adapter: add an adapter framework to customize the username put into LTPA tokens
This commit is contained in:
parent
73c33d8c60
commit
fe05bc40d0
|
@ -0,0 +1,18 @@
|
|||
from django.utils.importlib import import_module
|
||||
from django.core.exceptions import ImproperlyConfigured
|
||||
|
||||
from . import app_settings
|
||||
|
||||
def get_adapter():
|
||||
module, cls = app_settings.ADAPTER
|
||||
try:
|
||||
module = import_module(module)
|
||||
cls = getattr(module, cls)
|
||||
except (ImportError, AttributeError):
|
||||
msg = 'LTPA user adapter not found: %r' % app_settings.ADAPTER
|
||||
raise ImproperlyConfigured(msg)
|
||||
return cls()
|
||||
|
||||
class UserAdapter(object):
|
||||
def get_username(self, request):
|
||||
return request.user.username
|
|
@ -5,6 +5,7 @@ class AppSettings(object):
|
|||
'COOKIE_NAME': 'domino',
|
||||
'COOKIE_DOMAIN': None,
|
||||
'COOKIE_HTTP_ONLY': True,
|
||||
'ADAPTER': 'authentic2_idp_ltpa.adapter.UserAdapter',
|
||||
}
|
||||
|
||||
def __init__(self, prefix):
|
||||
|
|
|
@ -4,7 +4,7 @@ from django.http import HttpResponseRedirect
|
|||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth import REDIRECT_FIELD_NAME
|
||||
|
||||
from . import app_settings, utils
|
||||
from . import app_settings, utils, adapter
|
||||
|
||||
@login_required
|
||||
def ltpa(request):
|
||||
|
@ -14,7 +14,8 @@ def ltpa(request):
|
|||
if app_settings.TOKEN_SECRET is None:
|
||||
raise ImproperlyConfigured('missing TOKEN_SECRET')
|
||||
secret = utils.decode_secret(app_settings.TOKEN_SECRET)
|
||||
token = utils.generate_domino_ltpa_token(request.user.username, secret)
|
||||
user = adapter.get_adapter().get_username(request)
|
||||
token = utils.generate_domino_ltpa_token(user, secret)
|
||||
domain = app_settings.COOKIE_DOMAIN or request.META['HTTP_HOST']
|
||||
response.set_cookie(app_settings.COOKIE_NAME, token, domain=domain,
|
||||
httponly=app_settings.COOKIE_HTTP_ONLY)
|
||||
|
|
Reference in New Issue