auth/authform.py: improved disacosiation for multi accounts
This commit is contained in:
parent
b0f1ed9838
commit
4061796d5e
|
@ -323,10 +323,15 @@ a password_field key if you want to encode a password.")
|
|||
# TODO: need to logout the first
|
||||
unique_id = env['beaker.session']['unique_id']
|
||||
qs = parse_qs(env['QUERY_STRING'])
|
||||
if not qs.has_key('id'):
|
||||
if not qs.has_key('id') and not unique_id:
|
||||
return _401('Access denied: beaker session invalid or not qs id')
|
||||
id = qs['id'][0]
|
||||
sp_user = backend.ManagerSPUser.get_by_id(id)
|
||||
if qs.has_key('id'):
|
||||
id = qs['id'][0]
|
||||
sp_user = backend.ManagerSPUser.get_by_id(id)
|
||||
else:
|
||||
service_provider = backend.ManagerServiceProvider.get(self.site_name)
|
||||
idp_user = backend.ManagerIDPUser.get(unique_id)
|
||||
sp_user = backend.ManagerSPUser.get_last_connected(idp_user, service_provider)
|
||||
if not sp_user:
|
||||
return _302(values.get('associate_url'))
|
||||
return self._login_sp_user(sp_user, env, 'response.code==302', values)
|
||||
|
@ -353,6 +358,9 @@ a password_field key if you want to encode a password.")
|
|||
sp_user = backend.ManagerSPUser.get_by_id(sp_id)
|
||||
if sp_user:
|
||||
backend.ManagerSPUser.delete(sp_user)
|
||||
if backend.ManagerSPUser.get_sp_users(unique_id, self.site_name):
|
||||
env['QUERY_STRING'] = ''
|
||||
return self.change_user(env, values, request, response)
|
||||
else:
|
||||
return _401('Access denied: bad id')
|
||||
elif qs.has_key('sp_name'):
|
||||
|
|
|
@ -25,7 +25,6 @@ from mandaye.response import _404, _502, _500
|
|||
from mandaye.db import sql_session
|
||||
|
||||
|
||||
|
||||
def get_response(env, request, url, cookiejar=None):
|
||||
""" request: Mandaye Request
|
||||
url: the target url
|
||||
|
|
Reference in New Issue