def entree_login(self, identity, site_id=None, next_url='/'): sess = self.request.session if SESSION_KEY not in sess: sess.cycle_key() elif ENTREE['SESSION_KEY'] in sess and sess[ENTREE['SESSION_KEY']] != identity.id: sess.flush() token = identity.create_token(extra_data={'session': sess.session_key}) sess[ENTREE['SESSION_KEY']] = identity.id sess[ENTREE['STORAGE_TOKEN_KEY']] = token.value self.request.entree_user = identity #can we redirect back to origin site or do we need activate profile first? if site_id: try: active = SiteProfile.objects.get(site_id=site_id, user=identity).is_active except SiteProfile.DoesNotExist: active = False if not active: kwargs = dict(site_id=site_id) if next_url: kwargs.update(dict(next_url=next_url)) next_url = reverse('profile_edit', kwargs=kwargs) else: next_url = get_next_url(site_id, next_url) return render_to_response('post_login.html', { 'next_url': next_url, 'user_token': token.value, }, context_instance=RequestContext(self.request))
def test_next_url_invalid_checksum_return_root(self): url = '/foo/' next_url = b64encode("%s:%sINVALID" % (url, calc_checksum(url, length=SHORT_CHECK) ) ) ret = get_next_url(self.valid_site.pk, next_url) assert_equals(ret.rstrip('/'), self.valid_site.url.rstrip('/'))
def test_next_url_no_checksum_return_root(self): url = '/foo/' ret = get_next_url(self.valid_site.pk, b64encode(url)) assert_equals(ret.rstrip('/'), self.valid_site.url.rstrip('/'))
def test_next_url_valid_checksum_return_input_url(self): url = '/foo/' next_url = b64encode("%s:%s" % (url, calc_checksum(url, length=SHORT_CHECK) ) ) ret = get_next_url(self.valid_site.pk, next_url) assert_equals(ret, "%s%s" % (self.valid_site.url, url))
def test_next_url_invalid_post_login_pacified(self): ret = get_next_url(self.valid_site.pk, b64encode('')) assert_equals(ret.rstrip('/'), self.valid_site.url)
def test_next_url_no_origin_site_redirects(self): ret = get_next_url(origin_site=self.valid_site.pk+1) assert_equals(ret, reverse('profile'))
def test_next_url_bad_origin_site_redirects(self): ret = get_next_url(origin_site=self.valid_site.pk+1, next_url='/foobar/') assert_equals(ret, reverse('profile'))
def form_valid(self, form): return self.entree_logout(get_next_url(self.kwargs.get('origin_site', ENTREE['DEFAULT_SITE']), self.kwargs.get('next_url')))