def ssl_auth(request):
""" SSL certificate authentication. """
ssl_auth_form = SSLCertLoginForm(request.POST)
if not ssl_auth_form.is_valid():
return HttpResponseBadRequest('400 Bad Request')
session_id = cipher.decrypt(
base64.b64decode(ssl_auth_form.cleaned_data['session_id']),
32)
next_uri = ssl_auth_form.cleaned_data['login_uri']
user = authenticate(request=request)
if user and user.is_active:
_login(request, user)
init_otp(request)
if request.user.is_verified(): # OTP disabled
next_uri = ssl_auth_form.cleaned_data['next']
else:
messages.error(request, 'Certificate authentication failed')
# so, django will always start a new session for us. we need to copy
# the data to the original session and preferably flush the new one.
session = SessionStore(session_key=session_id)
session.update(request.session)
# always logout automatically from SSL-based auth
# it's easy enough to log back in anyway
if 'openid_request' in session:
session['auto_logout'] = True
session.save()
request.session.flush()
return redirect(next_uri)
class SessionTestCase(TestCase):
def setUp(self):
self.session = SessionStore()
def tearDown(self):
self.session.delete()
def test_set_and_get(self):
self.session['spam'] = 'egg'
self.assertEqual(self.session.get('spam'), 'egg')
def test_set_and_pop(self):
self.session['spam'] = 'egg'
self.assertEqual(self.session.pop('spam'), 'egg')
self.assertIsNone(self.session.get('spam'))
def test_pop_no_default_keyerror_raised(self):
with self.assertRaises(KeyError):
self.session.pop('spam')
def test_update(self):
self.session.update({'update key': 1})
self.assertEqual(self.session.get('update key', None), 1)
def test_has_key(self):
self.session['spam'] = 'egg'
self.assertIn('spam', self.session)
def test_values(self):
self.assertEqual(list(self.session.values()), [])
self.session['spam'] = 'egg'
self.assertEqual(list(self.session.values()), ['egg'])
def test_keys(self):
self.assertEqual(list(self.session.values()), [])
self.session['spam'] = 'egg'
self.assertEqual(list(self.session.keys()), ['spam'])
def test_items(self):
self.session['spam'] = 'egg'
self.assertEqual(list(self.session.items()), [('spam', 'egg')])
def test_clear(self):
self.session['spam'] = 'egg'
self.session.clear()
self.assertEqual(list(self.session.items()), [])
def test_save(self):
self.session.save()
self.assertIs(self.session.exists(self.session.session_key), True)
def test_delete(self):
self.session.save()
self.session.delete(self.session.session_key)
self.assertIs(self.session.exists(self.session.session_key), False)
def test_flush(self):
self.session['spam'] = 'egg'
self.session.save()
prev_key = self.session.session_key
self.session.flush()
self.assertNotEqual(self.session.session_key, prev_key)
self.assertIsNone(self.session.session_key)
