1 |
1 |
import json
|
2 |
|
from uuid import uuid4
|
3 |
2 |
import requests
|
4 |
3 |
from xml.etree import ElementTree
|
5 |
4 |
|
6 |
5 |
from django.views.generic.base import TemplateView
|
|
6 |
from django.views.generic import FormView
|
7 |
7 |
from django.views.decorators.csrf import csrf_exempt
|
8 |
8 |
from django.shortcuts import render_to_response
|
9 |
9 |
from django.core import signing
|
10 |
10 |
from django.http.request import QueryDict
|
|
11 |
from django.contrib.auth import authenticate
|
|
12 |
from django.utils.translation import ugettext_lazy as _
|
11 |
13 |
|
12 |
14 |
from mellon.views import LoginView as MellonLoginView
|
13 |
15 |
|
14 |
|
from .organization.models import Organization
|
|
16 |
from .organization.models import Organization, LocalAccount
|
15 |
17 |
from .forms import GuestLoginForm, VoucherLoginForm
|
16 |
18 |
from .utils import create_radius_user, is_organization_idp, \
|
17 |
19 |
get_idp_list
|
... | ... | |
22 |
24 |
|
23 |
25 |
homepage = HomeView.as_view()
|
24 |
26 |
|
|
27 |
class LoginMixin(object):
|
|
28 |
def login(self, organization):
|
|
29 |
context = {'organization': organization}
|
|
30 |
result = create_radius_user()
|
|
31 |
if result:
|
|
32 |
username, password = result
|
|
33 |
params = QueryDict(self.request.session[organization.slug], mutable=True)
|
|
34 |
hotspot_url = organization.hotspot_url
|
|
35 |
|
|
36 |
if 'login_url' in params:
|
|
37 |
hotspot_url = params.pop('login_url')[0]
|
|
38 |
|
|
39 |
context.update({'params': params.urlencode(),
|
|
40 |
'hotspot_url': hotspot_url,
|
|
41 |
'data': {'username': username,
|
|
42 |
'password': password}
|
|
43 |
})
|
|
44 |
return render_to_response('uauth/%s_login_successful.html' % organization.hotspot_type,
|
|
45 |
context)
|
|
46 |
return render_to_response('uauth/login_failed.html', context)
|
|
47 |
|
25 |
48 |
|
26 |
|
class LoginView(MellonLoginView):
|
|
49 |
class LoginView(LoginMixin, MellonLoginView):
|
27 |
50 |
|
28 |
51 |
def authenticate(self, request, login, attributes):
|
29 |
52 |
relayState = signing.loads(login.msgRelayState)
|
... | ... | |
41 |
64 |
eduPersonTargetedID_NameQualifier = attributes['issuer']
|
42 |
65 |
|
43 |
66 |
if is_organization_idp(eduPersonTargetedID_NameQualifier, organization):
|
44 |
|
username = uuid4().get_hex()
|
45 |
|
password = uuid4().get_hex()
|
46 |
|
context = {'organization': organization}
|
47 |
|
if create_radius_user(username, password):
|
48 |
|
params = QueryDict(self.request.session[organization.slug], mutable=True)
|
49 |
|
hotspot_url = organization.hotspot_url
|
50 |
|
|
51 |
|
if 'login_url' in params:
|
52 |
|
hotspot_url = params.pop('login_url')[0]
|
53 |
|
|
54 |
|
context.update({'params': params.urlencode(),
|
55 |
|
'hotspot_url': hotspot_url,
|
56 |
|
'data': {'username': username,
|
57 |
|
'password': password
|
58 |
|
}
|
59 |
|
})
|
60 |
|
return render_to_response('uauth/%s_login_successful.html' % organization.hotspot_type,
|
61 |
|
context)
|
62 |
|
return render_to_response('uauth/login_failed.html', context)
|
|
67 |
return self.login(organization)
|
63 |
68 |
|
64 |
69 |
login = csrf_exempt(LoginView.as_view())
|
65 |
70 |
|
66 |
71 |
|
67 |
|
class OrganizationPageView(TemplateView):
|
|
72 |
class OrganizationPageView(LoginMixin, FormView):
|
|
73 |
form_class = GuestLoginForm
|
68 |
74 |
template_name = 'uauth/organization.html'
|
69 |
75 |
|
70 |
76 |
def get_context_data(self, **kwargs):
|
71 |
77 |
context = super(OrganizationPageView, self).get_context_data(**kwargs)
|
72 |
78 |
idps = get_idp_list()
|
73 |
|
organization = Organization.objects.get(slug=kwargs['organization_slug'])
|
|
79 |
organization = Organization.objects.get(slug=self.kwargs['organization_slug'])
|
74 |
80 |
self.request.session[organization.slug] = self.request.GET.urlencode()
|
75 |
81 |
relay = signing.dumps({'organization': organization.slug})
|
76 |
82 |
context.update({'idps': idps,
|
77 |
|
'guest_login_form': GuestLoginForm(),
|
78 |
|
'voucher_login_form': VoucherLoginForm(),
|
|
83 |
'guest_login_form': kwargs['form'],
|
79 |
84 |
'relay': relay,
|
80 |
|
'organization': organization
|
|
85 |
'organization': organization,
|
|
86 |
'voucher_login_form': VoucherLoginForm()
|
81 |
87 |
})
|
82 |
88 |
return context
|
83 |
89 |
|
|
90 |
def form_valid(self, form):
|
|
91 |
data = form.cleaned_data
|
|
92 |
organization = Organization.objects.get(slug=self.kwargs['organization_slug'])
|
|
93 |
data.update({'organization': organization})
|
|
94 |
user = authenticate(**data)
|
|
95 |
if user:
|
|
96 |
return self.login(organization)
|
|
97 |
else:
|
|
98 |
form.add_error(None, _('Unknown or inactive user'))
|
|
99 |
return self.form_invalid(form)
|
|
100 |
|
84 |
101 |
organization = OrganizationPageView.as_view()
|
local accounts authentication (#7066)