kallithea Changeset - b98f4431671c

Changeset - b98f4431671c

Parent rev.

Child rev.

[Not reviewed]

stable

0 2 0

Mads Kiilerich - 10 years ago 2015-09-20 22:22:50
madski@unity3d.com

login: inline _redirect_to_origin

Refactor to simplify code and make next changes simpler.

Let the controller handle came_from early and more explicit, thus simplifying
the redirect flow.

2 files changed with 8 insertions and 11 deletions:

kallithea/controllers/login.py

kallithea/templates/login.html

0 comments (0 inline, 0 general)

kallithea/controllers/login.py

➞

Show inline comments

@@ @@ -53,94 +53,91 @@ log = logging.getLogger(__name__) @@
 class LoginController(BaseController):
     def __before__(self):
         super(LoginController, self).__before__()
     def _validate_came_from(self, came_from):
         """Return True if came_from is valid and can and should be used"""
         if not came_from:
             return False
         parsed = urlparse.urlparse(came_from)
         server_parsed = urlparse.urlparse(url.current())
         allowed_schemes = ['http', 'https']
         if parsed.scheme and parsed.scheme not in allowed_schemes:
             log.error('Suspicious URL scheme detected %s for url %s',
                      parsed.scheme, parsed)
             return False
         if server_parsed.netloc != parsed.netloc:
             log.error('Suspicious NETLOC detected %s for url %s server url '
                       'is: %s' % (parsed.netloc, parsed, server_parsed))
             return False
         return True
     def _redirect_to_origin(self, origin):
         '''redirect to the original page, preserving any get arguments given'''
         request.GET.pop('came_from', None)
         raise HTTPFound(location=url(origin, **request.GET))
     def index(self):
         c.came_from = safe_str(request.GET.get('came_from', ''))
         if not self._validate_came_from(c.came_from):
             c.came_from = url('home')
         c.came_from = safe_str(request.GET.pop('came_from', ''))
         if self._validate_came_from(c.came_from):
             came_from = url(c.came_from, **request.GET)
         else:
             c.came_from = came_from = url('home')
         not_default = self.authuser.username != User.DEFAULT_USER
         ip_allowed = AuthUser.check_ip_allowed(self.authuser, self.ip_addr)
         # redirect if already logged in
         if self.authuser.is_authenticated and not_default and ip_allowed:
-            return self._redirect_to_origin(c.came_from)
+            raise HTTPFound(location=came_from)
         if request.POST:
             # import Login Form validator class
             login_form = LoginForm()
             try:
                 c.form_result = login_form.to_python(dict(request.POST))
                 # form checks for username/password, now we're authenticated
                 username = c.form_result['username']
                 user = User.get_by_username(username, case_insensitive=True)
             except formencode.Invalid as errors:
                 defaults = errors.value
                 # remove password from filling in form again
                 del defaults['password']
                 return htmlfill.render(
                     render('/login.html'),
                     defaults=errors.value,
                     errors=errors.error_dict or {},
                     prefix_error=False,
                     encoding="UTF-8",
                     force_defaults=False)
             except UserCreationError as e:
                 # container auth or other auth functions that create users on
                 # the fly can throw this exception signaling that there's issue
                 # with user creation, explanation should be provided in
                 # Exception itself
                 h.flash(e, 'error')
             else:
                 log_in_user(user, c.form_result['remember'],
                     is_external_auth=False)
-                return self._redirect_to_origin(c.came_from)
+                raise HTTPFound(location=came_from)
         return render('/login.html')
     @HasPermissionAnyDecorator('hg.admin', 'hg.register.auto_activate',
                                'hg.register.manual_activate')
     def register(self):
         c.auto_active = 'hg.register.auto_activate' in User.get_default_user()\
             .AuthUser.permissions['global']
         settings = Setting.get_app_settings()
         captcha_private_key = settings.get('captcha_private_key')
         c.captcha_active = bool(captcha_private_key)
         c.captcha_public_key = settings.get('captcha_public_key')
         if request.POST:
             register_form = RegisterForm()()
             try:
                 form_result = register_form.to_python(dict(request.POST))
                 form_result['active'] = c.auto_active
                 if c.captcha_active:
                     from kallithea.lib.recaptcha import submit
                     response = submit(request.POST.get('recaptcha_challenge_field'),
                                       request.POST.get('recaptcha_response_field'),

kallithea/templates/login.html

➞

Show inline comments

 ## -*- coding: utf-8 -*-
 <%inherit file="base/root.html"/>
 <%block name="title">
     ${_('Log In')}
 </%block>
 <div id="login" class="panel panel-default">
     <%include file="/base/flash_msg.html"/>
     <!-- login -->
     <div class="panel-heading title withlogo">
         %if c.site_name:
             <h5>${_('Log In to %s') % c.site_name}</h5>
         %else:
             <h5>${_('Log In')}</h5>
         %endif
     </div>
     <div class="panel-body inner">
         ${h.form(h.url.current(**request.GET))}
+        ${h.form(h.url.current(came_from=c.came_from, **request.GET))}
         <div class="form">
             <i class="icon-lock"></i>
             <!-- fields -->
             <div class="form-horizontal">
                 <div class="form-group">
                     <label class="control-label col-sm-5" for="username">${_('Username')}:</label>
                     <div class="input col-sm-7">
                         ${h.text('username',class_='form-control focus large')}
                     </div>
                 </div>
                 <div class="form-group">
                     <label class="control-label col-sm-5" for="password">${_('Password')}:</label>
                     <div class="input col-sm-7">
                         ${h.password('password',class_='form-control focus large')}
                     </div>
                 </div>
                 <div class="form-group">
                     <div class="col-sm-offset-5 col-sm-7">
                         <div class="checkbox">
                             <label for="remember">
                                 <input type="checkbox" id="remember" name="remember"/>

0 comments (0 inline, 0 general)