def entree_login(self, identity, site_id=None, next_url='/'):
sess = self.request.session
if SESSION_KEY not in sess:
sess.cycle_key()
elif ENTREE['SESSION_KEY'] in sess and sess[ENTREE['SESSION_KEY']] != identity.id:
sess.flush()
token = identity.create_token(extra_data={'session': sess.session_key})
sess[ENTREE['SESSION_KEY']] = identity.id
sess[ENTREE['STORAGE_TOKEN_KEY']] = token.value
self.request.entree_user = identity
#can we redirect back to origin site or do we need activate profile first?
if site_id:
try:
active = SiteProfile.objects.get(site_id=site_id, user=identity).is_active
except SiteProfile.DoesNotExist:
active = False
if not active:
kwargs = dict(site_id=site_id)
if next_url:
kwargs.update(dict(next_url=next_url))
next_url = reverse('profile_edit', kwargs=kwargs)
else:
next_url = get_next_url(site_id, next_url)
return render_to_response('post_login.html', {
'next_url': next_url,
'user_token': token.value,
}, context_instance=RequestContext(self.request))
def test_next_url_invalid_checksum_return_root(self):
url = '/foo/'
next_url = b64encode("%s:%sINVALID" % (url, calc_checksum(url, length=SHORT_CHECK) ) )
ret = get_next_url(self.valid_site.pk, next_url)
assert_equals(ret.rstrip('/'), self.valid_site.url.rstrip('/'))
def test_next_url_no_checksum_return_root(self):
url = '/foo/'
ret = get_next_url(self.valid_site.pk, b64encode(url))
assert_equals(ret.rstrip('/'), self.valid_site.url.rstrip('/'))
def test_next_url_valid_checksum_return_input_url(self):
url = '/foo/'
next_url = b64encode("%s:%s" % (url, calc_checksum(url, length=SHORT_CHECK) ) )
ret = get_next_url(self.valid_site.pk, next_url)
assert_equals(ret, "%s%s" % (self.valid_site.url, url))
def test_next_url_invalid_post_login_pacified(self):
ret = get_next_url(self.valid_site.pk, b64encode(''))
assert_equals(ret.rstrip('/'), self.valid_site.url)
def test_next_url_no_origin_site_redirects(self):
ret = get_next_url(origin_site=self.valid_site.pk+1)
assert_equals(ret, reverse('profile'))
def test_next_url_bad_origin_site_redirects(self):
ret = get_next_url(origin_site=self.valid_site.pk+1, next_url='/foobar/')
assert_equals(ret, reverse('profile'))
def form_valid(self, form):
return self.entree_logout(get_next_url(self.kwargs.get('origin_site', ENTREE['DEFAULT_SITE']), self.kwargs.get('next_url')))
