change local/saml login configuration to work in multitenant environments

README

@@ -68,7 +68,8 @@ Default settings are loaded from settings.py, they can be overloaded by a
 local_settings.py file set in the same directory, or by a file referenced
 in the COMBO_SETTINGS_FILE environment variable.
 
-SAML authentication can be enabled by setting USE_MELLON = True, this requires
+SAML authentication can be enabled by adding 'mellon' to INSTALLED_APPS and
+'mellon.backends.SAMLBackend' to AUTHENTICATION_BACKENDS, this requires
 django-mellon to be installed, and further files and settings are required:
 
  - public and private keys (in cert.pem and key.cert in the current working

combo/public/views.py

@@ -16,6 +16,7 @@
 
 from django.conf import settings
 from django.contrib.auth import logout as auth_logout
+from django.contrib.auth import views as auth_views
 from django.core.exceptions import ObjectDoesNotExist, PermissionDenied
 from django.http import Http404, HttpResponse, HttpResponseRedirect
 from django.shortcuts import get_object_or_404, render, resolve_url
@@ -23,8 +24,16 @@ from django.template import RequestContext
 
 from combo.data.models import CellBase, Page
 
+
+def login(request, *args, **kwargs):
+    if 'mellon.backends.SAMLBackend' in settings.AUTHENTICATION_BACKENDS:
+        if not 'next' in request.GET:
+            return HttpResponseRedirect(resolve_url('mellon_login'))
+        return HttpResponseRedirect(resolve_url('mellon_login') + '?next=' + request.GET.get('next'))
+    return auth_views.login(request, *args, **kwargs)
+
 def logout(request, next_page=None):
-    if settings.USE_MELLON:
+    if 'mellon.backends.SAMLBackend' in settings.AUTHENTICATION_BACKENDS:
         return HttpResponseRedirect(resolve_url('mellon_logout'))
     auth_logout(request)
     if next_page is not None:

combo/settings.py

@@ -162,9 +162,9 @@ COMBO_PUBLIC_TEMPLATES = {
 }
 
 # Authentication settings
+LOGIN_URL = '/login/'
 LOGIN_REDIRECT_URL = '/'
-
-USE_MELLON = False
+LOGOUT_URL = '/logout/'
 
 MELLON_ATTRIBUTE_MAPPING = {
     'username': '{attributes[username][0]}',
@@ -186,9 +186,3 @@ local_settings_file = os.environ.get('COMBO_SETTINGS_FILE',
         os.path.join(os.path.dirname(__file__), 'local_settings.py'))
 if os.path.exists(local_settings_file):
     execfile(local_settings_file)
-
-if USE_MELLON:
-    INSTALLED_APPS += ('mellon', )
-    AUTHENTICATION_BACKENDS = ('mellon.backends.SAMLBackend', )
-    LOGIN_URL = 'mellon_login'
-    LOGOUT_URL = 'mellon_logout'

combo/urls.py

@@ -17,11 +17,10 @@
 from django.conf import settings
 from django.conf.urls import patterns, include, url
 from django.contrib import admin
-from django.contrib.auth import views as auth_views
 
 from .urls_utils import decorated_includes, manager_required
 
-from .public.views import logout
+from .public.views import login, logout
 from .manager.urls import urlpatterns as combo_manager_urls
 
 urlpatterns = patterns('',
@@ -29,8 +28,12 @@ urlpatterns = patterns('',
         include(combo_manager_urls))),
     url(r'^admin/', include(admin.site.urls)),
     url(r'^logout/$', logout, name='auth_logout'),
+    url(r'^login/$', login, name='auth_login'),
 )
 
+if 'mellon' in settings.INSTALLED_APPS:
+    urlpatterns += patterns('', url(r'^accounts/mellon/', include('mellon.urls')))
+
 # static and media files
 from django.contrib.staticfiles.urls import staticfiles_urlpatterns
 urlpatterns += staticfiles_urlpatterns()
@@ -38,14 +41,5 @@ urlpatterns += staticfiles_urlpatterns()
 from django.conf.urls.static import static
 urlpatterns += static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT)
 
-if 'mellon' in settings.INSTALLED_APPS:
-    urlpatterns += patterns('',
-        url(r'^accounts/mellon/', include('mellon.urls')),
-    )
-else:
-    urlpatterns += patterns('',
-        url(r'^accounts/login/$', auth_views.login),
-    )
-
 # other URLs are handled as public URLs
 urlpatterns += patterns('', url(r'', include('combo.public.urls')))