Commit graph

12 commits

Author SHA1 Message Date
Aurélien Delobelle
e56200a569 kfet -- LoginGenericView directly disconnects users.
Since allauth is installed, users are not automatically logged out of CAS
when logging out GestioCOF.
This change simplifies the view and avoid being stuck because of
the redirect to the logout page, which happened via a GET request and so
prompting to confirm.
2018-10-21 17:09:12 +02:00
Aurélien Delobelle
05eeb6a25c core -- Install django-allauth-ens
Refer to allauth doc for an accurate features list:
  http://django-allauth.readthedocs.io/en/latest/

Users can now change their password, ask for a password reset, or set
one if they don't have one.

In particular, it allows users whose account has been created via a
clipper authentication to configure a password before losing their
clipper. Even if they have already lost it, they are able to get one
using the "Reset password" functionality.

Allauth multiple emails management is deactivated. Requests to the
related url redirect to the home page.

All the login and logout views are replaced by the allauth' ones. It
also concerns the Django and Wagtail admin sites.

Note that users are no longer logged out of the clipper CAS server when
they authenticated via this server. Instead a message suggests the user
to disconnect.

Clipper connections and `login_clipper`
---------------------------------------

- Non-empty `login_clipper` are now unique among `CofProfile` instances.
- They are created once for users with a non-empty 'login_clipper' (with
the data migration 0014_create_clipper_connections).
- The `login_clipper` of CofProfile instances are sync with their
clipper connections:
    * `CofProfile.sync_clipper_connections` method updates the
connections based on `login_clipper`.
    * Signals receivers `sync_clipper…` update `login_clipper` based on
connections creations/updates/deletions.

Misc
----

- Add NullCharField (model field) which allows to use `unique=True` on
CharField (even with empty strings).
- Parts of kfet mixins for TestCase are now in shared.tests.testcase,
  as they are used elsewhere than in the kfet app.
2018-10-21 17:09:12 +02:00
Aurélien Delobelle
fdd2b35289 core -- Apply black + isort to all files 2018-10-06 13:15:33 +02:00
Martin Pépin
5a5b60ec4d Merge branch 'master' into Kerl/drop_py2_compat 2018-01-10 20:12:59 +01:00
Martin Pépin
475f1adec5 Remove "coding: utf8" line 2018-01-06 16:10:13 +01:00
Aurélien Delobelle
b0b0542407 Upgrade to Django 1.11
- Deprecation warnings using Django 1.8 are resolved.
- Deprecation warnings using Django 1.11 are resolved.

- Admin: grappelli is no longer used.
- Upgrade to django-autocomplete-light v3 (v2 is not 1.11 compatible).
  * autocomplete.modelform_factory being dropped, code uses dal Select2
    views and widgets.
2017-11-19 18:41:39 +01:00
Aurélien Delobelle
af3a7cf697 Reapply fix to kfetauth (…) and fix tests 2017-10-24 17:56:14 +02:00
Aurélien Delobelle
b42452080f Mass cleaning of kfet' authentication machinery
AccountBackend
- Should now work if used in AUTHENTICATION_BACKENDS settings.
- It does not retieve itself the password, as it should not be used
this way.

GenericBackend
- Delete useless 'username' arg of its 'authenticate()' method.
- Now delete the token in DB.

TemporaryAuthMiddleware
- New name of the middleware is more meaningful.
- Is now responsible to retrieve the password from the request, instead
of the AccountBackend.

GenericTeamToken model
- Add a manager' method to create token, avoiding possible error due to
unicity constraint.

GenericLoginView (authentication with the kfet generic user)
- Replace obscure system with a 100% HTTP handling.
- See comments for more information.

Misc
- More docstrings!
- More tests!
- Add some i18n.
- Add kfet/confirm_form.html template:
    Ask user to confirm sth via a form (which will send a POST request).
    Context variables:
        * title: the page title
        * confirm_url: action attribute for <form>
        * text: displayed confirmation text
- kfet.js : Add functions allowing to emit POST request from <a> tag.
- Non-link nav items from kfet navbar also get a 'title'.
- A utility has been found for the 'sunglasses' glyphicon!
2017-09-25 17:57:47 +02:00
Aurélien Delobelle
3fa7754ff4 KFet Backends inherit from BaseKFetBackend
Users who authenticate via a KFetBackend got extra select related.
It should save 2 db queries on each request for these users.
2017-09-23 20:48:28 +02:00
Aurélien Delobelle
e5d19811e8 Clean code related to kfet password 2017-09-22 23:31:46 +02:00
Aurélien Delobelle
1d19d1797c Clean setup/retrieve of kfet generic account 2017-09-22 01:24:44 +02:00
Aurélien Delobelle
bf61e41b50 Move auth-related from 'kfet' app to 'kfet.auth'. 2017-09-19 17:05:51 +02:00