def login(request,
login_url=None,
redirect_field_name=REDIRECT_FIELD_NAME,
*args,
**kwargs):
if request.user.is_authenticated():
# Similar redirect_to processing as in django.contrib.auth.views.login
redirect_to = request.REQUEST.get(redirect_field_name, '')
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or ' ' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
# Heavier security check -- redirects to http://example.com should
# not be allowed, but things like /view/?param=http://example.com
# should be allowed. This regex checks if there is a '//' *before* a
# question mark.
elif '//' in redirect_to and re.match(r'[^\?]*//', redirect_to):
redirect_to = settings.LOGIN_REDIRECT_URL
return HttpResponseRedirect(redirect_to)
try:
response = dj_login(request, *args, **kwargs)
except ValueError:
# Certain values in the database password field can cause a ValueError
# in that case, return a redirect back to the login page
return HttpResponseRedirect((login_url or reverse('login')) + '?' +
request.GET.urlencode())
if type(response) == HttpResponseRedirect:
# Successful login, add user to IP based groups
update_membership_by_ip(request.user, request.META['REMOTE_ADDR'])
Activity.objects.create(event='login',
request=request,
content_object=request.user)
return response
def login(request, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME,
*args, **kwargs):
# until anon users return False for is_authenticated
# anon domains and pass-throughs are incompatible
if request.user.is_authenticated() and not(settings.ANONYMOUS_DOMAINS):
# Similar redirect_to processing as in django.contrib.auth.views.login
redirect_to = request.REQUEST.get(redirect_field_name, '')
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or ' ' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
# Heavier security check -- redirects to http://example.com should
# not be allowed, but things like /view/?param=http://example.com
# should be allowed. This regex checks if there is a '//' *before* a
# question mark.
elif '//' in redirect_to and re.match(r'[^\?]*//', redirect_to):
redirect_to = settings.LOGIN_REDIRECT_URL
return HttpResponseRedirect(redirect_to)
try:
response = dj_login(request, *args, **kwargs)
except ValueError:
# Certain values in the database password field can cause a ValueError
# in that case, return a redirect back to the login page
return HttpResponseRedirect((login_url or reverse('login')) + '?' + request.GET.urlencode())
if type(response) == HttpResponseRedirect:
# Successful login, add user to IP based groups
update_membership_by_ip(request.user, request.META['REMOTE_ADDR'])
Activity.objects.create(event='login',
request=request,
content_object=request.user)
return response
def login(request, login_url=None, *args, **kwargs):
try:
response = dj_login(request, *args, **kwargs)
except ValueError:
# Certain values in the database password field can cause a ValueError
# in that case, return a redirect back to the login page
return HttpResponseRedirect((login_url or reverse('login')) + '?' + request.GET.urlencode())
if type(response) == HttpResponseRedirect:
# Successful login, add user to IP based groups
update_membership_by_ip(request.user, request.META['REMOTE_ADDR'])
return response
def testIPBased(self):
usergroup = ExtendedGroup.objects.create(name='ipbased-test', type=IP_BASED_GROUP)
usergroup.subnet_set.create(subnet='134.126.0.0/255.255.0.0')
user = User.objects.create(username='******')
self.assertFalse(usergroup.id in user.groups.all().values_list('id', flat=True))
update_membership_by_ip(user, '134.126.1.2')
self.assertTrue(usergroup.id in user.groups.all().values_list('id', flat=True))
update_membership_by_ip(user, '127.0.0.1')
self.assertFalse(usergroup.id in user.groups.all().values_list('id', flat=True))
