From 830309225a435ded91cd56ae03279f0832c97f49 Mon Sep 17 00:00:00 2001
From: Tom Hubrecht <tom.hubrecht@ens.fr>
Date: Thu, 21 Jan 2021 23:23:16 +0100
Subject: [PATCH 1/4] Regarde d'abord dans CASAccount puis dans OldCASAccount
 pour la connexion vieilleux

---
 authens/backends.py | 25 +++++++++++++++++++------
 1 file changed, 19 insertions(+), 6 deletions(-)

diff --git a/authens/backends.py b/authens/backends.py
index c077716..1ceba3b 100644
--- a/authens/backends.py
+++ b/authens/backends.py
@@ -73,6 +73,14 @@ class ENSCASBackend:
             i += 1
         return radical + str(i)
 
+    def create_user(self, username, attributes):
+        """Create a CAS user, base method that can be overrided to add more
+        information.
+        """
+
+        email = attributes.get("email")
+        return UserModel.objects.create_user(username=username, email=email)
+
     def _get_or_create(self, cas_login, attributes):
         """Handles account retrieval, creation and invalidation as described above.
 
@@ -82,7 +90,6 @@ class ENSCASBackend:
         - If a matching CAS account exists, retrieve it.
         """
 
-        email = attributes.get("email")
         entrance_year = parse_entrance_year(attributes.get("homeDirectory"))
         if entrance_year is None:
             raise ENSCASError("Entrance year not available")
@@ -103,7 +110,7 @@ class ENSCASBackend:
 
             if user is None:
                 username = self.get_free_username(cas_login, attributes)
-                user = UserModel.objects.create_user(username=username, email=email)
+                user = self.create_user(username, attributes)
                 CASAccount.objects.create(
                     user=user, entrance_year=entrance_year, cas_login=cas_login
                 )
@@ -130,10 +137,16 @@ class OldCASBackend:
             return
 
         try:
-            old_cas_acc = OldCASAccount.objects.get(
-                cas_login=cas_login, entrance_year=entrance_year
-            )
-            user = old_cas_acc.user
+            try:
+                cas_acc = CASAccount.objects.get(
+                    cas_login=cas_login, entrance_year=entrance_year
+                )
+                user = cas_acc.user
+            except CASAccount.DoesNotExist:
+                old_cas_acc = OldCASAccount.objects.get(
+                    cas_login=cas_login, entrance_year=entrance_year
+                )
+                user = old_cas_acc.user
         except OldCASAccount.DoesNotExist:
             # As in Django's ModelBackend, we run the password hasher once
             # to mitigate timing attacks

From d9490ba34ad0856d267c6755bbec5333fa09902d Mon Sep 17 00:00:00 2001
From: Tom Hubrecht <tom.hubrecht@ens.fr>
Date: Thu, 21 Jan 2021 23:43:38 +0100
Subject: [PATCH 2/4] Rajoute un lien sur le login_switch pour reset le mdp
 avec une explication pour les gens utilisant le CAS

---
 authens/static/authens/css/authens.css      | 16 +++++++++++++
 authens/templates/authens/login_switch.html | 26 +++++++++++++--------
 2 files changed, 32 insertions(+), 10 deletions(-)

diff --git a/authens/static/authens/css/authens.css b/authens/static/authens/css/authens.css
index 5c4fe75..b78cae8 100644
--- a/authens/static/authens/css/authens.css
+++ b/authens/static/authens/css/authens.css
@@ -37,6 +37,22 @@ html, body {
   flex-flow: row wrap;
 }
 
+#container-footer {
+  width: 100%;
+  background: #505160;
+  color: white;
+}
+
+#container-footer p {
+  padding: 5px;
+  font-weight: initial;
+  font-size: 1em;
+  margin: 0;
+}
+
+#container-footer a {
+  color: red;
+}
 /*
   Background color definitions
 */
diff --git a/authens/templates/authens/login_switch.html b/authens/templates/authens/login_switch.html
index 62e9d7d..1adbfff 100644
--- a/authens/templates/authens/login_switch.html
+++ b/authens/templates/authens/login_switch.html
@@ -7,16 +7,22 @@
 
