Authentification system; outsider login does not crash

2020-10-17 21:31:55 +02:00 · 2020-10-17 21:31:55 +02:00 · 9c0b7a66fa
parent 8843c07a6a
commit 9c0b7a66fa
17 changed files with 203 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
@ -64,3 +64,6 @@ venv
 # Project specific
 db.sqlite3
 public/
+
+# Vim recover files
+*~
--- a/gestiojeux/settings_base.py
+++ b/gestiojeux/settings_base.py
@ -27,6 +27,8 @@ INSTALLED_APPS = [
    "django.contrib.staticfiles",
    "mainsite",
    "inventory",
+    "django_cas_ng",
+    "gestiojeux_auth",
 ]

 MIDDLEWARE = [
--- a/gestiojeux/urls.py
+++ b/gestiojeux/urls.py
@ -21,7 +21,9 @@ from django.conf.urls.static import static
 urlpatterns = [
    path("admin/", admin.site.urls),
    path("inventory/", include("inventory.urls")),
+    path("accounts/", include("gestiojeux_auth.urls")),
    path("", include("mainsite.urls")),
+
 ]

 if settings.DEBUG:
--- a/gestiojeux_auth/init.py
+++ b/gestiojeux_auth/init.py
--- a/gestiojeux_auth/admin.py
+++ b/gestiojeux_auth/admin.py
@ -0,0 +1,3 @@
+from django.contrib import admin
+
+# Register your models here.
--- a/gestiojeux_auth/apps.py
+++ b/gestiojeux_auth/apps.py
@ -0,0 +1,9 @@
+from django.apps import AppConfig
+
+
+class GestiojeuxAuthConfig(AppConfig):
+    name = 'gestiojeux_auth'
+
+    def ready(self):
+        from . import signals
+
--- a/gestiojeux_auth/cas_backend.py
+++ b/gestiojeux_auth/cas_backend.py
@ -0,0 +1,15 @@
+from django_cas_ng.backends import CASBackend
+from .models import CasUser
+
+
+class GestioJeuxCASBackend(CASBackend):
+    # Copied from the BOcal project
+    # Partly from Robin Champenois's "ExperiENS". Thanks!
+    def clean_username(self, username):
+        return username.lower().strip()
+
+    def configure_user(self, user):
+        casUser = CasUser(user=user)
+        casUser.save()
+        return user
+
--- a/gestiojeux_auth/migrations/init.py
+++ b/gestiojeux_auth/migrations/init.py
--- a/gestiojeux_auth/models.py
+++ b/gestiojeux_auth/models.py
@ -0,0 +1,11 @@
+from django.db import models
+from django.contrib.auth.models import User
+
+
+class CasUser(models.Model):
+    ''' Describes a Django user that was created through CAS '''
+
+    user = models.OneToOneField(
+        User,
+        on_delete=models.CASCADE,
+        primary_key=True)
--- a/gestiojeux_auth/tests.py
+++ b/gestiojeux_auth/tests.py
@ -0,0 +1,3 @@
+from django.test import TestCase
+
+# Create your tests here.
--- a/gestiojeux_auth/urls.py
+++ b/gestiojeux_auth/urls.py
@ -0,0 +1,27 @@
+from django.urls import include, path
+import django.contrib.auth.views as dj_auth_views
+from .views import login, logout 
+import django_cas_ng.views
+
+app_name = "gestiojeux_auth"
+
+cas_patterns = [
+    path("login/", django_cas_ng.views.LoginView.as_view(), name="cas_ng_login"),
+    path("logout/", django_cas_ng.views.LogoutView.as_view(), name="cas_ng_logout"),
+    path(
+        "callback/",
+        django_cas_ng.views.CallbackView.as_view(),
+        name="cas_ng_proxy_callback",
+    ),
+]
+
+accounts_patterns = [
+    path("cas/", include(cas_patterns)),
+    path("login/", login, name="login"),
+    path("logout/", logout, name="logout"),
+    path("password_login/", dj_auth_views.LoginView.as_view(), name="password_login"),
+]
+
+urlpatterns = [
+        path("", include(accounts_patterns)),
+]
--- a/gestiojeux_auth/views.py
+++ b/gestiojeux_auth/views.py
@ -0,0 +1,43 @@
+from django.shortcuts import render, redirect
+from django.urls import reverse
+from django.contrib.auth import logout as auth_logout
+from django.contrib.auth.decorators import login_required
+
+from urllib.parse import quote as urlquote
+
+
+def login(req):
+    if req.user.is_authenticated:
+        return redirect("mainsite:home")
+
+    if req.method == "GET":
+        reqDict = req.GET
+    elif req.method == "POST":
+        reqDict = req.POST
+    if "next" in reqDict:
+        nextUrl = reqDict["next"]
+        context = {
+            "pass_url": "{}?next={}".format(
+                reverse("gestiojeux_auth:password_login"), urlquote(nextUrl, safe="")
+            ),
+            "cas_url": "{}?next={}".format(
+                reverse("gestiojeux_auth:cas_ng_login"), urlquote(nextUrl, safe="")
+            ),
+        }
+    else:
+        context = {
+            "pass_url": reverse("gestiojeux_auth:password_login"),
+            "cas_url": reverse("gestiojeux_auth:cas_ng_login"),
+        }
+
+    return render(req, "registration/login_switch.html", context=context)
+
+
+@login_required
+def logout(req):
+    CAS_BACKEND_NAME = "django_cas_ng.backends.CASBackend"
+    if req.session["_auth_user_backend"] != CAS_BACKEND_NAME:
+        auth_logout(req)
+        return redirect("mainsite:home")
+    return redirect("gestiojeux_auth:cas_ng_logout")
+
--- a/mainsite/templates/mainsite/login.html
+++ b/mainsite/templates/mainsite/login.html
@ -0,0 +1,11 @@
+{% extends "base.html" %}
+
+{% block content %}
+<a href="{{ cas_url }}">
+  <button class="login-btn">Clipper</button>
+</a>
+<a href="{{ pass_url }}">
+  <button class="login-btn">Mot de passe</button>
+</a>
+{% endblock content %}
+
--- a/mainsite/templates/partials/header.html
+++ b/mainsite/templates/partials/header.html
@ -10,7 +10,10 @@
    <a {% if url_name == "inventory" %}class="current"{% endif %} href="{% url "inventory:inventory" %}">Inventaire</a>
    <a {% if url_name == "suggestions" %}class="current"{% endif %} href="">Suggestions</a>
  </nav>
-  <a class="login" href="">Connexion</a>
+  {% if request.user.is_authenticated %}
+  <a class="logout" href="{% url "gestiojeux_auth:logout" %}?next=/">Déconnexion</a>
+  {% else %} <a class="login" href="{% url "gestiojeux_auth:login" %}?next={{ request.get_full_path }}">Connexion</a>
+  {% endif %}
  {# <a class="login" href="">Logout</a> #}
  {% endwith %}
 </header>
--- a/mainsite/templates/registration/login.html
+++ b/mainsite/templates/registration/login.html
@ -0,0 +1,36 @@
+{% extends "base.html" %}
+
+{% block "content" %}
+<div id="content-area">
+	{% if form.errors %}
+	<p>Login ou mot de passe incorrect</p>
+	{% endif %}
+
+	{% if next %}
+	{% if user.is_authenticated %}
+	<p>Accès non autorisé.</p>
+	{% else %}
+	<p>Merci de vous connecter.</p>
+	{% endif %}
+	{% endif %}
+
+	<form method="post" action="{% url "gestiojeux_auth:password_login" %}?next={{ next|urlencode }}">
+		{% csrf_token %}
+		<table>
+			<tr>
+				<td>{{ form.username.label_tag }}</td>
+				<td>{{ form.username }}</td>
+			</tr>
+			<tr>
+				<td>{{ form.password.label_tag }}</td>
+				<td>{{ form.password }}</td>
+			</tr>
+		</table>
+
+		<input type="submit" value="connexion" />
+		<input type="hidden" name="next" value="{{ next }}" />
+	</form>
+</div>
+
+{% endblock %}
+
--- a/mainsite/templates/registration/login_switch.html
+++ b/mainsite/templates/registration/login_switch.html
@ -0,0 +1,33 @@
+{% extends "base.html" %}
+
+{% block "content" %}
+<div id="main-login-container" class="container">
+    <div class="row row-centered">
+    <div class="col-xs-10 col-sm-8 col-md-8 col-centered">
+        <header>
+            <div class="banner">
+                <h1>GestioJeux &ndash; Mode de connexion</h1>
+            </div>
+        </header>
+        <div class="container-fluid">
+        <div class="row" style="margin:0;">
+            <a aria-label="Compte clipper"
+                    href="{{ cas_url }}">
+                <div class="col-xs-12 col-sm-6" id="login_clipper">
+                    Compte clipper
+                </div>
+            </a>
+            <a  aria-label="Extérieur" 
+                    href="{{ pass_url }}">
+                <div class="col-xs-12 col-sm-6" id="login_outsider">
+                    Extérieur
+                </div>
+            </a>
+        </div>
+        </div>
+    </div>
+    </div>
+</div>
+
+{% endblock %}
+
--- a/requirements.txt
+++ b/requirements.txt
@ -1,3 +1,4 @@
 Django
 django-autoslug
 Pillow
+django-cas-ng