Code factorisation in views.py
This commit is contained in:
Valentin Samir
@@ -45,6 +45,7 @@ logger = logging.getLogger(__name__)
|
|||||||
|
|
||||||
class LogoutMixin(object):
|
class LogoutMixin(object):
|
||||||
"""destroy CAS session utils"""
|
"""destroy CAS session utils"""
|
||||||
|
|
||||||
def logout(self, all_session=False):
|
def logout(self, all_session=False):
|
||||||
"""
|
"""
|
||||||
effectively destroy a CAS session
|
effectively destroy a CAS session
|
||||||
@@ -63,43 +64,53 @@ class LogoutMixin(object):
|
|||||||
logger.info("Logging out user %s from all of they sessions." % username)
|
logger.info("Logging out user %s from all of they sessions." % username)
|
||||||
else:
|
else:
|
||||||
logger.info("Logging out user %s." % username)
|
logger.info("Logging out user %s." % username)
|
||||||
# logout the user from the current session
|
users = []
|
||||||
|
# try to get the user from the current session
|
||||||
try:
|
try:
|
||||||
user = models.User.objects.get(
|
users.append(
|
||||||
username=username,
|
models.User.objects.get(
|
||||||
session_key=self.request.session.session_key
|
username=username,
|
||||||
|
session_key=self.request.session.session_key
|
||||||
|
)
|
||||||
)
|
)
|
||||||
# flush the session
|
except models.User.DoesNotExist:
|
||||||
|
# if user not found in database, flush the session anyway
|
||||||
self.request.session.flush()
|
self.request.session.flush()
|
||||||
|
|
||||||
|
# If all_session is set, search all of the user sessions
|
||||||
|
if all_session:
|
||||||
|
users.extend(models.User.objects.filter(username=username))
|
||||||
|
|
||||||
|
# Iterate over all user sessions that have to be logged out
|
||||||
|
for user in users:
|
||||||
|
# get the user session
|
||||||
|
session = SessionStore(session_key=user.session_key)
|
||||||
|
# flush the session
|
||||||
|
session.flush()
|
||||||
# send SLO requests
|
# send SLO requests
|
||||||
user.logout(self.request)
|
user.logout(self.request)
|
||||||
# delete the user
|
# delete the user
|
||||||
user.delete()
|
user.delete()
|
||||||
# increment the destroyed session counter
|
# increment the destroyed session counter
|
||||||
session_nb += 1
|
session_nb += 1
|
||||||
except models.User.DoesNotExist:
|
|
||||||
# if user not found in database, flush the session anyway
|
|
||||||
self.request.session.flush()
|
|
||||||
|
|
||||||
# If all_session is set logout user from alternative sessions
|
|
||||||
if all_session:
|
|
||||||
# Iterate over all user sessions
|
|
||||||
for user in models.User.objects.filter(username=username):
|
|
||||||
# get the user session
|
|
||||||
session = SessionStore(session_key=user.session_key)
|
|
||||||
# flush the session
|
|
||||||
session.flush()
|
|
||||||
# send SLO requests
|
|
||||||
user.logout(self.request)
|
|
||||||
# delete the user
|
|
||||||
user.delete()
|
|
||||||
# increment the destroyed session counter
|
|
||||||
session_nb += 1
|
|
||||||
if username:
|
if username:
|
||||||
logger.info("User %s logged out" % username)
|
logger.info("User %s logged out" % username)
|
||||||
return session_nb
|
return session_nb
|
||||||
|
|
||||||
|
|
||||||
|
class CsrfExemptView(View):
|
||||||
|
"""base class for csrf exempt class views"""
|
||||||
|
|
||||||
|
@method_decorator(csrf_exempt) # csrf is disabled for allowing SLO requests reception
|
||||||
|
def dispatch(self, request, *args, **kwargs):
|
||||||
|
"""
|
||||||
|
dispatch different http request to the methods of the same name
|
||||||
|
|
||||||
|
:param django.http.HttpRequest request: The current request object
|
||||||
|
"""
|
||||||
|
return super(CsrfExemptView, self).dispatch(request, *args, **kwargs)
|
||||||
|
|
||||||
|
|
||||||
class LogoutView(View, LogoutMixin):
|
class LogoutView(View, LogoutMixin):
|
||||||
"""destroy CAS session (logout) view"""
|
"""destroy CAS session (logout) view"""
|
||||||
|
|
||||||
@@ -210,17 +221,12 @@ class LogoutView(View, LogoutMixin):
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
class FederateAuth(View):
|
class FederateAuth(CsrfExemptView):
|
||||||
"""view to authenticated user agains a backend CAS then CAS_FEDERATE is True"""
|
"""
|
||||||
|
view to authenticated user agains a backend CAS then CAS_FEDERATE is True
|
||||||
|
|
||||||
@method_decorator(csrf_exempt) # csrf is disabled for allowing SLO requests reception
|
csrf is disabled for allowing SLO requests reception.
|
||||||
def dispatch(self, request, *args, **kwargs):
|
"""
|
||||||
"""
|
|
||||||
dispatch different http request to the methods of the same name
|
|
||||||
|
|
||||||
:param django.http.HttpRequest request: The current request object
|
|
||||||
"""
|
|
||||||
return super(FederateAuth, self).dispatch(request, *args, **kwargs)
|
|
||||||
|
|
||||||
def get_cas_client(self, request, provider, renew=False):
|
def get_cas_client(self, request, provider, renew=False):
|
||||||
"""
|
"""
|
||||||
@@ -923,18 +929,13 @@ class LoginView(View, LogoutMixin):
|
|||||||
return self.not_authenticated()
|
return self.not_authenticated()
|
||||||
|
|
||||||
|
|
||||||
class Auth(View):
|
class Auth(CsrfExemptView):
|
||||||
"""A simple view to validate username/password/service tuple"""
|
"""
|
||||||
# csrf is disable as it is intended to be used by programs. Security is assured by a shared
|
A simple view to validate username/password/service tuple
|
||||||
# secret between the programs dans django-cas-server.
|
|
||||||
@method_decorator(csrf_exempt)
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
|
||||||
"""
|
|
||||||
dispatch requests based on method GET, POST, ...
