def accept(request): r = convertToOpenIDRequest(request) if r is None: return HttpResponse("Nothing here") if request.method == "GET": return render_to_response("users/accept_root.html", {"openid_request": r}) if request.method == "POST": if request.POST.has_key("cancel"): return convertToHttpResponse(r.answer(False)) if request.POST.has_key("remember"): user = getDjangoidUserFromIdentity(r.identity) root = TrustedRoot.objects.get(root = r.trust_root) user.trusted_roots.add(root) return convertToHttpResponse(r.answer(True))
def endpoint(request): #If this is (most likely) a YADIS request, handle it using the YADIS view function if checkYadisRequest(request): return serveryadis(request) r = convertToOpenIDRequest(request) #If the request wasnt a valid OpenID server request, render some static page. #TODO: use render_to_response("about.html") if r is None: return HttpResponse("about") #Check whether we got to do anything... if r.mode in ["checkid_immediate", "checkid_setup"]: #Get a DjangoidUser, based on the identity URI user = getDjangoidUserFromIdentity(r.identity) #If the user is not in our database yet, or he's not authenticated (or authenticated using some other #username), redirect to the login page. This is part of the "users" application. #Make sure we pass all OpenID related information in the URL if not request.user or request.user.is_authenticated() == False: return redirect_to_login(urllib.quote(r.encodeToURL("/".join([""] + settings.BASE_URL.split("/")[3:]))) + "&tr=" + urllib.quote(r.trust_root), login_url = settings.BASE_URL + "login/") if not request.user.username == user.djangouser: raise Exception, "Logged in as " + request.user.username + " while expecting " + user.djangouser #Is the user authenticated, and does he trust this trust_root? if user.authenticate(r.trust_root): #user logged in (using r.identity and r.trust_root) response = r.answer(True) #User is logged in, but hasnt added this trust_root to his list of permanently trusted roots. #If this is an immediate request, we can't ask the user now though. Reply with a failure, passing the #URI to which a second request (non-immediate) should be made. This is this same view. elif r.immediate: response = r.answer(False, settings.BASE_URL) #Right, we got to ask the user whether he trusts this trust_root, and whether he wants to add it to his #list of permanently trusted roots. This is handled in the "users" application. else: return HttpResponseRedirect(r.encodeToURL(settings.BASE_URL + "accept/")) #If not, let the OpenID server do everything for us :-) else: response = handleOpenIDRequest(r) return convertToHttpResponse(response)