summaryrefslogtreecommitdiff
path: root/meetingtools/apps/auth
diff options
context:
space:
mode:
authorLeif Johansson <leifj@sunet.se>2011-02-08 20:46:40 +0100
committerLeif Johansson <leifj@sunet.se>2011-02-08 20:46:40 +0100
commit0fb514f0a73aef806b826348d043c68534af2745 (patch)
treebd388ab8e3de4c93a6ba0a5e1b83a4087a14b6e2 /meetingtools/apps/auth
parenta20ff434501a099b259da903d88b47bb77e07469 (diff)
v1
Diffstat (limited to 'meetingtools/apps/auth')
-rw-r--r--meetingtools/apps/auth/__init__.py0
-rw-r--r--meetingtools/apps/auth/utils.py26
-rw-r--r--meetingtools/apps/auth/views.py84
3 files changed, 110 insertions, 0 deletions
diff --git a/meetingtools/apps/auth/__init__.py b/meetingtools/apps/auth/__init__.py
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/meetingtools/apps/auth/__init__.py
diff --git a/meetingtools/apps/auth/utils.py b/meetingtools/apps/auth/utils.py
new file mode 100644
index 0000000..3a7efe6
--- /dev/null
+++ b/meetingtools/apps/auth/utils.py
@@ -0,0 +1,26 @@
+'''
+Created on Jul 7, 2010
+
+@author: leifj
+'''
+from uuid import uuid4
+
+def nonce():
+ return uuid4().hex
+
+def anonid():
+ return uuid4().urn
+
+def groups(request):
+ groups = []
+ if request.user.is_authenticated():
+ if request.session and request.session.has_key('entitlement'):
+ groups = groups + request.session['entitlement']
+
+ if '@' in request.user.username:
+ (local,domain) = request.user.username.split('@')
+ groups.append(domain)
+ for e in ('member','employee','student'):
+ groups.append("%s@%s" % (e,domain))
+
+ return groups \ No newline at end of file
diff --git a/meetingtools/apps/auth/views.py b/meetingtools/apps/auth/views.py
new file mode 100644
index 0000000..877e43f
--- /dev/null
+++ b/meetingtools/apps/auth/views.py
@@ -0,0 +1,84 @@
+'''
+Created on Jul 5, 2010
+
+@author: leifj
+'''
+from django.http import HttpResponseRedirect
+from django.contrib.auth.models import User
+import datetime
+from django.views.decorators.cache import never_cache
+import logging
+from meetingtools.apps.userprofile.models import UserProfile
+
+def meta(request,attr):
+ v = request.META.get(attr)
+ if not v:
+ return None
+ values = filter(lambda x: x != "(null)",v.split(";"))
+ return values;
+
+def meta1(request,attr):
+ v = meta(request,attr)
+ if v:
+ return v[0]
+ else:
+ return None
+
+def accounts_login_federated(request):
+ if request.user.is_authenticated():
+ profile,created = UserProfile.objects.get_or_create(user=request.user)
+ if created:
+ profile.identifier = request.user.username
+ profile.user = request.user
+ profile.save()
+
+ update = False
+ cn = meta1(request,'cn')
+ if not cn:
+ cn = meta1(request,'displayName')
+ logging.warn(cn)
+ if not cn:
+ fn = meta1(request,'givenName')
+ ln = meta1(request,'sn')
+ if fn and ln:
+ cn = "%s %s" % (fn,ln)
+ if not cn:
+ cn = profile.identifier
+
+ mail = meta1(request,'mail')
+
+ idp = meta1(request,'Shib-Identity-Provider')
+
+ for attrib_name, meta_value in (('display_name',cn),('email',mail),('idp',idp)):
+ attrib_value = getattr(profile, attrib_name)
+ if meta_value and not attrib_value:
+ setattr(profile,attrib_name,meta_value)
+ update = True
+
+ if request.user.password == "":
+ request.user.password = "(not used for federated logins)"
+ update = True
+
+ if update:
+ request.user.save()
+
+ # Allow auto_now to kick in for the lastupdated field
+ #profile.lastupdated = datetime.datetime.now()
+ profile.save()
+
+ epe = meta(request,'entitlement')
+ if epe:
+ request.session['entitlement'] = epe
+
+ next = request.session.get("after_login_redirect", None)
+ if next is not None:
+ return HttpResponseRedirect(next)
+ else:
+ pass
+ return HttpResponseRedirect("/")
+
+@never_cache
+def logout(request):
+ from django.contrib.auth import logout
+ logout(request)
+ return HttpResponseRedirect("/Shibboleth.sso/Logout") \ No newline at end of file