handle direct access to authentic backoffice
This commit is contained in:
parent
7a65a4298c
commit
aa527bfd17
|
@ -25,18 +25,26 @@ register = template.Library()
|
|||
|
||||
@register.filter
|
||||
def is_coming_for(request):
|
||||
try:
|
||||
authn_request = ET.fromstring(request.session['saml:authnRequest'])
|
||||
next_url = authn_request.findall(
|
||||
'{urn:oasis:names:tc:SAML:2.0:protocol}Extensions/{https://www.entrouvert.com/}next_url')[0].text
|
||||
except (KeyError, IndexError):
|
||||
return 'unknown'
|
||||
if not 'authnRequest' in request.session:
|
||||
# look at ?next parameter
|
||||
next_url = request.GET.get('next')
|
||||
else:
|
||||
try:
|
||||
authn_request = ET.fromstring(request.session['saml:authnRequest'])
|
||||
next_url = authn_request.findall(
|
||||
'{urn:oasis:names:tc:SAML:2.0:protocol}Extensions/{https://www.entrouvert.com/}next_url')[0].text
|
||||
except (KeyError, IndexError):
|
||||
return 'unknown'
|
||||
target_path = urlparse.urlparse(next_url).path
|
||||
for prefix in ('manage', 'admin', 'backoffice'):
|
||||
if target_path.startswith('/%s/' % prefix):
|
||||
return 'backoffice'
|
||||
|
||||
target_domain = urlparse.urlparse(next_url).netloc
|
||||
if not target_domain:
|
||||
# local authentic
|
||||
return 'frontoffice'
|
||||
|
||||
if 'agent' in target_domain:
|
||||
return 'backoffice'
|
||||
|
||||
|
|
Reference in New Issue