Ignore:
Timestamp:
14/11/12 16:24:25 (7 years ago)
Author:
mnagni
Message:

Improved the encryption of the user data inside the returned auth_ticket.
Adds a FAKE_RESPONSE for developing purpose.

Location:
mauRepo/dj_security/trunk/dj_security
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • mauRepo/dj_security/trunk/dj_security

    • Property svn:ignore
      •  

        old new  
        11sqlite.db 
         2 
         3dev_settings.py 
  • mauRepo/dj_security/trunk/dj_security/views/dj_security_login.py

    r8678 r8680  
    44@author: mnagni 
    55''' 
    6 from django.contrib.auth import authenticate, login 
     6from django.contrib.auth import authenticate 
    77from django.shortcuts import render_to_response 
    88from dj_security.login_form import LoginForm 
     
    1010from django.conf import settings 
    1111import logging 
     12from json.encoder import JSONEncoder 
     13from dj_security.encoder import SecurityEncoder 
    1214 
    1315# Get an instance of a logger 
     
    2830            username = request.POST['username'] 
    2931            password = request.POST['password'] 
    30             user = authenticate(username=username, password=password)             
     32            user = authenticate(username=username, password=password)              
    3133            if user is not None: 
    32                 if user.is_active: 
    33                     login(request, user) 
    34                     redirect_parameter = getattr(settings, 'REDIRECT_URL', 'r') 
    35                     context['redirect_url'] = request.GET.get(redirect_parameter, '') 
    36                     return render_to_response('logged_in.html', context)             
     34                if user.is_active:                     
     35                    context['user'] = SecurityEncoder().encode(user) 
     36                    request.auth_user = context['user'] 
     37                    return _encodeAuthenticatedResponse(request, context)          
    3738                else: 
    3839                    # Return a 'disabled account' error message 
     
    4748            return error_handle(request, context) 
    4849    else: 
     50        if getattr(settings, "FAKE_AUTHENTICATION", False): 
     51            context['user'] = '{"username": "mnagni", ' 
     52            '"first_name": "Maurizio", "last_name": "Nagni", ' 
     53            '"is_active": true, "email": "maurizio.nagni@stfc.ac.uk", ' 
     54            '"is_superuser": false, "is_staff": true, ' 
     55            '"last_login": "2012-10-18 11:05:28.700139+00:00", ' 
     56            '"date_joined": "2012-03-22 14:20:56+00:00", "id": 29, ' 
     57            '"permissions": "auth.add_user,proginfo.add_dataproduct, ' 
     58            'proginfo.change_programme, cedainfoapp.delete_vmrequest"}' 
     59            return _encodeAuthenticatedResponse(request, context)   
     60         
    4961        # An unbound form 
    5062        form = LoginForm()  
     
    5264        context.update(csrf(request)) 
    5365        return render_to_response('login.html', context) 
     66     
     67def _encodeAuthenticatedResponse(request, context): 
     68    redirect_parameter = getattr(settings, 'REDIRECT_URL', 'r') 
     69    context['redirect_url'] = request.GET.get(redirect_parameter, '') 
     70    return render_to_response('logged_in.html', context) 
Note: See TracChangeset for help on using the changeset viewer.