 {% block content %}
 <div id="container-content">
-  <a class="big-button cas" href="{% url "authens:login.cas" %}?next={{ next| urlencode }}">
-    {% trans "Clipper" %}
-  </a>
-  <a class="big-button exte" href="{% url "authens:login.pwd" %}?next={{ next| urlencode }}">
-    {% trans "Mot de passe" %}
-  </a>
-  {% if oldcas %}
-    <a class="big-button oldcas" href="{% url "authens:login.oldcas" %}?next={{ next| urlencode }}">
-      {% trans "Vieilleux" %}
+    <a class="big-button cas" href="{% url "authens:login.cas" %}?next={{ next| urlencode }}">
+        {% trans "Clipper" %}
     </a>
-  {% endif %}
+    <a class="big-button exte" href="{% url "authens:login.pwd" %}?next={{ next| urlencode }}">
+        {% trans "Mot de passe" %}
+    </a>
+    {% if oldcas %}
+    <a class="big-button oldcas" href="{% url "authens:login.oldcas" %}?next={{ next| urlencode }}">
+        {% trans "Vieilleux" %}
+    </a>
+    {% endif %}
 </div>
+{% if oldcas %}
+<div id="container-footer">
+    {% url "authens:reset.pwd" as url_reset %}
+    <p>{% blocktrans %}Si votre fin de scolarité approche, créez un mot de passe pour votre compte pour bénéficier de la connexion vieilleux : <a href="{{ url_reset }}">Créer un mot de passe</a>.{% endblocktrans %}</p>
+</div>
+{% endif %}
 {% endblock %}

From 4dbd0a1a80f322d73060a68b3ed6f3671ad36718 Mon Sep 17 00:00:00 2001
From: Tom Hubrecht <tom.hubrecht@ens.fr>
Date: Sat, 23 Jan 2021 11:07:21 +0100
Subject: [PATCH 3/4] =?UTF-8?q?On=20rajoute=20un=20test=20pour=20l'auth=20?=
 =?UTF-8?q?OldCAS=20avec=20un=20compte=20CAS=20non=20migr=C3=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 authens/tests/test_backend.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/authens/tests/test_backend.py b/authens/tests/test_backend.py
index 3c1556f..d321e88 100644
--- a/authens/tests/test_backend.py
+++ b/authens/tests/test_backend.py
@@ -123,3 +123,12 @@ class TestOldCASBackend(TestCase):
             None, cas_login="johndoe", entrance_year=2014, password="password"
         )
         self.assertEqual(auth_user, user)
+
+    def test_not_migrated_auth(self):
+        user = UserModel.objects.create_user(username="vieilleux", password="password")
+        CASAccount.objects.create(user=user, cas_login="vieilleux", entrance_year=2015)
+
+        auth_user = authenticate(
+            None, cas_login="vieilleux", entrance_year=2015, password="password"
+        )
+        self.assertEqual(auth_user, user)

From 6804681dc748190560ca2679ee49651bc8195cfd Mon Sep 17 00:00:00 2001
From: Tom Hubrecht <tom.hubrecht@ens.fr>
Date: Thu, 28 Jan 2021 20:29:37 +0100
Subject: [PATCH 4/4] Fix typos et couleur

---
 authens/static/authens/css/authens.css      | 2 +-
 authens/templates/authens/login_switch.html | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/authens/static/authens/css/authens.css b/authens/static/authens/css/authens.css
index b78cae8..387f816 100644
--- a/authens/static/authens/css/authens.css
+++ b/authens/static/authens/css/authens.css
@@ -51,7 +51,7 @@ html, body {
 }
 
 #container-footer a {
-  color: red;
+  color: white;
 }
 /*
   Background color definitions
diff --git a/authens/templates/authens/login_switch.html b/authens/templates/authens/login_switch.html
index 1adbfff..3d05908 100644
--- a/authens/templates/authens/login_switch.html
+++ b/authens/templates/authens/login_switch.html
@@ -22,7 +22,7 @@
 {% if oldcas %}
 <div id="container-footer">
     {% url "authens:reset.pwd" as url_reset %}
-    <p>{% blocktrans %}Si votre fin de scolarité approche, créez un mot de passe pour votre compte pour bénéficier de la connexion vieilleux : <a href="{{ url_reset }}">Créer un mot de passe</a>.{% endblocktrans %}</p>
+    <p>{% blocktrans %}Si votre fin de scolarité approche, créez un mot de passe pour votre compte pour bénéficier de la connexion vieilleux : <a href="{{ url_reset }}">créer un mot de passe</a>.{% endblocktrans %}</p>
 </div>
 {% endif %}
 {% endblock %}