an auth view to validate (username, password, service) by remote service

This commit is contained in:
Valentin Samir 2015-06-03 18:15:37 +02:00
parent 690c2c3b29
commit cb84936b6c
3 changed files with 47 additions and 3 deletions

View File

@ -102,16 +102,18 @@ class User(models.Model):
url = utils.update_url(service, {'ticket':ticket.value}) url = utils.update_url(service, {'ticket':ticket.value})
return url return url
class BadUsername(Exception): class ServicePatternException(Exception):
pass
class BadUsername(ServicePatternException):
"""Exception raised then an non allowed username """Exception raised then an non allowed username
try to get a ticket for a service""" try to get a ticket for a service"""
pass pass
class BadFilter(Exception): class BadFilter(ServicePatternException):
""""Exception raised then a user try """"Exception raised then a user try
to get a ticket for a service and do not reach a condition""" to get a ticket for a service and do not reach a condition"""
pass pass
class UserFieldNotDefined(Exception): class UserFieldNotDefined(ServicePatternException):
"""Exception raised then a user try to get a ticket for a service """Exception raised then a user try to get a ticket for a service
using as username an attribut not present on this user""" using as username an attribut not present on this user"""
pass pass

View File

@ -27,5 +27,6 @@ urlpatterns = patterns(
url('^p3/serviceValidate$', views.ValidateService.as_view(allow_proxy_ticket=False), name='p3_serviceValidate'), url('^p3/serviceValidate$', views.ValidateService.as_view(allow_proxy_ticket=False), name='p3_serviceValidate'),
url('^p3/proxyValidate$', views.ValidateService.as_view(allow_proxy_ticket=True), name='p3_proxyValidate'), url('^p3/proxyValidate$', views.ValidateService.as_view(allow_proxy_ticket=True), name='p3_proxyValidate'),
url('^samlValidate$', views.SamlValidate.as_view(), name='samlValidate'), url('^samlValidate$', views.SamlValidate.as_view(), name='samlValidate'),
url('^auth$', views.Auth.as_view(), name='auth'),
) )

View File

@ -281,6 +281,47 @@ class LoginView(View, LogoutMixin):
else: else:
return self.not_authenticated() return self.not_authenticated()
class Auth(View):
"""A simple view to validate username/password/service tuple"""
@method_decorator(csrf_exempt)
def dispatch(self, request, *args, **kwargs):
"""dispatch requests based on method GET, POST, ..."""
return super(Auth, self).dispatch(request, *args, **kwargs)
@staticmethod
def post(request):
"""methode called on GET request on this view"""
username = request.POST.get('username')
password = request.POST.get('password')
service = request.POST.get('service')
if not username or not password or not service:
print "not username or service or password"
return HttpResponse("no\n", content_type="text/plain")
form = forms.UserCredential(
request.POST,
initial={
'service':service,
'method':'POST',
'warn':False
}
)
if form.is_valid():
try:
user = models.User.objects.get(username=form.cleaned_data['username'])
# is the service allowed
service_pattern = models.ServicePattern.validate(service)
# is the current user allowed on this service
service_pattern.check_user(user)
# if the user has asked to be warned before any login to a service
return HttpResponse("yes\n", content_type="text/plain")
except (models.ServicePattern.DoesNotExist, models.ServicePatternException) as error:
print "error: %r" % error
return HttpResponse("no\n", content_type="text/plain")
else:
print "bad password"
return HttpResponse("no\n", content_type="text/plain")
class Validate(View): class Validate(View):
"""service ticket validation""" """service ticket validation"""
@staticmethod @staticmethod