Commit aaadca15 authored by Valentin Samir's avatar Valentin Samir

Code factorisation in views.py

parent d4642852
...@@ -45,6 +45,7 @@ logger = logging.getLogger(__name__) ...@@ -45,6 +45,7 @@ logger = logging.getLogger(__name__)
class LogoutMixin(object): class LogoutMixin(object):
"""destroy CAS session utils""" """destroy CAS session utils"""
def logout(self, all_session=False): def logout(self, all_session=False):
""" """
effectively destroy a CAS session effectively destroy a CAS session
...@@ -63,43 +64,53 @@ class LogoutMixin(object): ...@@ -63,43 +64,53 @@ class LogoutMixin(object):
logger.info("Logging out user %s from all of they sessions." % username) logger.info("Logging out user %s from all of they sessions." % username)
else: else:
logger.info("Logging out user %s." % username) logger.info("Logging out user %s." % username)
# logout the user from the current session users = []
# try to get the user from the current session
try: try:
user = models.User.objects.get( users.append(
username=username, models.User.objects.get(
session_key=self.request.session.session_key username=username,
session_key=self.request.session.session_key
)
) )
# flush the session except models.User.DoesNotExist:
# if user not found in database, flush the session anyway
self.request.session.flush() self.request.session.flush()
# If all_session is set, search all of the user sessions
if all_session:
users.extend(models.User.objects.filter(username=username))
# Iterate over all user sessions that have to be logged out
for user in users:
# get the user session
session = SessionStore(session_key=user.session_key)
# flush the session
session.flush()
# send SLO requests # send SLO requests
user.logout(self.request) user.logout(self.request)
# delete the user # delete the user
user.delete() user.delete()
# increment the destroyed session counter # increment the destroyed session counter
session_nb += 1 session_nb += 1
except models.User.DoesNotExist:
# if user not found in database, flush the session anyway
self.request.session.flush()
# If all_session is set logout user from alternative sessions
if all_session:
# Iterate over all user sessions
for user in models.User.objects.filter(username=username):
# get the user session
session = SessionStore(session_key=user.session_key)
# flush the session
session.flush()
# send SLO requests
user.logout(self.request)
# delete the user
user.delete()
# increment the destroyed session counter
session_nb += 1
if username: if username:
logger.info("User %s logged out" % username) logger.info("User %s logged out" % username)
return session_nb return session_nb
class CsrfExemptView(View):
"""base class for csrf exempt class views"""
@method_decorator(csrf_exempt) # csrf is disabled for allowing SLO requests reception
def dispatch(self, request, *args, **kwargs):
"""
dispatch different http request to the methods of the same name
:param django.http.HttpRequest request: The current request object
"""
return super(CsrfExemptView, self).dispatch(request, *args, **kwargs)
class LogoutView(View, LogoutMixin): class LogoutView(View, LogoutMixin):
"""destroy CAS session (logout) view""" """destroy CAS session (logout) view"""
...@@ -210,17 +221,12 @@ class LogoutView(View, LogoutMixin): ...@@ -210,17 +221,12 @@ class LogoutView(View, LogoutMixin):
) )
class FederateAuth(View): class FederateAuth(CsrfExemptView):
"""view to authenticated user agains a backend CAS then CAS_FEDERATE is True""" """
view to authenticated user agains a backend CAS then CAS_FEDERATE is True
@method_decorator(csrf_exempt) # csrf is disabled for allowing SLO requests reception
def dispatch(self, request, *args, **kwargs):
"""
dispatch different http request to the methods of the same name
:param django.http.HttpRequest request: The current request object csrf is disabled for allowing SLO requests reception.
