Skip to content
Toggle navigation
P
Projects
G
Groups
S
Snippets
Help
Gyuricska Milán
/
cloud
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Members
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Commit
7ff38593
authored
Sep 08, 2014
by
Őry Máté
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
dashboard: add TokenLogin view
parent
c766e690
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
47 additions
and
3 deletions
+47
-3
circle/dashboard/views.py
+47
-3
No files found.
circle/dashboard/views.py
View file @
7ff38593
...
...
@@ -29,8 +29,9 @@ import requests
from
django.conf
import
settings
from
django.contrib.auth.models
import
User
,
Group
from
django.contrib.auth.views
import
login
,
redirect_to_login
from
django.contrib.auth.views
import
login
as
login_view
,
redirect_to_login
from
django.contrib.auth.decorators
import
login_required
from
django.contrib.auth
import
login
from
django.contrib.messages.views
import
SuccessMessageMixin
from
django.core.exceptions
import
(
PermissionDenied
,
SuspiciousOperation
,
...
...
@@ -2985,12 +2986,55 @@ def circle_login(request):
extra_context
=
{
'saml2'
:
saml_available
,
}
response
=
login
(
request
,
authentication_form
=
authentication_form
,
extra_context
=
extra_context
)
response
=
login
_view
(
request
,
authentication_form
=
authentication_form
,
extra_context
=
extra_context
)
set_language_cookie
(
request
,
response
)
return
response
class
TokenLogin
(
View
):
token_max_age
=
120
# seconds
@classmethod
def
get_salt
(
cls
):
return
unicode
(
cls
)
@classmethod
def
get_token
(
cls
,
user
,
sudoer
):
return
signing
.
dumps
((
sudoer
.
pk
,
user
.
pk
),
salt
=
cls
.
get_salt
(),
compress
=
True
)
@classmethod
def
get_token_url
(
cls
,
user
,
sudoer
):
key
=
cls
.
get_token
(
user
,
sudoer
)
return
reverse
(
"dashboard.views.token-login"
,
args
=
(
key
,
))
def
get
(
self
,
request
,
token
,
*
args
,
**
kwargs
):
try
:
data
=
signing
.
loads
(
token
,
salt
=
self
.
get_salt
(),
max_age
=
self
.
token_max_age
)
logger
.
debug
(
'TokenLogin token data:
%
s'
,
unicode
(
data
))
sudoer
,
user
=
data
logger
.
debug
(
'Extracted TokenLogin data: sudoer:
%
s, user:
%
s'
,
unicode
(
sudoer
),
unicode
(
user
))
except
(
signing
.
BadSignature
,
ValueError
,
TypeError
)
as
e
:
logger
.
warning
(
'Tried invalid TokenLogin token. '
'Token:
%
s, user:
%
s.
%
s'
,
token
,
unicode
(
self
.
request
.
user
),
unicode
(
e
))
raise
SuspiciousOperation
()
sudoer
=
User
.
objects
.
get
(
pk
=
sudoer
)
if
not
sudoer
.
is_superuser
:
raise
PermissionDenied
()
user
=
User
.
objects
.
get
(
pk
=
user
)
user
.
backend
=
'django.contrib.auth.backends.ModelBackend'
logger
.
warning
(
'
%
s
%
d logged in as user
%
s
%
d'
,
unicode
(
sudoer
),
sudoer
.
pk
,
unicode
(
user
),
user
.
pk
)
login
(
request
,
user
)
messages
.
info
(
request
,
_
(
"Logged in as user
%
s."
)
%
unicode
(
user
))
return
redirect
(
"/"
)
class
MyPreferencesView
(
UpdateView
):
model
=
Profile
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment