def clean(self): default_domain = settings.OPENSTACK_KEYSTONE_DEFAULT_DOMAIN username = self.cleaned_data.get('username') password = self.cleaned_data.get('password') totp = self.cleaned_data.get('totp') domain = self.cleaned_data.get('domain', default_domain) region_id = self.cleaned_data.get('region') try: region = get_region_endpoint(region_id) except (ValueError, IndexError, TypeError): raise forms.ValidationError("Invalid region %r" % region_id) self.cleaned_data['region'] = region if not (username and password): # Don't authenticate, just let the other validators handle it. return self.cleaned_data try: self.user_cache = authenticate(request=self.request, username=username, password=password, totp=totp, user_domain_name=domain, auth_url=region) LOG.info( 'Login successful for user "%(username)s" using domain ' '"%(domain)s", remote address %(remote_ip)s.', { 'username': username, 'domain': domain, 'remote_ip': utils.get_client_ip(self.request) }) except exceptions.KeystonePassExpiredException as exc: LOG.info( 'Login failed for user "%(username)s" using domain ' '"%(domain)s", remote address %(remote_ip)s: password' ' expired.', { 'username': username, 'domain': domain, 'remote_ip': utils.get_client_ip(self.request) }) if utils.allow_expired_passowrd_change(): raise raise forms.ValidationError(exc) except exceptions.KeystoneAuthException as exc: LOG.info( 'Login failed for user "%(username)s" using domain ' '"%(domain)s", remote address %(remote_ip)s.', { 'username': username, 'domain': domain, 'remote_ip': utils.get_client_ip(self.request) }) raise forms.ValidationError(exc) return self.cleaned_data
from openstack_auth import views urlpatterns = [ url(r"^login/$", views.login, name='login'), url(r"^logout/$", views.logout, name='logout'), url(r'^switch/(?P<tenant_id>[^/]+)/$', views.switch, name='switch_tenants'), url(r'^switch_services_region/(?P<region_name>[^/]+)/$', views.switch_region, name='switch_services_region'), url(r'^switch_keystone_provider/(?P<keystone_provider>[^/]+)/$', views.switch_keystone_provider, name='switch_keystone_provider'), url(r'^switch_system_scope/$', views.switch_system_scope, name='switch_system_scope'), ] if utils.allow_expired_passowrd_change(): urlpatterns.append( url(r'^password/(?P<user_id>[^/]+)/$', views.PasswordView.as_view(), name='password')) if settings.WEBSSO_ENABLED: urlpatterns += [ url(r"^websso/$", views.websso, name='websso'), url(r"^error/$", generic.TemplateView.as_view(template_name="403.html")) ]