def userpage(request, uid):
#Check whether this is a YADIS request
if checkYadisRequest(request):
return useryadis(request, uid)
user = get_object_or_404(DjangoidUser.objects, djangouser = uid)
user.attributes = user.get_attributes(True)
mid = microid(user.get_user_page(), user.get_user_page())
res = render_to_response("users/userpage.html", {"server_url": settings.BASE_URL[:-1] + urlreverse("djangoid.server.views.endpoint"), "user": user, "microid": mid})
res["X-XRDS-Location"] = user.get_yadis_uri()
return res
def endpoint(request):
#If this is (most likely) a YADIS request, handle it using the YADIS view function
if checkYadisRequest(request):
return serveryadis(request)
r = convertToOpenIDRequest(request)
#If the request wasnt a valid OpenID server request, render some static page.
#TODO: use render_to_response("about.html")
if r is None:
return HttpResponse("about")
#Check whether we got to do anything...
if r.mode in ["checkid_immediate", "checkid_setup"]:
#Get a DjangoidUser, based on the identity URI
user = getDjangoidUserFromIdentity(r.identity)
#If the user is not in our database yet, or he's not authenticated (or authenticated using some other
#username), redirect to the login page. This is part of the "users" application.
#Make sure we pass all OpenID related information in the URL
if not request.user or request.user.is_authenticated() == False:
return redirect_to_login(urllib.quote(r.encodeToURL("/".join([""] + settings.BASE_URL.split("/")[3:]))) + "&tr=" + urllib.quote(r.trust_root), login_url = settings.BASE_URL + "login/")
if not request.user.username == user.djangouser:
raise Exception, "Logged in as " + request.user.username + " while expecting " + user.djangouser
#Is the user authenticated, and does he trust this trust_root?
if user.authenticate(r.trust_root): #user logged in (using r.identity and r.trust_root)
response = r.answer(True)
#User is logged in, but hasnt added this trust_root to his list of permanently trusted roots.
#If this is an immediate request, we can't ask the user now though. Reply with a failure, passing the
#URI to which a second request (non-immediate) should be made. This is this same view.
elif r.immediate:
response = r.answer(False, settings.BASE_URL)
#Right, we got to ask the user whether he trusts this trust_root, and whether he wants to add it to his
#list of permanently trusted roots. This is handled in the "users" application.
else:
return HttpResponseRedirect(r.encodeToURL(settings.BASE_URL + "accept/"))
#If not, let the OpenID server do everything for us :-)
else:
response = handleOpenIDRequest(r)
return convertToHttpResponse(response)