def _process(self): login_reason = session.pop('login_reason', None) # User is already logged in if session.user is not None: multipass.set_next_url() return multipass.redirect_success() # Some clients attempt to incorrectly resolve redirections internally. # See https://github.com/indico/indico/issues/4720 for details user_agent = request.headers.get('User-Agent', '') sso_redirect = not any(s in user_agent for s in ('ms-office', 'Microsoft Office')) # If we have only one provider, and this provider is external, we go there immediately # However, after a failed login we need to show the page to avoid a redirect loop if not session.pop( '_multipass_auth_failed', False ) and 'provider' not in request.view_args and sso_redirect: single_auth_provider = multipass.single_auth_provider if single_auth_provider and single_auth_provider.is_external: multipass.set_next_url() return redirect( url_for('.login', provider=single_auth_provider.name)) # Save the 'next' url to go to after login multipass.set_next_url() # If there's a provider in the URL we start the external login process if 'provider' in request.view_args: provider = _get_provider(request.view_args['provider'], True) return provider.initiate_external_login() # If we have a POST request we submitted a login form for a local provider rate_limit_exceeded = False if request.method == 'POST': active_provider = provider = _get_provider( request.form['_provider'], False) form = provider.login_form() rate_limit_exceeded = not login_rate_limiter.test() if not rate_limit_exceeded and form.validate_on_submit(): response = multipass.handle_login_form(provider, form.data) if response: return response # re-check since a failed login may have triggered the rate limit rate_limit_exceeded = not login_rate_limiter.test() # Otherwise we show the form for the default provider else: active_provider = multipass.default_local_auth_provider form = active_provider.login_form() if active_provider else None providers = list(multipass.auth_providers.values()) retry_in = login_rate_limiter.get_reset_delay( ) if rate_limit_exceeded else None return render_template('auth/login_page.html', form=form, providers=providers, active_provider=active_provider, login_reason=login_reason, retry_in=retry_in)
def _process(self): # User is already logged in if session.user is not None: multipass.set_next_url() return multipass.redirect_success() # If we have only one provider, and this provider is external, we go there immediately # However, after a failed login we need to show the page to avoid a redirect loop if not session.pop('_multipass_auth_failed', False) and 'provider' not in request.view_args: single_auth_provider = multipass.single_auth_provider if single_auth_provider and single_auth_provider.is_external: return redirect(url_for('.login', provider=single_auth_provider.name)) # Save the 'next' url to go to after login multipass.set_next_url() # If there's a provider in the URL we start the external login process if 'provider' in request.view_args: provider = _get_provider(request.view_args['provider'], True) return provider.initiate_external_login() # If we have a POST request we submitted a login form for a local provider if request.method == 'POST': active_provider = provider = _get_provider(request.form['_provider'], False) form = provider.login_form() if form.validate_on_submit(): response = multipass.handle_login_form(provider, form.data) if response: return response # Otherwise we show the form for the default provider else: active_provider = multipass.default_local_auth_provider form = active_provider.login_form() if active_provider else None providers = multipass.auth_providers.values() return render_template('auth/login_page.html', form=form, providers=providers, active_provider=active_provider)