def test_gakunin_login_by_email(self): TOKEN_ID = 1 NEW_TENANT_ID = '6' NEW_TENANT_NAME = 'FAKENAME' key = {} key['wsgi.url_scheme'] = 'https' key['email'] = '*****@*****.**' aToken = self.mox.CreateMock(api.Token) aToken.id = TOKEN_ID aToken.user = { 'roles': [{'name': 'fake'}]} aToken.serviceCatalog = {} self.mox.StubOutWithMock(api, 'token_create_by_email') api.token_create_by_email(IsA(http.HttpRequest), '*****@*****.**').AndReturn(aToken) aTenant = self.mox.CreateMock(api.Token) aTenant.id = NEW_TENANT_ID aTenant.name = NEW_TENANT_NAME self.mox.StubOutWithMock(api, 'tenant_list_for_token') api.tenant_list_for_token(IsA(http.HttpRequest), aToken.id).\ AndReturn([aTenant]) self.mox.ReplayAll() res = self.client.get(reverse('gakunin_login'), **key ) self.assertEqual(res._headers['location'], ('Location', 'https://testserver:80/auth/login/')) #self.assertRedirectsNoFollow(res, reverse('auth_login')) self.mox.VerifyAll() self.mox.UnsetStubs()
def _login_with_gakunin(request, from_email, from_eppn, region, show_error=False): try: token = None # first , try by eppn if from_eppn: try: token = api.token_create_by_eppn(request, from_eppn, region) except Exception, e: LOG.exception('error in token_create_by_eppn') pass # second, try by email if not token and from_email: try: token = api.token_create_by_email(request, from_email, region) if token: api.user_update_eppn(request, token.user['id'], from_eppn, region) except Exception, e: LOG.exception('error in token_create_by_email') pass
def login(request): if request.user and request.user.is_authenticated(): return shortcuts.redirect('dash_containers', request.user.tenant_id) # check ssl if not request.is_secure(): messages.error(request, "Gakunin Support needs to be accessed through TLS") return shortcuts.redirect('auth_login') from_email = request.META.get('email', None) from_eppn = request.META.get('eppn', None) token = None # first , try by eppn if from_eppn: token = api.token_create_by_eppn(request, from_eppn) # second, try by email if not token and from_email: token = api.token_create_by_email(request, from_email) def get_first_tenant_for_user(): tenants = api.tenant_list_for_token(request, token.id) return tenants[0] if len(tenants) else None if not token: messages.error(request, "Can't retrieve information from Gakunin") return shortcuts.redirect('auth_login') tenant = get_first_tenant_for_user() if not tenant: messages.error(request, 'No tenants present for user') return shortcuts.redirect('auth_login') request.session['unscoped_token'] = token.id def is_admin(token): for role in token.user['roles']: if role['name'].lower() == 'admin': return True return False request.session['admin'] = is_admin(token) if not token.user or not token.user.has_key('name'): return shortcuts.redirect('auth_login') request.session['serviceCatalog'] = token.serviceCatalog request.session['tenant_id'] = tenant.id request.session['tenant'] = tenant.name request.session['token'] = token.id request.session['user'] = token.user['name'] return shortcuts.redirect('dash_containers', tenant.id)