Commit dfb056eb authored by Georgios D. Tsoukalas's avatar Georgios D. Tsoukalas
Browse files

astakos: REDIRECT_ALLOWED_SCHEMES hidden setting

parent 7831a326
......@@ -192,3 +192,7 @@ API_CLIENT_URL = getattr(settings, 'ASTAKOS_API_CLIENT_URL',
KAMAKI_CONFIG_CLOUD_NAME = getattr(settings,
'ASTAKOS_KAMAKI_CONFIG_CLOUD_NAME',
None)
REDIRECT_ALLOWED_SCHEMES = getattr(settings,
'ASTAKOS_REDIRECT_ALLOWED_SCHEMES',
('pithos',))
......@@ -47,6 +47,7 @@ from astakos.im.functions import login as auth_login, logout
from astakos.im.views.decorators import cookie_fix
import astakos.im.messages as astakos_messages
from astakos.im.settings import REDIRECT_ALLOWED_SCHEMES
import logging
......@@ -69,7 +70,7 @@ def login(request):
if not next:
next = reverse('index')
if not restrict_next(next, allowed_schemes=('pithos',)):
if not restrict_next(next, allowed_schemes=REDIRECT_ALLOWED_SCHEMES):
return HttpResponseForbidden(_(
astakos_messages.NOT_ALLOWED_NEXT_PARAM))
force = request.GET.get('force', None)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment