Prevent escaping of logout message
This commit is contained in:
parent
76fd5ca344
commit
7133ae65a6
2 changed files with 23 additions and 17 deletions
|
@ -1,9 +1,11 @@
|
||||||
# -*- coding: utf-8 -*-
|
# -*- coding: utf-8 -*-
|
||||||
|
from django.conf import settings
|
||||||
|
from django.contrib import messages
|
||||||
from django.contrib.auth.signals import user_logged_out
|
from django.contrib.auth.signals import user_logged_out
|
||||||
from django.dispatch import receiver
|
from django.dispatch import receiver
|
||||||
|
from django.template.loader import render_to_string
|
||||||
from django.utils.safestring import mark_safe
|
from django.utils.safestring import mark_safe
|
||||||
|
|
||||||
from allauth.account.adapter import get_adapter
|
|
||||||
from allauth.account.utils import get_next_redirect_url
|
from allauth.account.utils import get_next_redirect_url
|
||||||
from allauth.socialaccount import providers
|
from allauth.socialaccount import providers
|
||||||
|
|
||||||
|
@ -14,7 +16,8 @@ from . import CAS_PROVIDER_SESSION_KEY
|
||||||
def cas_account_logout(sender, request, **kwargs):
|
def cas_account_logout(sender, request, **kwargs):
|
||||||
provider_id = request.session.get(CAS_PROVIDER_SESSION_KEY)
|
provider_id = request.session.get(CAS_PROVIDER_SESSION_KEY)
|
||||||
|
|
||||||
if not provider_id:
|
if (not provider_id or
|
||||||
|
'django.contrib.messages' not in settings.INSTALLED_APPS):
|
||||||
return
|
return
|
||||||
|
|
||||||
provider = providers.registry.by_id(provider_id, request)
|
provider = providers.registry.by_id(provider_id, request)
|
||||||
|
@ -22,24 +25,26 @@ def cas_account_logout(sender, request, **kwargs):
|
||||||
if not provider.message_on_logout(request):
|
if not provider.message_on_logout(request):
|
||||||
return
|
return
|
||||||
|
|
||||||
adapter = get_adapter(request)
|
|
||||||
|
|
||||||
redirect_url = (
|
redirect_url = (
|
||||||
get_next_redirect_url(request) or
|
get_next_redirect_url(request) or
|
||||||
adapter.get_logout_redirect_url(request)
|
request.get_full_path()
|
||||||
)
|
)
|
||||||
|
|
||||||
logout_kwargs = {'next': redirect_url} if redirect_url else {}
|
logout_kwargs = {'next': redirect_url} if redirect_url else {}
|
||||||
logout_url = provider.get_logout_url(request, **logout_kwargs)
|
logout_url = provider.get_logout_url(request, **logout_kwargs)
|
||||||
|
|
||||||
level = provider.message_on_logout_level(request)
|
|
||||||
logout_link = mark_safe('<a href="{}">link</a>'.format(logout_url))
|
logout_link = mark_safe('<a href="{}">link</a>'.format(logout_url))
|
||||||
|
|
||||||
adapter.add_message(
|
level = provider.message_on_logout_level(request)
|
||||||
request, level,
|
|
||||||
message_template='cas_account/messages/logged_out.txt',
|
# DefaultAccountAdapter.add_message from allauth.account.adapter is
|
||||||
message_context={
|
# unusable because HTML in message content is always escaped.
|
||||||
'logout_url': logout_url,
|
|
||||||
'logout_link': logout_link,
|
template = 'cas_account/messages/logged_out.txt'
|
||||||
}
|
context = {
|
||||||
)
|
'logout_url': logout_url,
|
||||||
|
'logout_link': logout_link,
|
||||||
|
}
|
||||||
|
|
||||||
|
message = mark_safe(render_to_string(template, context).strip())
|
||||||
|
|
||||||
|
messages.add_message(request, level, message)
|
||||||
|
|
|
@ -29,8 +29,9 @@ def client_cas_login(client):
|
||||||
|
|
||||||
class LogoutFlowTests(TestCase):
|
class LogoutFlowTests(TestCase):
|
||||||
expected_msg_str = (
|
expected_msg_str = (
|
||||||
"To logout of CAS, please close your browser, or visit this <a "
|
"To logout of CAS, please close your browser, or visit this "
|
||||||
"href=\"/accounts/theid/logout/?next=%2F\">link</a>."
|
"<a href=\"/accounts/theid/logout/?next=%2Faccounts%2Flogout%2F\">"
|
||||||
|
"link</a>."
|
||||||
)
|
)
|
||||||
|
|
||||||
def setUp(self):
|
def setUp(self):
|
||||||
|
|
Loading…
Reference in a new issue