an auth view to validate (username, password, service) by remote service
This commit is contained in:
parent
690c2c3b29
commit
cb84936b6c
@ -102,16 +102,18 @@ class User(models.Model):
|
|||||||
url = utils.update_url(service, {'ticket':ticket.value})
|
url = utils.update_url(service, {'ticket':ticket.value})
|
||||||
return url
|
return url
|
||||||
|
|
||||||
class BadUsername(Exception):
|
class ServicePatternException(Exception):
|
||||||
|
pass
|
||||||
|
class BadUsername(ServicePatternException):
|
||||||
"""Exception raised then an non allowed username
|
"""Exception raised then an non allowed username
|
||||||
try to get a ticket for a service"""
|
try to get a ticket for a service"""
|
||||||
pass
|
pass
|
||||||
class BadFilter(Exception):
|
class BadFilter(ServicePatternException):
|
||||||
""""Exception raised then a user try
|
""""Exception raised then a user try
|
||||||
to get a ticket for a service and do not reach a condition"""
|
to get a ticket for a service and do not reach a condition"""
|
||||||
pass
|
pass
|
||||||
|
|
||||||
class UserFieldNotDefined(Exception):
|
class UserFieldNotDefined(ServicePatternException):
|
||||||
"""Exception raised then a user try to get a ticket for a service
|
"""Exception raised then a user try to get a ticket for a service
|
||||||
using as username an attribut not present on this user"""
|
using as username an attribut not present on this user"""
|
||||||
pass
|
pass
|
||||||
|
@ -27,5 +27,6 @@ urlpatterns = patterns(
|
|||||||
url('^p3/serviceValidate$', views.ValidateService.as_view(allow_proxy_ticket=False), name='p3_serviceValidate'),
|
url('^p3/serviceValidate$', views.ValidateService.as_view(allow_proxy_ticket=False), name='p3_serviceValidate'),
|
||||||
url('^p3/proxyValidate$', views.ValidateService.as_view(allow_proxy_ticket=True), name='p3_proxyValidate'),
|
url('^p3/proxyValidate$', views.ValidateService.as_view(allow_proxy_ticket=True), name='p3_proxyValidate'),
|
||||||
url('^samlValidate$', views.SamlValidate.as_view(), name='samlValidate'),
|
url('^samlValidate$', views.SamlValidate.as_view(), name='samlValidate'),
|
||||||
|
url('^auth$', views.Auth.as_view(), name='auth'),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -281,6 +281,47 @@ class LoginView(View, LogoutMixin):
|
|||||||
else:
|
else:
|
||||||
return self.not_authenticated()
|
return self.not_authenticated()
|
||||||
|
|
||||||
|
class Auth(View):
|
||||||
|
"""A simple view to validate username/password/service tuple"""
|
||||||
|
@method_decorator(csrf_exempt)
|
||||||
|
def dispatch(self, request, *args, **kwargs):
|
||||||
|
"""dispatch requests based on method GET, POST, ..."""
|
||||||
|
return super(Auth, self).dispatch(request, *args, **kwargs)
|
||||||
|
|
||||||
|
@staticmethod
|
||||||
|
def post(request):
|
||||||
|
"""methode called on GET request on this view"""
|
||||||
|
username = request.POST.get('username')
|
||||||
|
password = request.POST.get('password')
|
||||||
|
service = request.POST.get('service')
|
||||||
|
|
||||||
|
if not username or not password or not service:
|
||||||
|
print "not username or service or password"
|
||||||
|
return HttpResponse("no\n", content_type="text/plain")
|
||||||
|
form = forms.UserCredential(
|
||||||
|
request.POST,
|
||||||
|
initial={
|
||||||
|
'service':service,
|
||||||
|
'method':'POST',
|
||||||
|
'warn':False
|
||||||
|
}
|
||||||
|
)
|
||||||
|
if form.is_valid():
|
||||||
|
try:
|
||||||
|
user = models.User.objects.get(username=form.cleaned_data['username'])
|
||||||
|
# is the service allowed
|
||||||
|
service_pattern = models.ServicePattern.validate(service)
|
||||||
|
# is the current user allowed on this service
|
||||||
|
service_pattern.check_user(user)
|
||||||
|
# if the user has asked to be warned before any login to a service
|
||||||
|
return HttpResponse("yes\n", content_type="text/plain")
|
||||||
|
except (models.ServicePattern.DoesNotExist, models.ServicePatternException) as error:
|
||||||
|
print "error: %r" % error
|
||||||
|
return HttpResponse("no\n", content_type="text/plain")
|
||||||
|
else:
|
||||||
|
print "bad password"
|
||||||
|
return HttpResponse("no\n", content_type="text/plain")
|
||||||
|
|
||||||
class Validate(View):
|
class Validate(View):
|
||||||
"""service ticket validation"""
|
"""service ticket validation"""
|
||||||
@staticmethod
|
@staticmethod
|
||||||
|
Loading…
Reference in New Issue
Block a user