source: asadb/mit/__init__.py @ 1c68fbb

fysm-4-1space-accessstablestagetest-hooks
Last change on this file since 1c68fbb was 1c68fbb, checked in by Alex Dehnert <adehnert@…>, 16 years ago

localhost check needs to use portless-HTTP_HOST

As a bonus, this gets around the problem that the Django dev server doesn't
set REQUEST_URI.
  • Property mode set to 100644
File size: 2.8 KB
Line 
1from django.contrib.auth.middleware import RemoteUserMiddleware
2from django.contrib.auth.backends import RemoteUserBackend
3from django.contrib.auth.views import login
4from django.contrib.auth import REDIRECT_FIELD_NAME
5from django.http import HttpResponseRedirect
6from django.contrib import auth
7from django.core.exceptions import ObjectDoesNotExist
8import settings
9
10def zephyr(msg, clas='remit', instance='log', rcpt='adehnert',):
11    import os
12    os.system("zwrite -d -c '%s' -i '%s' '%s' -m '%s'" % (clas, instance, rcpt, msg, ))
13
14class ScriptsRemoteUserMiddleware(RemoteUserMiddleware):
15    header = 'SSL_CLIENT_S_DN_Email'
16
17class ScriptsRemoteUserBackend(RemoteUserBackend):
18    def clean_username(self, username, ):
19        if '@' in username:
20            name, domain = username.split('@')
21            assert domain.upper() == 'MIT.EDU'
22            return name
23        else:
24            return username
25    def configure_user(self, user, ):
26        username = user.username
27        import ldap
28        con = ldap.open('ldap.mit.edu')
29        con.simple_bind_s("", "")
30        dn = "dc=mit,dc=edu"
31        fields = ['cn', 'sn', 'givenName', 'mail', ]
32        result = con.search_s('dc=mit,dc=edu', ldap.SCOPE_SUBTREE, 'uid=%s'%username, fields)
33        if len(result) == 1:
34            user.first_name = result[0][1]['givenName'][0]
35            user.last_name = result[0][1]['sn'][0]
36            user.email = result[0][1]['mail'][0]
37            try:
38                user.groups.add(auth.models.Group.objects.get(name='mit'))
39            except ObjectDoesNotExist:
40                print "Failed to retrieve mit group"
41            user.save()
42        try:
43            user.groups.add(auth.models.Group.objects.get(name='autocreated'))
44        except ObjectDoesNotExist:
45            print "Failed to retrieve autocreated group"
46        return user
47
48def scripts_login(request, **kwargs):
49    host = request.META['HTTP_HOST'].split(':')[0]
50    if host == 'localhost':
51        return login(request, **kwargs)
52    elif request.META['SERVER_PORT'] == '444':
53        if request.user.is_authenticated():
54            # They're already authenticated --- go ahead and redirect
55            if 'redirect_field_name' in kwargs:
56                redirect_field_name = kwargs['redirect_field_names']
57            else:
58                from django.contrib.auth import REDIRECT_FIELD_NAME
59                redirect_field_name = REDIRECT_FIELD_NAME
60            redirect_to = request.REQUEST.get(redirect_field_name, '')
61            if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
62                redirect_to = settings.LOGIN_REDIRECT_URL
63            return HttpResponseRedirect(redirect_to)
64        else:
65            return login(request, **kwargs)
66    else:
67        # Move to port 444
68        redirect_to = "https://%s:444%s" % (host, request.META['REQUEST_URI'], )
69        return HttpResponseRedirect(redirect_to)
Note: See TracBrowser for help on using the repository browser.