forked from DGNum/gestioCOF
b42452080f
AccountBackend - Should now work if used in AUTHENTICATION_BACKENDS settings. - It does not retieve itself the password, as it should not be used this way. GenericBackend - Delete useless 'username' arg of its 'authenticate()' method. - Now delete the token in DB. TemporaryAuthMiddleware - New name of the middleware is more meaningful. - Is now responsible to retrieve the password from the request, instead of the AccountBackend. GenericTeamToken model - Add a manager' method to create token, avoiding possible error due to unicity constraint. GenericLoginView (authentication with the kfet generic user) - Replace obscure system with a 100% HTTP handling. - See comments for more information. Misc - More docstrings! - More tests! - Add some i18n. - Add kfet/confirm_form.html template: Ask user to confirm sth via a form (which will send a POST request). Context variables: * title: the page title * confirm_url: action attribute for <form> * text: displayed confirmation text - kfet.js : Add functions allowing to emit POST request from <a> tag. - Non-link nav items from kfet navbar also get a 'title'. - A utility has been found for the 'sunglasses' glyphicon!
40 lines
1.4 KiB
Python
40 lines
1.4 KiB
Python
from django.contrib import messages
|
|
from django.contrib.auth.signals import user_logged_in
|
|
from django.core.urlresolvers import reverse
|
|
from django.dispatch import receiver
|
|
from django.utils.safestring import mark_safe
|
|
from django.utils.translation import ugettext as _
|
|
|
|
from .utils import get_kfet_generic_user
|
|
|
|
|
|
@receiver(user_logged_in)
|
|
def suggest_auth_generic(sender, request, user, **kwargs):
|
|
"""
|
|
Suggest logged in user to continue as the kfet generic user.
|
|
|
|
Message is only added if the following conditions are met:
|
|
- the next page (where user is going to be redirected due to successful
|
|
authentication) is related to kfet, i.e. 'k-fet' is in its url.
|
|
- logged in user is a kfet staff member (except the generic user).
|
|
"""
|
|
# Filter against the next page.
|
|
if not(hasattr(request, 'GET') and 'next' in request.GET):
|
|
return
|
|
|
|
next_page = request.GET['next']
|
|
generic_url = reverse('kfet.login.generic')
|
|
|
|
if not('k-fet' in next_page and not next_page.startswith(generic_url)):
|
|
return
|
|
|
|
# Filter against the logged in user.
|
|
if not(user.has_perm('kfet.is_team') and user != get_kfet_generic_user()):
|
|
return
|
|
|
|
# Seems legit to add message.
|
|
text = _("K-Fêt — Ouvrir une session partagée ?")
|
|
messages.info(request, mark_safe(
|
|
'<a href="#" data-url="{}" onclick="submit_url(this)">{}</a>'
|
|
.format(generic_url, text)
|
|
))
|