def login_idporten_mock(): if request.method != 'POST': return render_template('bruker_login.html') ssn = request.form['ssn'] password = request.form['password'] if DEBUG_PASSWORD is None or password != DEBUG_PASSWORD: app.logger.error('Running in debug mode, incorrect DEBUG_PASSWORD or not set') abort(403) auth_user = authentication.login_idporten_user_by_private_id(ssn, {}) login_user(auth_user, remember=True) # Force the user to fill in the profile if unregistered if not auth_user.is_registered(): response = make_response(redirect("/profil")) else: # Check if the user wants to redirect to a specific page redirect_target = get_redirect_target_from_cookie(request) response = make_response(redirect(redirect_target or request.args.get('next') or '/')) invalidate_redirect_target_cookie(response) set_cookie(response, 'auth_token', make_auth_token(auth_user.user_id)) return response
def logged_in(): # IDPorten redirects to this URL if all ok with login app.logger.info("User logged in via ID-porten: request.values=%s", request.values) SAMLResponse = request.values['SAMLResponse'] res = IdpResponse( SAMLResponse, "TODO: remove signature parameter" ) # Decrypt response from IDPorten with our private key, and make sure that the response is valid # (it was encrypted with same key) valid = res.is_valid(app.idporten_settings["idp_cert_file"], app.idporten_settings["private_key_file"]) if valid: national_id_number = res.get_decrypted_assertion_attribute_value("uid")[0] idporten_parameters = { "session_index": res.get_session_index(), "name_id": res.name_id } auth_user = authentication.login_idporten_user_by_private_id(national_id_number, idporten_parameters) login_user(auth_user, remember=True) # Force the user to fill in the profile if unregistered if not auth_user.is_registered(): app.logger.info("Logged in: %s Uregistrert bruker (%s)", datetime.now().isoformat(), national_id_number[:6]) response = make_response(redirect("/profile")) else: app.logger.info("Logged in: %s %s %s (%s)", datetime.now().isoformat(), auth_user.first_name, auth_user.last_name, national_id_number[:6]) # Check if the user wants to redirect to a specific page redirect_target = get_redirect_target_from_cookie(request) response = make_response(redirect(redirect_target or request.args.get('next') or '/')) invalidate_redirect_target_cookie(response) set_cookie(response, 'auth_token', make_auth_token(auth_user.user_id)) return response else: abort(404, 'Ugyldig innlogging.')