def ssl_auth(request): """ SSL certificate authentication. """ ssl_auth_form = SSLCertLoginForm(request.POST) if not ssl_auth_form.is_valid(): return HttpResponseBadRequest('400 Bad Request') session_id = cipher.decrypt( base64.b64decode(ssl_auth_form.cleaned_data['session_id']), 32) next_uri = ssl_auth_form.cleaned_data['login_uri'] user = authenticate(request=request) if user and user.is_active: _login(request, user) init_otp(request) if request.user.is_verified(): # OTP disabled next_uri = ssl_auth_form.cleaned_data['next'] else: messages.error(request, 'Certificate authentication failed') # so, django will always start a new session for us. we need to copy # the data to the original session and preferably flush the new one. session = SessionStore(session_key=session_id) session.update(request.session) # always logout automatically from SSL-based auth # it's easy enough to log back in anyway if 'openid_request' in session: session['auto_logout'] = True session.save() request.session.flush() return redirect(next_uri)
class SessionTestCase(TestCase): def setUp(self): self.session = SessionStore() def tearDown(self): self.session.delete() def test_set_and_get(self): self.session['spam'] = 'egg' self.assertEqual(self.session.get('spam'), 'egg') def test_set_and_pop(self): self.session['spam'] = 'egg' self.assertEqual(self.session.pop('spam'), 'egg') self.assertIsNone(self.session.get('spam')) def test_pop_no_default_keyerror_raised(self): with self.assertRaises(KeyError): self.session.pop('spam') def test_update(self): self.session.update({'update key': 1}) self.assertEqual(self.session.get('update key', None), 1) def test_has_key(self): self.session['spam'] = 'egg' self.assertIn('spam', self.session) def test_values(self): self.assertEqual(list(self.session.values()), []) self.session['spam'] = 'egg' self.assertEqual(list(self.session.values()), ['egg']) def test_keys(self): self.assertEqual(list(self.session.values()), []) self.session['spam'] = 'egg' self.assertEqual(list(self.session.keys()), ['spam']) def test_items(self): self.session['spam'] = 'egg' self.assertEqual(list(self.session.items()), [('spam', 'egg')]) def test_clear(self): self.session['spam'] = 'egg' self.session.clear() self.assertEqual(list(self.session.items()), []) def test_save(self): self.session.save() self.assertIs(self.session.exists(self.session.session_key), True) def test_delete(self): self.session.save() self.session.delete(self.session.session_key) self.assertIs(self.session.exists(self.session.session_key), False) def test_flush(self): self.session['spam'] = 'egg' self.session.save() prev_key = self.session.session_key self.session.flush() self.assertNotEqual(self.session.session_key, prev_key) self.assertIsNone(self.session.session_key)