Commit b969de46 authored by Leonidas Poulopoulos's avatar Leonidas Poulopoulos

Moved peer lookup and user profile creation into custom user_login function

parent 398213bb
......@@ -27,6 +27,8 @@ from django.forms.models import model_to_dict
from flowspy.flowspec.forms import *
from flowspy.flowspec.models import *
from flowspy.peers.models import *
from registration.models import RegistrationProfile
from copy import deepcopy
......@@ -213,9 +215,9 @@ def user_login(request):
try:
error_username = False
error_orgname = False
error_affiliation = False
error_entitlement = False
error_mail = False
has_affiliation = False
has_entitlement = False
error = ''
username = request.META['HTTP_EPPN']
if not username:
......@@ -224,11 +226,11 @@ def user_login(request):
lastname = request.META['HTTP_SHIB_PERSON_SURNAME']
mail = request.META['HTTP_SHIB_INETORGPERSON_MAIL']
organization = request.META['HTTP_SHIB_HOMEORGANIZATION']
affiliation = request.META['HTTP_SHIB_EP_ENTITLEMENT']
if settings.SHIB_AUTH_AFFILIATION in affiliation.split(";"):
has_affiliation = True
if not has_affiliation:
error_affiliation = True
entitlement = request.META['HTTP_SHIB_EP_ENTITLEMENT']
if settings.SHIB_AUTH_ENTITLEMENT in entitlement.split(";"):
has_entitlement = True
if not has_entitlement:
error_entitlement = True
if not organization:
error_orgname = True
if not mail:
......@@ -237,11 +239,11 @@ def user_login(request):
error = "Your idP should release the HTTP_EPPN attribute towards this service<br>"
if error_orgname:
error = error + "Your idP should release the HTTP_SHIB_HOMEORGANIZATION attribute towards this service<br>"
if error_affiliation:
if error_entitlement:
error = error + "Your idP should release an appropriate HTTP_SHIB_EP_ENTITLEMENT attribute towards this service<br>"
if error_mail:
error = error + "Your idP should release the HTTP_SHIB_INETORGPERSON_MAIL attribute towards this service"
if error_username or error_orgname or error_affiliation or error_mail:
if error_username or error_orgname or error_entitlement or error_mail:
return render_to_response('error.html', {'error': error, "missing_attributes": True},
context_instance=RequestContext(request))
try:
......@@ -249,8 +251,14 @@ def user_login(request):
user_exists = True
except:
user_exists = False
user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail, organization=organization, affiliation=affiliation)
user = authenticate(username=username, firstname=firstname, lastname=lastname, mail=mail)
if user is not None:
try:
peer = Peer.objects.get(domain_name=organization)
up = UserProfile.objects.get_or_create(user=user,peer=peer)
except:
error = "Your organization's domain name does not match our peers' domain names<br>Please contact Helpdesk to resolve this issue"
return render_to_response('error.html', {'error': error})
if not user_exists:
user_activation_notify(user)
if user.is_active:
......@@ -286,7 +294,7 @@ def user_activation_notify(user):
send_new_mail(settings.EMAIL_SUBJECT_PREFIX + subject,
message, settings.SERVER_EMAIL,
get_peer_techc_mails(user), [])
@login_required
@never_cache
def add_rate_limit(request):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment