summaryrefslogtreecommitdiff
path: root/coip/apps/auth/views.py
blob: bb8ba17d77e678b47cc2adbd33de57a9e7684fe6 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80

'''
Created on Jul 5, 2010

@author: leifj
'''
from django.http import HttpResponseRedirect
from coip.apps.userprofile.models import UserProfile
from django.contrib.auth.models import User
from coip.apps.auth.utils import anonid
from coip.apps.name.models import lookup
import datetime
from django.views.decorators.cache import never_cache
import logging

def meta(request,attr):
    v = request.META.get(attr)
    if not v:
        return None
    values = filter(lambda x: x != "(null)",v.split(";"))
    return values;

def accounts_login_federated(request):
    if request.user.is_authenticated():
        profile,created = UserProfile.objects.get_or_create(identifier=request.user.username)
        if created:
            profile.identifier = request.user.username
            request.user.delete()
            request.user = User(username=anonid())
            request.user.save()
            profile.user = request.user
        else:
            request.user = profile.user
            
        
        update = False
        cn = meta(request,'cn')
        if not cn:
            cn = meta(request,'displayName')
        logging.warn(cn)
        if not cn:
            fn = meta(request,'givenName')
            ln = meta(request,'sn')
            if fn and ln:
                cn = "%s %s" % (fn,ln)
        if not cn:
            cn = profile.identifier
            
        mail = meta(request,'mail')
        
        idp = meta(request,'Shib-Identity-Provider')
        
        for attrib_name, meta_value in (('display_name',cn),('email',mail),('idp',idp)):
            attrib_value = getattr(profile, attrib_name)
            if meta_value and not attrib_value:
                setattr(profile,attrib_name,meta_value)
                update = True
                
        if request.user.password == "":
            request.user.password = "(not used for federated logins)"
            update = True
            
        if update:
            request.user.save()
        
        # Allow auto_now to kick in for the lastupdated field
        #profile.lastupdated = datetime.datetime.now()    
        profile.save()
            
        next = request.session.get("after_login_redirect", None)
        if next is not None:
            return HttpResponseRedirect(next)
    else:
        pass
    return HttpResponseRedirect("/")

@never_cache
def logout(request):
    from django.contrib.auth import logout
    logout(request) 
    return HttpResponseRedirect("/Shibboleth.sso/Logout")
generated by cgit v1.1 at 2024-10-06 22:40:58 +0000