""" """
return super(FederateAuth, self).dispatch(request, *args, **kwargs)
def get_cas_client(self, request, provider, renew=False): def get_cas_client(self, request, provider, renew=False):
""" """
...@@ -923,18 +929,13 @@ class LoginView(View, LogoutMixin): ...@@ -923,18 +929,13 @@ class LoginView(View, LogoutMixin):
return self.not_authenticated() return self.not_authenticated()
class Auth(View): class Auth(CsrfExemptView):
"""A simple view to validate username/password/service tuple""" """
# csrf is disable as it is intended to be used by programs. Security is assured by a shared A simple view to validate username/password/service tuple
# secret between the programs dans django-cas-server.
@method_decorator(csrf_exempt)
def dispatch(self, request, *args, **kwargs):
"""
dispatch requests based on method GET, POST, ...
:param django.http.HttpRequest request: The current request object csrf is disable as it is intended to be used by programs. Security is assured by a shared
""" secret between the programs dans django-cas-server.
return super(Auth, self).dispatch(request, *args, **kwargs) """
@staticmethod @staticmethod
def post(request): def post(request):
...@@ -1041,8 +1042,9 @@ class Validate(View): ...@@ -1041,8 +1042,9 @@ class Validate(View):
@python_2_unicode_compatible @python_2_unicode_compatible
class ValidateError(Exception): class ValidationBaseError(Exception):
"""handle service validation error""" """Base class for both saml and cas validation error"""
#: The error code #: The error code
code = None code = None
#: The error message #: The error message
...@@ -1064,12 +1066,23 @@ class ValidateError(Exception): ...@@ -1064,12 +1066,23 @@ class ValidateError(Exception):
:return: the rendered ``cas_server/serviceValidateError.xml`` template :return: the rendered ``cas_server/serviceValidateError.xml`` template
:rtype: django.http.HttpResponse :rtype: django.http.HttpResponse
""" """
return render( return render(request, self.template, self.contex(), content_type="text/xml; charset=utf-8")
request,
"cas_server/serviceValidateError.xml",
{'code': self.code, 'msg': self.msg}, class ValidateError(ValidationBaseError):
content_type="text/xml; charset=utf-8" """handle service validation error"""
)
#: template to be render for the error
template = "cas_server/serviceValidateError.xml"
def context(self):
"""
content to use to render :attr:`template`
:return: A dictionary to contextualize :attr:`template`
:rtype: dict
"""
return {'code': self.code, 'msg': self.msg}
class ValidateService(View): class ValidateService(View):
...@@ -1333,59 +1346,32 @@ class Proxy(View): ...@@ -1333,59 +1346,32 @@ class Proxy(View):
) )
@python_2_unicode_compatible class SamlValidateError(ValidationBaseError):
class SamlValidateError(Exception):
"""handle saml validation error""" """handle saml validation error"""
#: The error code
code = None
#: The error message
msg = None
def __init__(self, code, msg=""):
self.code = code
self.msg = msg
super(SamlValidateError, self).__init__(code)
def __str__(self): #: template to be render for the error
return u"%s" % self.msg template = "cas_server/samlValidateError.xml"
def render(self, request): def context(self):
""" """
render the error template for the exception :return: A dictionary to contextualize :attr:`template`
:rtype: dict
:param django.http.HttpRequest request: The current request object:
:return: the rendered ``cas_server/samlValidateError.xml`` template
:rtype: django.http.HttpResponse
""" """
return render( return {
request, 'code': self.code,
"cas_server/samlValidateError.xml", 'msg': self.msg,
{ 'IssueInstant': timezone.now().isoformat(),
'code': self.code, 'ResponseID': utils.gen_saml_id()
'msg': self.msg, }
'IssueInstant': timezone.now().isoformat(),
'ResponseID': utils.gen_saml_id()
},
content_type="text/xml; charset=utf-8"
)
class SamlValidate(View): class SamlValidate(CsrfExemptView):
"""SAML ticket validation""" """SAML ticket validation"""
request = None request = None
target = None target = None
ticket = None ticket = None
root = None root = None
@method_decorator(csrf_exempt)
def dispatch(self, request, *args, **kwargs):
"""
dispatch requests based on method GET, POST, ...
:param django.http.HttpRequest request: The current request object
"""
return super(SamlValidate, self).dispatch(request, *args, **kwargs)
def post(self, request): def post(self, request):
""" """
methode called on POST request on this view methode called on POST request on this view
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment