + " readonly='readonly'" +
" value='{0}' />", sreg_data[f])
try:
# TODO: cache it
if oreq.returnToVerified():
tr_valid = 'Return-To valid and trusted'
else:
tr_valid = 'Return-To untrusted'
except openid.yadis.discover.DiscoveryFailure:
tr_valid = 'Unable to verify trust (Yadis unsupported)'
except openid.fetchers.HTTPFetchingError:
tr_valid = 'Unable to verify trust (HTTP error)'
return render(
request, 'openid-auth-site.html', {
'openid_request': oreq,
'return_to_valid': tr_valid,
'form': form,
'sreg': sreg_fields,
'sreg_form': sreg_form,
'policy_url': sreg.policy_url,
})
def login(request):
""" The login page """
user = None
oreq = request.session.get('openid_request', None)
# this can be POST or GET, and can be null or empty
next = request.REQUEST.get('next') or reverse(index)
is_otp = False
login_form = None
strong_auth_req = 'strong_auth_requested' in request.session
if oreq:
login_form_class = OpenIDLoginForm
elif ('strong_auth_requested' in request.session
and request.user.is_authenticated()):
login_form_class = StrongAuthForm
else:
login_form_class = LoginForm
try:
if request.method != 'POST':
pass
elif 'cancel' in request.POST:
# note: this wipes request.session
_logout(request)
if oreq is not None:
oresp = oreq.answer(False)
return render_openid_response(request, oresp)
elif 'otp_token' in request.POST:
# if user's not authenticated, go back to square one
if not request.user.is_authenticated():
raise OkupyError('OTP verification timed out')
is_otp = True
otp_form = OTPForm(request.POST)
if otp_form.is_valid():
token = otp_form.cleaned_data['otp_token']
else:
raise OkupyError('OTP verification failed')
# prevent replay attacks and race conditions
if not RevokedToken.add(token, request.user):
raise OkupyError('OTP verification failed')
dev = django_otp.match_token(request.user, token)
if not dev:
raise OkupyError('OTP verification failed')
django_otp.login(request, dev)
else:
login_form = login_form_class(request.POST)
if login_form.is_valid():
if login_form_class != StrongAuthForm:
username = login_form.cleaned_data['username']
else:
username = request.user.username
password = login_form.cleaned_data['password']
else:
raise OkupyError('Login failed')
"""
Perform authentication, if it retrieves a user object then
it was successful. If it retrieves None then it failed to login
"""
try:
user = authenticate(request=request,
username=username,
password=password)
except Exception as error:
logger.critical(error, extra=log_extra_data(request))
logger_mail.exception(error)
raise OkupyError(
"Can't contact the LDAP server or the database")
if not user:
raise OkupyError('Login failed')
if oreq:
request.session['auto_logout'] = (
login_form.cleaned_data['auto_logout'])
except OkupyError as error:
messages.error(request, str(error))
if user and user.is_active:
_login(request, user)
# prepare devices, and see if OTP is enabled
init_otp(request)
set_secondary_password(request=request, password=password)
if request.user.is_authenticated():
if (strong_auth_req and not 'secondary_password' in request.session):
if request.method != 'POST':
messages.info(
request, 'You need to type in your password' +
' again to perform this action')
else:
if request.user.is_verified():
return redirect(next)
login_form = OTPForm()
is_otp = True
if login_form is None:
login_form = login_form_class()
if is_otp or strong_auth_req:
ssl_auth_form = None
ssl_auth_uri = None
ssh_auth_command = None
else:
encrypted_id = sessionrefcipher.encrypt(request.session)
# TODO: it fails when:
# 1. site is accessed via IP (auth.127.0.0.1),
# 2. HTTP used on non-standard port (https://...:8000).
ssl_auth_form = SSLCertLoginForm({
'session':
encrypted_id,
'next':
request.build_absolute_uri(next),
'login_uri':
request.build_absolute_uri(request.get_full_path()),
})
ssl_auth_host = 'auth.' + request.get_host()
ssl_auth_path = reverse(ssl_auth)
ssl_auth_uri = urljoin('https://' + ssl_auth_host, ssl_auth_path)
if settings.SSH_BIND[1] == 22:
ssh_port_opt = ''
else:
ssh_port_opt = '-p %d ' % settings.SSH_BIND[1]
ssh_auth_command = 'ssh %sauth+%s@%s' % (
ssh_port_opt, encrypted_id, request.get_host().split(':')[0])
return render(
request, 'login.html', {
'login_form': login_form,
'openid_request': oreq,
'next': next,
'ssl_auth_uri': ssl_auth_uri,
'ssl_auth_form': ssl_auth_form,
'ssh_auth_command': ssh_auth_command,
'is_otp': is_otp,
})
def logout(request): _logout(request)
def logout(req):
_logout(req)
return index_redirect(req)
def logout(request):
_logout(request)
return render(request, 'defaults/index.html')
def logout(request, user_id = None):
from django.contrib.auth import logout as _logout
_logout(request)
return HttpResponseRedirect('/')
def logout(request):
_logout(request)
messages.success(request, 'logout success')
return redirect('accounts:login')
def logout(request):
_logout(request)
return HttpResponseRedirect('/')
def logout(request):
_logout(request)
return redirect("index")
def logout(request):
from django.contrib.auth import logout as _logout #for login I've added wrapper below - called login
if 'search_state' in request.session:
request.session['search_state'].set_logged_out()
request.session.modified = True
_logout(request)
def logout(request):
from django.contrib.auth import logout as _logout#for login I've added wrapper below - called login
_logout(request)
if settings.USE_EXTERNAL_LEGACY_LOGIN == True:
EXTERNAL_LOGIN_APP.api.logout(request)
def logout(request):
_logout(request)
return HttpResponseRedirect(reverse('home'))
def logout(request):
from django.contrib.auth import logout as _logout#for login I've added wrapper below - called login
_logout(request)
def logout(request): #if I link to this, then the user will be logged out
_logout(request)
return HttpResponseRedirect(reverse('users:rl_page'))
def logout(request):
_logout(request)
return redirect(request.META.get("HTTP_REFERER"))
def logout(request):
_logout(request)
return redirect('/')
def logout(request):
user = request.user
if user.is_authenticated():
_logout(request)
return redirect("login")
def logout(request):
_logout(request)
return HttpResponseRedirect(reverse('users:rl_page'))
def logout(request):
''' sign user out'''
_logout(request)
return HttpResponseRedirect(reverse('login'))
def logout(request):
from django.contrib.auth import logout as _logout #for login I've added wrapper below - called login
_logout(request)
def logout(request):
_logout(request)
return redirect('index')
def logout(request):
_logout(request)
return render(request, 'index.html')
def openid_auth_site(request):
try:
oreq = request.session['openid_request']
except KeyError:
return render(request, 'openid-auth-site.html', {
'error': 'No OpenID request associated. The request may have \
expired.',
}, status=400)
sreg = SRegRequest.fromOpenIDRequest(oreq)
ax = FetchRequest.fromOpenIDRequest(oreq)
sreg_fields = set(sreg.allRequestedFields())
if ax:
for uri in ax.requested_attributes:
k = openid_ax_attribute_mapping.get(uri)
if k:
sreg_fields.add(k)
ldap_user = LDAPUser.objects.get(username=request.user.username)
if sreg_fields:
sreg_data = {
'nickname': ldap_user.username,
'email': ldap_user.email,
'fullname': ldap_user.full_name,
'dob': ldap_user.birthday,
}
for k in list(sreg_data):
if not sreg_data[k]:
del sreg_data[k]
else:
sreg_data = {}
sreg_fields = sreg_data.keys()
# Read preferences from the db.
try:
saved_pref = OpenID_Attributes.objects.get(
uid=ldap_user.uid,
trust_root=oreq.trust_root,
)
except OpenID_Attributes.DoesNotExist:
saved_pref = None
auto_auth = False
else:
auto_auth = saved_pref.always_auth
if auto_auth or request.POST:
if auto_auth:
# TODO: can we do this nicer?
form_inp = model_to_dict(saved_pref)
else:
form_inp = request.POST
form = SiteAuthForm(form_inp, instance=saved_pref)
# can it be invalid somehow?
assert(form.is_valid())
attrs = form.save(commit=False)
# nullify fields that were not requested
for fn in form.cleaned_data:
if fn in ('always_auth',):
pass
elif hasattr(attrs, fn) and fn not in sreg_fields:
setattr(attrs, fn, None)
if auto_auth or 'accept' in request.POST:
# prepare sreg response
for fn, send in form.cleaned_data.items():
if fn not in sreg_data:
pass
elif not send:
del sreg_data[fn]
elif isinstance(sreg_data[fn], list):
form_key = 'which_%s' % fn
val = form.cleaned_data[form_key]
if val not in sreg_data[fn]:
raise NotImplementedError(
'Changing choices not implemented yet')
sreg_data[fn] = val
if not auto_auth:
setattr(attrs, form_key, val)
if not auto_auth:
# save prefs in the db
# (if auto_auth, then nothing changed)
attrs.uid = ldap_user.uid
attrs.trust_root = oreq.trust_root
attrs.save()
oresp = oreq.answer(True, identity=request.build_absolute_uri(
reverse(user_page, args=(request.user.username,))))
sreg_resp = SRegResponse.extractResponse(sreg, sreg_data)
oresp.addExtension(sreg_resp)
if ax:
ax_resp = FetchResponse(ax)
for uri in ax.requested_attributes:
k = openid_ax_attribute_mapping.get(uri)
if k and k in sreg_data:
ax_resp.addValue(uri, sreg_data[k])
oresp.addExtension(ax_resp)
elif 'reject' in request.POST:
oresp = oreq.answer(False)
else:
return render(request, 'openid-auth-site.html', {
'error': 'Invalid request submitted.',
}, status=400)
if request.session.get('auto_logout', False):
# _logout clears request.session
_logout(request)
else:
del request.session['openid_request']
return render_openid_response(request, oresp)
form = SiteAuthForm(instance=saved_pref)
sreg_form = {}
# Fill in lists for choices
for f in sreg_fields:
if f not in sreg_data:
pass
elif isinstance(sreg_data[f], list):
form.fields['which_%s' % f].widget.choices = [
(x, x) for x in sreg_data[f]
]
sreg_form[f] = form['which_%s' % f]
else:
sreg_form[f] = format_html("<input type='text'"
+ " readonly='readonly'"
+ " value='{0}' />",
sreg_data[f])
try:
# TODO: cache it
if oreq.returnToVerified():
tr_valid = 'Return-To valid and trusted'
else:
tr_valid = 'Return-To untrusted'
except openid.yadis.discover.DiscoveryFailure:
tr_valid = 'Unable to verify trust (Yadis unsupported)'
except openid.fetchers.HTTPFetchingError:
tr_valid = 'Unable to verify trust (HTTP error)'
return render(request, 'openid-auth-site.html', {
'openid_request': oreq,
'return_to_valid': tr_valid,
'form': form,
'sreg': sreg_fields,
'sreg_form': sreg_form,
'policy_url': sreg.policy_url,
})
