gestioCOF/kfet/auth/views.py
Aurélien Delobelle e56200a569 kfet -- LoginGenericView directly disconnects users.
Since allauth is installed, users are not automatically logged out of CAS
when logging out GestioCOF.
This change simplifies the view and avoid being stuck because of
the redirect to the logout page, which happened via a GET request and so
prompting to confirm.
2018-10-21 17:09:12 +02:00

92 lines
3 KiB
Python

from django.contrib import messages
from django.contrib.auth import authenticate, login, logout
from django.contrib.auth.decorators import permission_required
from django.contrib.auth.models import Group, User
from django.contrib.messages.views import SuccessMessageMixin
from django.core.urlresolvers import reverse, reverse_lazy
from django.db.models import Prefetch
from django.shortcuts import redirect, render
from django.utils.translation import ugettext_lazy as _
from django.views.generic import View
from django.views.generic.edit import CreateView, UpdateView
from kfet.decorators import teamkfet_required
from .forms import GroupForm
from .models import GenericTeamToken
class GenericLoginView(View):
"""
View to authenticate as kfet generic user.
"""
def dispatch(self, request, *args, **kwargs):
return super().dispatch(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
"""
GET requests should not change server/client states. Prompt user for
confirmation.
"""
return render(
request,
"kfet/confirm_form.html",
{
"title": _("Ouvrir une session partagée"),
"text": _(
"Êtes-vous sûr·e de vouloir ouvrir une session " "partagée ?"
),
},
)
def post(self, request, *args, **kwargs):
# Issue token, used by GenericBackend.
token = GenericTeamToken.objects.create_token()
logout(self.request)
# Authenticate with GenericBackend. Should always return the kfet
# generic user.
user = authenticate(request=self.request, kfet_token=token.token)
if not user:
return redirect(self.request.get_full_path())
# Log in generic user.
login(self.request, user)
messages.success(self.request, _("K-Fêt — Ouverture d'une session partagée."))
return redirect(self.get_next_url())
def get_next_url(self):
return self.request.GET.get("next", reverse("kfet.kpsul"))
login_generic = teamkfet_required(GenericLoginView.as_view())
@permission_required("kfet.manage_perms")
def account_group(request):
user_pre = Prefetch(
"user_set", queryset=User.objects.select_related("profile__account_kfet")
)
groups = Group.objects.filter(name__icontains="K-Fêt").prefetch_related(
"permissions", user_pre
)
return render(request, "kfet/account_group.html", {"groups": groups})
class AccountGroupCreate(SuccessMessageMixin, CreateView):
model = Group
template_name = "kfet/account_group_form.html"
form_class = GroupForm
success_message = "Nouveau groupe : %(name)s"
success_url = reverse_lazy("kfet.account.group")
class AccountGroupUpdate(SuccessMessageMixin, UpdateView):
queryset = Group.objects.filter(name__icontains="K-Fêt")
template_name = "kfet/account_group_form.html"
form_class = GroupForm
success_message = "Groupe modifié : %(name)s"
success_url = reverse_lazy("kfet.account.group")