def redirect_third_party_auth_if_need(self, request): # show jumpserver login page if request http://{JUMP-SERVER}/?admin=1 if self.request.GET.get("admin", 0): return None auth_types = [m for m in self.get_support_auth_methods() if m.get('auto_redirect')] if not auth_types: return None # 明确直接登录哪个 login_to = settings.LOGIN_REDIRECT_TO_BACKEND.upper() if login_to == 'DIRECT': return None auth_method = next(filter(lambda x: x['name'] == login_to, auth_types), None) if not auth_method: auth_method = auth_types[0] auth_name, redirect_url = auth_method['name'], auth_method['url'] next_url = request.GET.get('next') or '/' query_string = request.GET.urlencode() redirect_url = '{}?next={}&{}'.format(redirect_url, next_url, query_string) if settings.LOGIN_REDIRECT_MSG_ENABLED: message_data = { 'title': _('Redirecting'), 'message': _("Redirecting to {} authentication").format(auth_name), 'redirect_url': redirect_url, 'interval': 3, 'has_cancel': True, 'cancel_url': reverse('authentication:login') + '?admin=1' } redirect_url = FlashMessageUtil.gen_message_url(message_data) return redirect_url
def get(self, request, *args, **kwargs): code = request.GET.get('code') if not code: return HttpResponse('Not found the code') message_data = FlashMessageUtil.get_message_by_code(code) if not message_data: return HttpResponse('Message code error') items = ('title', 'message', 'error', 'redirect_url', 'confirm_button', 'cancel_url') title, msg, error, redirect_url, confirm_btn, cancel_url = bulk_get( message_data, items) interval = message_data.get('interval', 3) auto_redirect = message_data.get('auto_redirect', True) has_cancel = message_data.get('has_cancel', False) context = { 'title': title, 'message': msg, 'error': error, 'interval': interval, 'redirect_url': redirect_url, 'auto_redirect': auto_redirect, 'confirm_button': confirm_btn, 'has_cancel': has_cancel, 'cancel_url': cancel_url, } return self.render_to_response(context)
def redirect_third_party_auth_if_need(self, request): # show jumpserver login page if request http://{JUMP-SERVER}/?admin=1 if self.request.GET.get("admin", 0): return None auth_type = '' auth_url = '' if settings.AUTH_OPENID: auth_type = 'OIDC' auth_url = reverse(settings.AUTH_OPENID_AUTH_LOGIN_URL_NAME) elif settings.AUTH_CAS: auth_type = 'CAS' auth_url = reverse(settings.CAS_LOGIN_URL_NAME) if not auth_url: return None message_data = { 'title': _('Redirecting'), 'message': _("Redirecting to {} authentication").format(auth_type), 'redirect_url': auth_url, 'has_cancel': True, 'cancel_url': reverse('authentication:login') + '?admin=1' } redirect_url = FlashMessageUtil.gen_message_url(message_data) query_string = request.GET.urlencode() redirect_url = "{}&{}".format(redirect_url, query_string) return redirect_url
def redirect_third_party_auth_if_need(self, request): # show jumpserver login page if request http://{JUMP-SERVER}/?admin=1 if self.request.GET.get("admin", 0): return None next_url = request.GET.get('next') or '/' auth_type = '' if settings.AUTH_OPENID: auth_type = 'OIDC' openid_auth_url = reverse(settings.AUTH_OPENID_AUTH_LOGIN_URL_NAME) openid_auth_url = openid_auth_url + f'?next={next_url}' else: openid_auth_url = None if settings.AUTH_CAS: auth_type = 'CAS' cas_auth_url = reverse( settings.CAS_LOGIN_URL_NAME) + f'?next={next_url}' else: cas_auth_url = None if settings.AUTH_SAML2: auth_type = 'saml2' saml2_auth_url = reverse( settings.SAML2_LOGIN_URL_NAME) + f'?next={next_url}' else: saml2_auth_url = None if not any([openid_auth_url, cas_auth_url, saml2_auth_url]): return None login_redirect = settings.LOGIN_REDIRECT_TO_BACKEND.lower() if login_redirect in ['direct']: return None if login_redirect in ['cas'] and cas_auth_url: auth_url = cas_auth_url elif login_redirect in ['openid', 'oidc'] and openid_auth_url: auth_url = openid_auth_url elif login_redirect in ['saml2'] and saml2_auth_url: auth_url = saml2_auth_url else: auth_url = openid_auth_url or cas_auth_url or saml2_auth_url if settings.LOGIN_REDIRECT_TO_BACKEND or not settings.LOGIN_REDIRECT_MSG_ENABLED: redirect_url = auth_url else: message_data = { 'title': _('Redirecting'), 'message': _("Redirecting to {} authentication").format(auth_type), 'redirect_url': auth_url, 'interval': 3, 'has_cancel': True, 'cancel_url': reverse('authentication:login') + '?admin=1' } redirect_url = FlashMessageUtil.gen_message_url(message_data) query_string = request.GET.urlencode() redirect_url = "{}&{}".format(redirect_url, query_string) return redirect_url
def get_redirect_url(): message_data = { 'title': _('Reset password success'), 'message': _('Reset password success, return to login page'), 'redirect_url': reverse('authentication:login'), 'auto_redirect': True, } return FlashMessageUtil.gen_message_url(message_data)
def get_failed_response(redirect_url, title, msg): message_data = { 'title': title, 'error': msg, 'interval': 5, 'redirect_url': redirect_url, } return FlashMessageUtil.gen_and_redirect_to(message_data)
def redirect_message_response(self, **kwargs): message_data = self.message_data for key, value in kwargs.items(): if isinstance(value, str): message_data[key] = value if message_data.get('message'): message_data.pop('error') redirect_url = FlashMessageUtil.gen_message_url(message_data) return redirect(redirect_url)
def has_already_bound_message(): message_data = { 'title': _('Already bound'), 'error': _('MFA already bound, disable first, then bound'), 'interval': 10, 'redirect_url': reverse('authentication:user-otp-disable'), } response = FlashMessageUtil.gen_and_redirect_to(message_data) return response
def get_success_url(self): message_data = { 'title': _('OTP disable success'), 'message': _('OTP disable success, return login page'), 'interval': 5, 'redirect_url': reverse('authentication:login'), } url = FlashMessageUtil.gen_message_url(message_data) return url
def generate_reset_password_url_with_flash_msg(cls, user, message): reset_passwd_url = reverse('authentication:reset-password') query_str = urlencode({'token': user.generate_reset_token()}) reset_passwd_url = f'{reset_passwd_url}?{query_str}' message_data = { 'title': _('Please change your password'), 'message': message, 'interval': 3, 'redirect_url': reset_passwd_url, } return FlashMessageUtil.gen_message_url(message_data)
def get_redirect_message_url(): message_data = { 'title': _('Send reset password message'), 'message': _('Send reset password mail success, ' 'login your mail box and follow it '), 'redirect_url': reverse('authentication:login'), } url = FlashMessageUtil.gen_message_url(message_data) return url