Project

General

Profile

0003-views-handle-authentication-level-when-logging-in-33.patch

Valentin Deniaud, 29 May 2019 03:01 PM

Download (2.26 KB)

View differences:

Subject: [PATCH 3/4] views: handle authentication level when logging in
 (#33550)

 src/authentic2/views.py | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)
src/authentic2/views.py
271 271
def login(request, template_name='authentic2/login.html',
272 272
          redirect_field_name=REDIRECT_FIELD_NAME):
273 273
    """Displays the login form and handles the login action."""
274
    current_auth_level = request.session.get('auth_level', 1)
275
    if request.user.is_authenticated():
276
        # prevent skipping authentication levels
277
        target_auth_level = min(int(request.GET.get('auth_level', 1)),
278
                                current_auth_level + 1)
279
    else:
280
        target_auth_level = 1
274 281

  
275 282
    # redirect user to homepage if already connected, if setting
276 283
    # A2_LOGIN_REDIRECT_AUTHENTICATED_USERS_TO_HOMEPAGE is True
277 284
    if (request.user.is_authenticated()
278
            and app_settings.A2_LOGIN_REDIRECT_AUTHENTICATED_USERS_TO_HOMEPAGE):
285
            and app_settings.A2_LOGIN_REDIRECT_AUTHENTICATED_USERS_TO_HOMEPAGE
286
            and not target_auth_level > current_auth_level):
279 287
        return utils.redirect(request, 'auth_homepage')
280 288

  
281 289
    redirect_to = request.GET.get(redirect_field_name)
......
290 298
            redirect_to = settings.LOGIN_REDIRECT_URL
291 299
    nonce = request.GET.get(constants.NONCE_FIELD_NAME)
292 300

  
293
    authenticators = utils.get_backends('AUTH_FRONTENDS')
301
    authenticators = utils.get_backends('AUTH_FRONTENDS', target_auth_level)
294 302

  
295 303
    blocks = []
296 304

  
......
410 418

  
411 419
    def get_context_data(self, **kwargs):
412 420
        context = super(ProfileView, self).get_context_data(**kwargs)
413
        frontends = utils.get_backends('AUTH_FRONTENDS')
421
        frontends = utils.get_backends('AUTH_FRONTENDS', required_auth_level=0)
414 422

  
415 423
        request = self.request
416 424

  
417
-