diff --git a/django/sp_sso/invite/urls.py b/django/sp_sso/invite/urls.py
index 133077f..21415ad 100644
--- a/django/sp_sso/invite/urls.py
+++ b/django/sp_sso/invite/urls.py
@@ -2,8 +2,9 @@ from django.conf.urls import url
from . import views
from saml.decorators import user_in_ldap
+from django.contrib.auth.decorators import login_required
urlpatterns = [
- url(r'^$', user_in_ldap(views.InvitationFormView.as_view()), name='invitation'),
+ url(r'^$', login_required(user_in_ldap(views.InvitationFormView.as_view())), name='invitation'),
url(r'^sent/$', views.invitation_sent , name='sent'),
]
diff --git a/django/sp_sso/saml/decorators.py b/django/sp_sso/saml/decorators.py
index ccf03f3..6baaed4 100644
--- a/django/sp_sso/saml/decorators.py
+++ b/django/sp_sso/saml/decorators.py
@@ -42,7 +42,7 @@ def user_in_ldap(function):
request.session['host_type'] = 'member'
else:
request.session['host_type'] = 'affiliate'
- return redirect(reverse('auth_login') + "?next=/invite/")
+ return redirect(reverse('auth_login') + "?next="+request.path)
user_data = saml_collect_data(request)
if not ldap_contains_user(user_data):
logger.info(u'user not registered error for request %s' % request)
@@ -61,7 +61,7 @@ def user_can_declare(function):
"""
def wrapped(request, *args, **kwargs):
if not request.session.get('mellon_session'):
- return redirect(reverse('auth_login') + '?next=/declare/')
+ return redirect(reverse('auth_login') + '?next='+request.path)
user_data = saml_collect_data(request)
if ldap_contains_user(user_data):
diff --git a/django/sp_sso/saml/urls.py b/django/sp_sso/saml/urls.py
index 8b95358..0b97731 100644
--- a/django/sp_sso/saml/urls.py
+++ b/django/sp_sso/saml/urls.py
@@ -2,8 +2,10 @@ from django.conf.urls import url
from . import views
from .decorators import user_not_in_ldap
+from django.contrib.auth.decorators import login_required
urlpatterns = [
- url(r'^$', user_not_in_ldap(views.RegistrationFormView.as_view()), name='register'),
+ url(r'^$', login_required(user_not_in_ldap(views.RegistrationFormView.as_view())), name='register'),
+ #url(r'blank^$', user_not_in_ldap(views.RegistrationFormView.as_view()), name='blankregister'),
url(r'^wcs_post/$', views.wcs_post , name='wcs_post'),
]
diff --git a/django/sp_sso/sp_sso/settings.py b/django/sp_sso/sp_sso/settings.py
index de97df6..acd3dfb 100644
--- a/django/sp_sso/sp_sso/settings.py
+++ b/django/sp_sso/sp_sso/settings.py
@@ -69,7 +69,7 @@ AUTHENTICATION_BACKENDS = (
AUTH_USER_MODEL = 'saml.SupAnnUser'
-LOGIN_REDIRECT_URL = '/register/' #XXX how to handle login for multiple apps ?
+LOGIN_REDIRECT_URL = '/logged_in/'
LOGIN_URL = '/login/'
LOGOUT_URL = '/logout/'
@@ -98,7 +98,7 @@ MELLON_IDENTITY_PROVIDERS = [{
'METADATA_URL': 'http://idp-condorcet.dev.entrouvert.org/idp/saml2/metadata'
}]
-#MELLON_DISCOVERY_SERVICE_URL = "https://discovery.renater.fr/test"
+MELLON_DISCOVERY_SERVICE_URL = "https://discovery.renater.fr/test"
MELLON_PUBLIC_KEYS = ('''MIIC+TCCAeGgAwIBAgIJAPDzLp0rbCqRMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNV
BAMMCHdob2NhcmVzMB4XDTE3MDMwODE2MjYyNloXDTI3MDMwNjE2MjYyNlowEzER
diff --git a/django/sp_sso/sp_sso/urls.py b/django/sp_sso/sp_sso/urls.py
index b9f0ff1..6b6cb3a 100644
--- a/django/sp_sso/sp_sso/urls.py
+++ b/django/sp_sso/sp_sso/urls.py
@@ -2,16 +2,20 @@ from django.conf.urls import include, url
from django.contrib import admin
from . import views
-from saml.decorators import user_can_declare
+from saml.decorators import user_can_declare, user_not_in_ldap
+from saml import views as samlviews
+from django.contrib.auth.decorators import login_required
urlpatterns = [
url(r'^admin/', include(admin.site.urls)),
url(r'^register/', include('saml.urls')),
+ url(r'^blank/', user_not_in_ldap(samlviews.RegistrationFormView.as_view()), name="blankregister"),
url(r'^invite/', include('invite.urls'), name="invite"),
- url(r'^declare/$', user_can_declare(views.declare), name="declare"),
+ url(r'^declare/$', login_required(user_can_declare(views.declare)), name="declare"),
url(r'^declare/subscribed/$', views.subscribed, name='subscribed'),
url(r'^$', views.index),
url(r'^accounts/mellon/', include('mellon.urls')),
url(r'^logout/$', views.logout, name='auth_logout'),
url(r'^login/$', views.login, name='auth_login'),
+ url(r'^logged_in/', views.logged_in, name='auth_logged_in'),
]
diff --git a/django/sp_sso/sp_sso/views.py b/django/sp_sso/sp_sso/views.py
index 7d3aaef..08b5161 100644
--- a/django/sp_sso/sp_sso/views.py
+++ b/django/sp_sso/sp_sso/views.py
@@ -32,6 +32,7 @@ def login(request, *args, **kwargs):
if any(get_idps()):
if not 'next' in request.GET:
return HttpResponseRedirect(resolve_url('mellon_login'))
+ request.session['next_field'] = request.GET.get('next')
return HttpResponseRedirect(resolve_url('mellon_login') + '?next='
+ urllib.quote(request.GET.get('next')))
return auth_views.login(request, *args, **kwargs)
@@ -44,6 +45,10 @@ def logout(request, next_page=None):
next_page = '/login'
return HttpResponseRedirect(next_page)
+def logged_in(request, next_page=None):
+ callback = request.session.get('next_field', '/')
+ return HttpResponseRedirect(callback)
+
def subscribed(request):
"""Success view for the self-subscription process"""
logger.info(u'Processing request %s', request)
diff --git a/django/sp_sso/templates/index.html b/django/sp_sso/templates/index.html
index 7f3c6b6..6522fe0 100644
--- a/django/sp_sso/templates/index.html
+++ b/django/sp_sso/templates/index.html
@@ -16,10 +16,10 @@
{% trans "Your are moving in to the Campus" %}
{% trans "Register using your Campus institution account" %}
-{% trans "Send invites for people to declare their accounts" %}
+{% trans "Send invites for people to declare their accounts" %}
{% trans "You have been invited by a member of the Campus" %}
-{% trans "Register using your origin institution account" %}
-{% trans "Register using an empty form" %}
+{% trans "Register using your origin institution account" %}
+{% trans "Register using an empty form" %}
{% trans "You would like to invite somebody to the Campus" %}
{% trans "Send invites" %}