105 lines
4.1 KiB
Python
105 lines
4.1 KiB
Python
import logging
|
|
|
|
from django.utils.translation import ugettext as _
|
|
from django.template.loader import render_to_string
|
|
from django.template import RequestContext
|
|
from django.contrib.auth import authenticate, login
|
|
from django.contrib import messages
|
|
from django.core.urlresolvers import reverse
|
|
from django.http import HttpResponseRedirect
|
|
|
|
from authentic2.auth2_auth.auth2_ssl import models
|
|
from authentic2.utils import continue_to_next_url, redirect, redirect_to_login
|
|
|
|
from authentic2.registration_backend.views import valid_token, RegistrationCompletionView
|
|
|
|
from .backends import BeIDBackend
|
|
from .util import SSLInfo, get_x509_url, get_user_names
|
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
def handle_authentication(request, *args, **kwargs):
|
|
ssl_info = SSLInfo(request)
|
|
logger.debug('received SSL info: %s', ssl_info)
|
|
if not request.user.is_authenticated():
|
|
user = authenticate(ssl_info=ssl_info)
|
|
logger.debug('got user: %s', user)
|
|
if user:
|
|
login(request, user)
|
|
else:
|
|
messages.error(request, _('Authentication with your BeID card failed.'
|
|
'Please make sure your eID card is linked to your account and is plugged in.'
|
|
))
|
|
return redirect_to_login(request)
|
|
|
|
return continue_to_next_url(request)
|
|
|
|
|
|
def add_beid(request):
|
|
if request.user.is_authenticated:
|
|
ssl_info = SSLInfo(request)
|
|
if BeIDBackend().link_user(ssl_info, request.user):
|
|
logger.info('Successful linking of the SSL '
|
|
'certificate to an account')
|
|
messages.info(request, _('BeID card successfully linked to your account'))
|
|
else:
|
|
logger.error('eid linking failed')
|
|
messages.error(request, _('BeID linking failed. Internal server error.'))
|
|
|
|
return redirect(request, 'account_management',
|
|
fragment='a2-beid-certificate-profile')
|
|
|
|
|
|
def profile(request, template_name='beid/profile.html', *args, **kwargs):
|
|
context_instance = kwargs.pop('context_instance', None) or \
|
|
RequestContext(request)
|
|
certificates = models.ClientCertificate.objects.filter(user=request.user)
|
|
ctx = {'certificates': certificates}
|
|
return render_to_string(template_name, ctx,
|
|
context_instance=context_instance)
|
|
|
|
def delete_beid(request, certificate_pk):
|
|
try:
|
|
beid = models.ClientCertificate.objects.get(pk=certificate_pk)
|
|
beid.delete()
|
|
logger.info('client certificate %s deleted', beid)
|
|
messages.info(request, _('Your BeID card informations are successfully deleted'))
|
|
except models.ClientCertificate.DoesNotExist:
|
|
logger.info('no client certificate %s', certificate_pk)
|
|
messages.error(request, _('No BeID card associated to this account'))
|
|
return redirect(request, 'account_management',
|
|
fragment='a2-beid-certificate-profile')
|
|
|
|
def x509(request, registration_token):
|
|
ssl_info = SSLInfo(request)
|
|
if ssl_info.get('subject_dn'):
|
|
request.session['ssl_info'] = ssl_info.__dict__
|
|
return redirect(request, 'beid_registration_activate',
|
|
kwargs={'registration_token': registration_token})
|
|
|
|
def beid_activate(request, registration_token):
|
|
return HttpResponseRedirect(get_x509_url(request) + reverse('x509',
|
|
kwargs={'registration_token': registration_token}))
|
|
|
|
|
|
|
|
class BeIDRegistrationCompletionView(RegistrationCompletionView):
|
|
|
|
def get_form_kwargs(self, **kwargs):
|
|
kw = super(BeIDRegistrationCompletionView, self).get_form_kwargs(**kwargs)
|
|
# get first and last names from certificate and fill the form
|
|
if self.request.session.get('ssl_info'):
|
|
f_name, l_name = get_user_names(self.request.session['ssl_info'])
|
|
kw['initial'].update({'first_name': f_name, 'last_name': l_name})
|
|
return kw
|
|
|
|
def form_valid(self, form):
|
|
ret = super(BeIDRegistrationCompletionView, self).form_valid(form)
|
|
cert = models.ClientCertificate(user=self.object)
|
|
cert.__dict__.update(self.request.session['ssl_info'])
|
|
cert.save()
|
|
return ret
|
|
|
|
registration_completion = valid_token(BeIDRegistrationCompletionView.as_view())
|