Ajout de l'authentification et d'une application bidon

parent 9a82f262
#!/usr/bin/env python
# -*- coding: utf-8 -*-
import django.shortcuts
from login import require_droits
@require_droits()
def my_view(request):
return django.shortcuts.render_to_response("bonjour.html", request.session)
#!/usr/bin/env python
# -*- coding: utf-8 -*-
#
# LOGIN.PY -- Gère l'interface d'authentification.
#
# Copyright (C) 2009 Antoine Durand-Gasselin
# Author: Antoine Durand-Gasselin <adg@crans.org>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import django.contrib.auth, settings
from django.utils.http import urlquote
from django.http import HttpResponse, HttpResponseRedirect
from django.shortcuts import render_to_response
def require_droits(droits=[]):
"""Appliquée à une liste de droits, définit un décorateur qui
vérifie que l'adhérent est loggé et dispose des droits suffisants."""
def require_crans_login(view_func):
def _wrapped_view(request, *args, **kwargs):
if request.session.get('adherent'):
if set(request.session.get('droits')).issuperset(set(droits)):
return view_func(request, *args, **kwargs)
else: return HttpResponseRedirect('403.html')
else:
path = urlquote(request.get_full_path())
return HttpResponseRedirect('/login?next=%s' % path)
return _wrapped_view
return require_crans_login
def prompt_login(request):
message = request.session.get('message') # Un message à afficher ?
request.session['message'] = None # On l'afffiche donc on le supprime.
nextpage = request.GET.get('next', request.POST.get('next', '/'))
return render_to_response('login.html', {'message' : message, 'np': nextpage})
def do_login(request):
login = request.POST.get('login')
password = request.POST.get('password')
next = request.POST.get('next', '/')
try:
adh = settings.db.search('uid=%s' % login)['adherent'][0]
except: adh = None
if adh and adh.checkPassword(password):
request.session['adherent'] = adh.Nom()
request.session['droits'] = adh.droits()
return HttpResponseRedirect(next)
else:
request.session['message'] = u'Login ou mot de passe incorrect'
return HttpResponseRedirect('/login?next=%s' % next)
def do_logout(request):
django.contrib.auth.logout(request)
request.session['message'] = u'Votre session a été fermée'
return HttpResponseRedirect('/login')
.block {
width:220px;
padding: 20px;
background: LightBlue;
border-right: 2px solid DarkSlateGrey;
border-bottom: 2px solid DarkSlateGrey;
-moz-border-radius: 20px;
-webkit-border-radius: 20px;
margin:0 auto;
}
.form {
width: 260px;
padding: 0;
margin: 0 auto;
}
.liens {
text-align:right;
display:block;
clear: both;
}
.titre {
position: relative;
top: 50px
}
input{
float:left;
}
label {
display:block;
float:left;
width:80%;
clear:both;
}
textInputLabel {
width:150px;
}
h2 {
right: 40px;
margin: 0;
padding:0 0 0 0;
position: relative;
}
img {
position: relative;
bottom:60px;
right:50px;
float:left;
}
div#message {
background: #faa;
border-right: 1px DarkRed solid;
border-bottom:1px DarkRed solid;
-moz-border-radius: 10px;
-webkit-border-radius: 10px;
padding:5px;
text-align:center;
font-weight:bold;
margin:10px auto 10px auto;
clear:both;
}
/*<!-- footer -->*/
#mainFooter {
text-align:center;
color:gray;
font-size:small;
}
#mainFooter a {
color:gray;
margin:5px;
}
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta content="text/html; charset=utf-8" HTTP-EQUIV="Content-Type">
<title>.:: Cr@ns Intranet ::.</title>
</head>
<body>
<h1>Bienvenue sur Cr@nsIntranet</h1>
<p>
Bonjour {{ adherent }}, tu es authentifié.
</p>
<a href="/do_logout">Se déconnecter</a>
</body>
</html>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta content="text/html; charset=utf-8" HTTP-EQUIV="Content-Type">
<title>Cr@ns Intranet</title>
<link rel="stylesheet" type="text/css" href="/static/css/login.css"/>
</head>
<body>
<h1>Bienvenue sur Cr@nsIntranet</h1>
<div class="form">
<div class="titre">
<img src="/static/img/logo_crans.png" alt="Logo Cr@ns" height="98px"/>
<h2>Connexion</h2>
</div>
<div class="block">
{% if message %}
<div id="message">
{{ message }}
</div>
{% else %}
<div id="messageFantom"></div>
{% endif %}
<form method="post" action="do_login">
<label class="textInputLabel" for="login">Login :</label>
<input type="text" id="login" name="login" /><br />
<label class="textInputLabel" for="password">Password :</label>
<input type="password" id="password" name="password"/><br />
<input type="hidden" name="next" value="{{ np }}">
<div class="liens">
<input type="submit" value="Login" />
</div>
</form>
<div class="liens">
<a href="https://wiki.crans.org/CransPratique/J'aiPerduMonMotDePasse">J'ai oubli&eacute; mon mot de passe.</a>
</div>
</div>
</div>
<div id="mainFooter"><hr />
<h2 style="display:none;">Liens Cr@ns</h2>
<ul>
<li style="display:inline"><a href="http://www.crans.org/">Site du cr@ns</a></li>
<li style="display:inline"><a href="http://wiki.crans.org/">wiki</a><br /></li>
<li style="display:inline"><a href="http://wiki.crans.org/ContactsCrans">Contact Cr@ns</a><br /></li>
</ul>
<!-- #import cherrypy
#set bugMail = cherrypy.config.get("mail.bugreport", "nounous@crans.org")
<div id="topContentMessage" style="font-style:italic;text-align:center;">
<p>L'intranet est en version beta, aidez-nous &agrave;
l'am&eacute;liorer en nous envoyant vos remarques et en nous signalant tout
probl&egrave;me &agrave; <a href="mailto:$bugMail">$bugMail</a></p>
</div> -->
</div>
</body>
</html>
......@@ -2,12 +2,14 @@ from django.conf.urls.defaults import *
import settings
urlpatterns = patterns('',
# Example:
# (r'^intranet/', include('intranet.foo.urls')),
# Les pages existantes
('^$', 'intranet.apps.dummy.my_view'),
('^dummy', 'intranet.apps.dummy.my_view'),
# Uncomment the admin/doc line below and add 'django.contrib.admindocs'
# to INSTALLED_APPS to enable admin documentation:
# (r'^admin/doc/', include('django.contrib.admindocs.urls')),
# Pages de login
('^login', 'intranet.login.prompt_login'),
('^do_login', 'intranet.login.do_login'),
('^do_logout', 'intranet.login.do_logout'),
# Pour servir le static
(r'^static/(?P<path>.*)$', 'django.views.static.serve',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment