0007-views-handle-authentication-level-when-logging-in.patch
src/authentic2/views.py | ||
---|---|---|
261 | 261 |
def login(request, template_name='authentic2/login.html', |
262 | 262 |
redirect_field_name=REDIRECT_FIELD_NAME): |
263 | 263 |
"""Displays the login form and handles the login action.""" |
264 |
target_auth_level = int(request.GET.get('auth_level', 1)) |
|
264 | 265 | |
265 | 266 |
# redirect user to homepage if already connected, if setting |
266 | 267 |
# A2_LOGIN_REDIRECT_AUTHENTICATED_USERS_TO_HOMEPAGE is True |
267 |
if (request.user.is_authenticated() and |
|
268 |
app_settings.A2_LOGIN_REDIRECT_AUTHENTICATED_USERS_TO_HOMEPAGE): |
|
268 |
if (request.user.is_authenticated and |
|
269 |
app_settings.A2_LOGIN_REDIRECT_AUTHENTICATED_USERS_TO_HOMEPAGE and |
|
270 |
not target_auth_level > request.session['auth_level']): |
|
269 | 271 |
return utils.redirect(request, 'auth_homepage') |
270 | 272 | |
271 | 273 |
redirect_to = request.GET.get(redirect_field_name) |
... | ... | |
280 | 282 |
redirect_to = settings.LOGIN_REDIRECT_URL |
281 | 283 |
nonce = request.GET.get(constants.NONCE_FIELD_NAME) |
282 | 284 | |
283 |
authenticators = utils.get_backends('AUTH_FRONTENDS') |
|
285 |
authenticators = utils.get_backends('AUTH_FRONTENDS', target_auth_level)
|
|
284 | 286 | |
285 | 287 |
blocks = [] |
286 | 288 | |
... | ... | |
403 | 405 | |
404 | 406 |
def get_context_data(self, **kwargs): |
405 | 407 |
context = super(ProfileView, self).get_context_data(**kwargs) |
406 |
frontends = utils.get_backends('AUTH_FRONTENDS') |
|
408 |
frontends = utils.get_backends('AUTH_FRONTENDS', required_auth_level=0)
|
|
407 | 409 | |
408 | 410 |
request = self.request |
409 | 411 | |
410 |
- |