|
|
||||||
|
|
||||||
:param django.http.HttpRequest request: The current request object
|
csrf is disable as it is intended to be used by programs. Security is assured by a shared
|
||||||
"""
|
secret between the programs dans django-cas-server.
|
||||||
return super(Auth, self).dispatch(request, *args, **kwargs)
|
"""
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def post(request):
|
def post(request):
|
||||||
@@ -1041,8 +1042,9 @@ class Validate(View):
|
|||||||
|
|
||||||
|
|
||||||
@python_2_unicode_compatible
|
@python_2_unicode_compatible
|
||||||
class ValidateError(Exception):
|
class ValidationBaseError(Exception):
|
||||||
"""handle service validation error"""
|
"""Base class for both saml and cas validation error"""
|
||||||
|
|
||||||
#: The error code
|
#: The error code
|
||||||
code = None
|
code = None
|
||||||
#: The error message
|
#: The error message
|
||||||
@@ -1064,12 +1066,23 @@ class ValidateError(Exception):
|
|||||||
:return: the rendered ``cas_server/serviceValidateError.xml`` template
|
:return: the rendered ``cas_server/serviceValidateError.xml`` template
|
||||||
:rtype: django.http.HttpResponse
|
:rtype: django.http.HttpResponse
|
||||||
"""
|
"""
|
||||||
return render(
|
return render(request, self.template, self.contex(), content_type="text/xml; charset=utf-8")
|
||||||
request,
|
|
||||||
"cas_server/serviceValidateError.xml",
|
|
||||||
{'code': self.code, 'msg': self.msg},
|
class ValidateError(ValidationBaseError):
|
||||||
content_type="text/xml; charset=utf-8"
|
"""handle service validation error"""
|
||||||
)
|
|
||||||
|
#: template to be render for the error
|
||||||
|
template = "cas_server/serviceValidateError.xml"
|
||||||
|
|
||||||
|
def context(self):
|
||||||
|
"""
|
||||||
|
content to use to render :attr:`template`
|
||||||
|
|
||||||
|
:return: A dictionary to contextualize :attr:`template`
|
||||||
|
:rtype: dict
|
||||||
|
"""
|
||||||
|
return {'code': self.code, 'msg': self.msg}
|
||||||
|
|
||||||
|
|
||||||
class ValidateService(View):
|
class ValidateService(View):
|
||||||
@@ -1333,59 +1346,32 @@ class Proxy(View):
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@python_2_unicode_compatible
|
class SamlValidateError(ValidationBaseError):
|
||||||
class SamlValidateError(Exception):
|
|
||||||
"""handle saml validation error"""
|
"""handle saml validation error"""
|
||||||
#: The error code
|
|
||||||
code = None
|
|
||||||
#: The error message
|
|
||||||
msg = None
|
|
||||||
|
|
||||||
def __init__(self, code, msg=""):
|
#: template to be render for the error
|
||||||
self.code = code
|
template = "cas_server/samlValidateError.xml"
|
||||||
self.msg = msg
|
|
||||||
super(SamlValidateError, self).__init__(code)
|
|
||||||
|
|
||||||
def __str__(self):
|
def context(self):
|
||||||
return u"%s" % self.msg
|
|
||||||
|
|
||||||
def render(self, request):
|
|
||||||
"""
|
"""
|
||||||
render the error template for the exception
|
:return: A dictionary to contextualize :attr:`template`
|
||||||
|
:rtype: dict
|
||||||
:param django.http.HttpRequest request: The current request object:
|
|
||||||
:return: the rendered ``cas_server/samlValidateError.xml`` template
|
|
||||||
:rtype: django.http.HttpResponse
|
|
||||||
"""
|
"""
|
||||||
return render(
|
return {
|
||||||
request,
|
'code': self.code,
|
||||||
"cas_server/samlValidateError.xml",
|
'msg': self.msg,
|
||||||
{
|
'IssueInstant': timezone.now().isoformat(),
|
||||||
'code': self.code,
|
'ResponseID': utils.gen_saml_id()
|
||||||
'msg': self.msg,
|
}
|
||||||
'IssueInstant': timezone.now().isoformat(),
|
|
||||||
'ResponseID': utils.gen_saml_id()
|
|
||||||
},
|
|
||||||
content_type="text/xml; charset=utf-8"
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
class SamlValidate(View):
|
class SamlValidate(CsrfExemptView):
|
||||||
"""SAML ticket validation"""
|
"""SAML ticket validation"""
|
||||||
request = None
|
request = None
|
||||||
target = None
|
target = None
|
||||||
ticket = None
|
ticket = None
|
||||||
root = None
|
root = None
|
||||||
|
|
||||||
@method_decorator(csrf_exempt)
|
|
||||||
def dispatch(self, request, *args, **kwargs):
|
|
||||||
"""
|
|
||||||
dispatch requests based on method GET, POST, ...
|
|
||||||
|
|
||||||
:param django.http.HttpRequest request: The current request object
|
|
||||||
"""
|
|
||||||
return super(SamlValidate, self).dispatch(request, *args, **kwargs)
|
|
||||||
|
|
||||||
def post(self, request):
|
def post(self, request):
|
||||||
"""
|
"""
|
||||||
methode called on POST request on this view
|
methode called on POST request on this view
|
||||||
|
|||||||
Reference in New Issue
Block a user