Changeset 10403


Ignore:
Timestamp:
5 Jul 2013, 09:41:43 (12 years ago)
Author:
uli
Message:

Fix check_session_cookie().
Reorganize login() to be more readable.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • main/waeup.cas/trunk/waeup/cas/server.py

    r10400 r10403  
    103103    """Check whether `cookie_value` represents a valid ticket granting
    104104    ticket in `db`.
     105
     106    `cookie_value` is a string representing a ticket granting ticket
     107    maybe stored in `db`.
     108
     109    If a respective cookie can be found, a
     110    :class:`waeup.cas.db.TicketGrantingCookie` is returend. Else
     111    ``None`` is returned.
    105112    """
    106113    if cookie_value is None:
    107         return False
     114        return None
    108115    try:
    109116        # turn value into unicode (py2.x) / str (py3.x)
     
    119126
    120127
     128def get_template(name):
     129    path = os.path.join(template_dir, name)
     130    if os.path.isfile(path):
     131        return open(path, 'r').read()
     132    return None
     133
     134
     135def login_redirect_service(db, service):
     136    """Return a response redirecting to a service via HTTP 303 See Other.
     137    """
     138    # safely redirect to service given
     139    st = create_service_ticket(service)
     140    db.add(st)
     141    service = '%s?ticket=%s' % (service, st.ticket)
     142    html = get_template('login_service_redirect.html')
     143    html = html.replace('SERVICE_URL', service)
     144    resp = exc.HTTPSeeOther(location=service)
     145    # try to forbid caching of any type
     146    resp.cache_control = 'no-store'
     147    resp.pragma = 'no-cache'
     148    # some arbitrary date in the past
     149    resp.expires = 'Thu, 01 Dec 1994 16:00:00 GMT'
     150    resp.text = html
     151    return resp
     152
     153
     154def login_success_no_service(db, msg='', sso=False):
     155    """Show logged-in screen after successful auth.
     156
     157    `sso` must be a boolean indicating whether login happened via
     158    credentials (``False``) or via cookie (``True``).
     159
     160    Returns a response.
     161    """
     162    # show logged-in screen
     163    html = get_template('login_successful.html')
     164    html = html.replace('MSG_TEXT', msg)
     165    resp = Response(html)
     166    if not sso:
     167        resp = set_session_cookie(resp, db)
     168    return resp
     169
     170
    121171class CASServer(object):
    122172    """A WSGI CAS server.
     
    161211        password = req.POST.get('password', None)
    162212        valid_lt = check_login_ticket(self.db, req.POST.get('lt'))
    163         tgc = req.cookies.get('cas-tgc', None)
    164         tgc = check_session_cookie(self.db, tgc)
     213        tgc = check_session_cookie(self.db, req.cookies.get('cas-tgc', None))
    165214        if username and password and valid_lt or tgc:
    166215            # act as credentials acceptor
     
    175224                if service is None:
    176225                    # show logged-in screen
    177                     html = self._get_template('login_successful.html')
    178                     html = html.replace('MSG_TEXT', msg)
    179                     resp = Response(html)
    180                     if not tgc:
    181                         resp = set_session_cookie(resp, self.db)
    182                     return resp
     226                    sso = (tgc is not None)
     227                    return login_success_no_service(self.db, msg, sso)
    183228                else:
    184229                    # safely redirect to service given
    185                     st = create_service_ticket(service)
    186                     self.db.add(st)
    187                     service = '%s?ticket=%s' % (service, st.ticket)
    188                     html = self._get_template('login_service_redirect.html')
    189                     html = html.replace('SERVICE_URL', service)
    190                     resp = exc.HTTPSeeOther(location=service)
    191                     resp.cache_control = 'no-store'
    192                     resp.pragma = 'no-cache'
    193                     # some arbitrary date in the past
    194                     resp.expires = 'Thu, 01 Dec 1994 16:00:00 GMT'
    195                     resp.text = html
    196                     return resp
     230                    return login_redirect_service(self.db, service)
    197231            else:
    198232                # login failed
Note: See TracChangeset for help on using the changeset viewer.