VladPolskiy/postgres-web
1
0
Fork 0
mirror of https://github.com/postgres/pgweb.git synced 2025-08-03 15:38:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update authentication to be django 2 compatible

Browse Source
This commit is contained in:
Magnus Hagander
2020-03-31 23:40:23 +02:00
parent 6d62619add
commit ccb1282531
3 changed files with 21 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
pgweb/account/views.py
View File

@ -229,11 +229,11 @@ def orglist(request):
def login(request): def login(request):
return authviews.login(request, template_name='account/login.html', return authviews.LoginView.as_view(template_name='account/login.html',
authentication_form=PgwebAuthenticationForm, authentication_form=PgwebAuthenticationForm,
extra_context={ extra_context={
'oauth_providers': [(k, v) for k, v in sorted(settings.OAUTH.items())], 'oauth_providers': [(k, v) for k, v in sorted(settings.OAUTH.items())],
}) })(request)
def logout(request): def logout(request):
@ -245,9 +245,8 @@ def changepwd(request):
return HttpServerError(request, "This account cannot change password as it's connected to a third party login site.") return HttpServerError(request, "This account cannot change password as it's connected to a third party login site.")
log.info("Initiating password change from {0}".format(get_client_ip(request))) log.info("Initiating password change from {0}".format(get_client_ip(request)))
return authviews.password_change(request, return authviews.PasswordChangeView.as_view(template_name='account/password_change.html',
template_name='account/password_change.html', success_url='/account/changepwd/done/')(request)
post_change_redirect='/account/changepwd/done/')
def resetpwd(request): def resetpwd(request):
@ -289,33 +288,31 @@ def resetpwd(request):
def change_done(request): def change_done(request):
log.info("Password change done from {0}".format(get_client_ip(request))) log.info("Password change done from {0}".format(get_client_ip(request)))
return authviews.password_change_done(request, template_name='account/password_change_done.html') return authviews.PasswordChangeDoneView.as_view(template_name='account/password_change_done.html')(request)
def reset_done(request): def reset_done(request):
log.info("Password reset done from {0}".format(get_client_ip(request))) log.info("Password reset done from {0}".format(get_client_ip(request)))
return authviews.password_reset_done(request, template_name='account/password_reset_done.html') return authviews.PasswordResetDoneView.as_view(template_name='account/password_reset_done.html')(request)
def reset_confirm(request, uidb64, token): def reset_confirm(request, uidb64, token):
log.info("Confirming password reset for uidb {0}, token {1} from {2}".format(uidb64, token, get_client_ip(request))) log.info("Confirming password reset for uidb {0}, token {1} from {2}".format(uidb64, token, get_client_ip(request)))
return authviews.password_reset_confirm(request, return authviews.PasswordResetConfirmView.as_view(template_name='account/password_reset_confirm.html',
uidb64=uidb64, success_url='/account/reset/complete/')(
token=token, request, uidb64=uidb64, token=token)
template_name='account/password_reset_confirm.html',
post_reset_redirect='/account/reset/complete/')
def reset_complete(request): def reset_complete(request):
log.info("Password reset completed for user from {0}".format(get_client_ip(request))) log.info("Password reset completed for user from {0}".format(get_client_ip(request)))
return authviews.password_reset_complete(request, template_name='account/password_reset_complete.html') return authviews.PasswordResetCompleteView.as_view(template_name='account/password_reset_complete.html')(request)
@script_sources('https://www.google.com/recaptcha/') @script_sources('https://www.google.com/recaptcha/')
@script_sources('https://www.gstatic.com/recaptcha/') @script_sources('https://www.gstatic.com/recaptcha/')
@frame_sources('https://www.google.com/') @frame_sources('https://www.google.com/')
def signup(request): def signup(request):
if request.user.is_authenticated(): if request.user.is_authenticated:
return HttpServerError(request, "You must log out before you can sign up for a new account") return HttpServerError(request, "You must log out before you can sign up for a new account")
if request.method == 'POST': if request.method == 'POST':
@ -488,22 +485,22 @@ def communityauth(request, siteid):
# a login form that has information about which site is being logged # a login form that has information about which site is being logged
# in to, and basic information about how the community login system # in to, and basic information about how the community login system
# works. # works.
if not request.user.is_authenticated(): if not request.user.is_authenticated:
if request.method == "POST" and 'next' in request.POST and 'this_is_the_login_form' in request.POST: if request.method == "POST" and 'next' in request.POST and 'this_is_the_login_form' in request.POST:
# This is a postback of the login form. So pick the next filed # This is a postback of the login form. So pick the next filed
# from that one, so we keep it across invalid password entries. # from that one, so we keep it across invalid password entries.
nexturl = request.POST['next'] nexturl = request.POST['next']
else: else:
nexturl = '/account/auth/%s/%s' % (siteid, urldata) nexturl = '/account/auth/%s/%s' % (siteid, urldata)
return authviews.login( return authviews.LoginView.as_view(
request, template_name='account/login.html', template_name='account/login.html',
authentication_form=PgwebAuthenticationForm, authentication_form=PgwebAuthenticationForm,
extra_context={ extra_context={
'sitename': site.name, 'sitename': site.name,
'next': nexturl, 'next': nexturl,
'oauth_providers': [(k, v) for k, v in sorted(settings.OAUTH.items())], 'oauth_providers': [(k, v) for k, v in sorted(settings.OAUTH.items())],
}, },
) )(request)
# When we reach this point, the user *has* already been authenticated. # When we reach this point, the user *has* already been authenticated.
# The request variable "su" *may* contain a suburl and should in that # The request variable "su" *may* contain a suburl and should in that
@ -569,7 +566,7 @@ def communityauth_logout(request, siteid):
# Get whatever site the user is trying to log in to. # Get whatever site the user is trying to log in to.
site = get_object_or_404(CommunityAuthSite, pk=siteid) site = get_object_or_404(CommunityAuthSite, pk=siteid)
if request.user.is_authenticated(): if request.user.is_authenticated:
django_logout(request) django_logout(request)
# Redirect user back to the specified suburl # Redirect user back to the specified suburl

2
pgweb/util/auth.py
View File

@ -5,7 +5,7 @@ from django.contrib.auth.backends import ModelBackend
# Special version of the authentication backend, so we can handle things like # Special version of the authentication backend, so we can handle things like
# forced lowercasing of usernames. # forced lowercasing of usernames.
class AuthBackend(ModelBackend): class AuthBackend(ModelBackend):
def authenticate(self, username=None, password=None): def authenticate(self, request, username=None, password=None):
try: try:
# We don't allow @ signs in usernames (see accounts/forms.py), so if there is one # We don't allow @ signs in usernames (see accounts/forms.py), so if there is one
# specified then the user is clearly trying to log in with an email address, # specified then the user is clearly trying to log in with an email address,

2
tools/communityauth/sample/django/auth.py
View File

@ -72,7 +72,7 @@ def login(request):
# Handle logout requests by logging out of this site and then # Handle logout requests by logging out of this site and then
# redirecting to log out from the main site as well. # redirecting to log out from the main site as well.
def logout(request): def logout(request):
if request.user.is_authenticated(): if request.user.is_authenticated:
django_logout(request) django_logout(request)
return HttpResponseRedirect("%slogout/" % settings.PGAUTH_REDIRECT) return HttpResponseRedirect("%slogout/" % settings.PGAUTH_REDIRECT)