def test_change_password_sets_logout_reason(self):
api.keystone.user_update_own_password(IsA(http.HttpRequest),
'oldpwd',
'normalpwd').AndReturn(None)
self.mox.ReplayAll()
formData = {'method': 'PasswordForm',
'current_password': 'oldpwd',
'new_password': 'normalpwd',
'confirm_password': 'normalpwd'}
res = self.client.post(INDEX_URL, formData, follow=False)
self.assertRedirectsNoFollow(res, settings.LOGOUT_URL)
self.assertIn('logout_reason', res.cookies)
self.assertEqual(res.cookies['logout_reason'].value,
"Password changed. Please log in again to continue.")
scheme, netloc, path, query, fragment = urlsplit(res.url)
redirect_response = res.client.get(path, http.QueryDict(query))
self.assertRedirectsNoFollow(redirect_response, settings.LOGIN_URL)
python类LOGOUT_URL的实例源码
def handle(self, request, data):
user_is_editable = api.keystone.keystone_can_edit_user()
if user_is_editable:
try:
api.keystone.user_update_own_password(request,
data['current_password'],
data['new_password'])
response = http.HttpResponseRedirect(settings.LOGOUT_URL)
msg = _("Password changed. Please log in again to continue.")
utils.add_logout_reason(request, response, msg)
return response
except Exception:
exceptions.handle(request,
_('Unable to change password.'))
return False
else:
messages.error(request, _('Changing password is not supported.'))
return False
def handle(self, request, data):
usable_data = self.cleaned_data
user_is_editable = api.keystone.keystone_can_edit_user()
if user_is_editable and usable_data:
try:
api.keystone.user_update_own_password(
request,
usable_data['current_password'],
usable_data['new_password']
)
response = http.HttpResponseRedirect(settings.LOGOUT_URL)
msg = _("Password changed. Please log in again to continue.")
utils.add_logout_reason(request, response, msg)
return response
except Exception:
exceptions.handle(request,
_('Unable to change password.'))
return False
else:
messages.error(request, _('Changing password is not supported.'))
return False
def dispatch(self, request, *args, **kwargs):
"""
Most views in a CMS require a login, so this is the default setup.
If a login is not required then the requires_login property
can be set to False to disable this.
"""
if self.requires_login:
if settings.LOGIN_URL is None or settings.LOGOUT_URL is None:
raise ImproperlyConfigured(
'LOGIN_URL and LOGOUT_URL '
'has to be defined if requires_login is True'
)
if not request.user.is_authenticated():
return redirect('%s?next=%s' % (
resolve_url(settings.LOGIN_URL),
quote(request.get_full_path())))
return super(View, self).dispatch(request, *args, **kwargs)
def get_context_data(self, **kwargs):
context = super(View, self).get_context_data(**kwargs)
context['page_title'] = self.get_page_title()
context['page_description'] = self.get_page_description()
context['menu'] = menu(user=self.request.user, request=self.request)
context['urls'] = self.get_urls()
context['breadcrumbs'] = self.get_breadcrumbs()
context['tabs'] = self.get_tabs()
context['index_url'] = self.get_index_url()
context['SITE_NAME'] = self.get_site_name()
context['SITE_TITLE'] = self.get_site_title()
context['SITE_LOGO'] = self.get_site_logo()
context['SIDEBAR_BACKGROUND'] = self.get_sidebar_background()
context['SIDEBAR_COLOR'] = self.get_sidebar_color()
context['SIDEBAR_ALT_COLOR'] = self.get_sidebar_alt_color()
context['HIGHLIGHT_BACKGROUND'] = self.get_highlight_background()
context['HIGHLIGHT_COLOR'] = self.get_highlight_color()
context['DATETIME_FORMATS'] = self.get_datetime_formats()
context['LOGIN_URL'] = self.get_login_url()
context['LOGOUT_URL'] = self.get_logout_url()
context['media'] = self.media
context['form_display'] = self.get_form_display()
return context
def logout_with_message(request, msg, redirect=True):
"""Send HttpResponseRedirect to LOGOUT_URL.
`msg` is a message displayed on the login page after the logout, to explain
the logout reason.
"""
logout(request)
if redirect:
response = http.HttpResponseRedirect(
'%s?next=%s' % (settings.LOGOUT_URL, request.path))
else:
response = http.HttpResponseRedirect(settings.LOGOUT_URL)
add_logout_reason(request, response, msg)
return response
def post(request, next_page=None):
auth_logout(request)
if next_page:
next_page = resolve_url(next_page)
else:
next_page = get_redirect_url(request, default=settings.LOGOUT_URL)
return redirect(next_page)
def _logout_msg_response(request, msg):
response = http.HttpResponseRedirect(settings.LOGOUT_URL)
utils.add_logout_reason(request, response, msg)
return response
def handle(self, request, data):
submit_response = adjutant.signup_submit(
request, data)
if submit_response.ok:
return True
# Send the user back to the login page.
msg = _("The signup service is currently unavailable. "
"Please try again later.")
response = http.HttpResponseRedirect(settings.LOGOUT_URL)
utils.add_logout_reason(self.request, response, msg)
return response
def handle(self, request, data):
try:
submit_response = adjutant.forgotpassword_submit(
request, data)
if submit_response.ok:
return True
except Exception:
pass
# Send the user back to the login page.
msg = _("The password reset service is currently unavailable. "
"Please try again later.")
response = http.HttpResponseRedirect(settings.LOGOUT_URL)
utils.add_logout_reason(self.request, response, msg)
return response
def get_logout_url(self):
logout_url = getattr(settings, 'LOGOUT_URL', 'logout')
return reverse(logout_url) if logout_url else None
def index(request):
current_time = datetime.datetime.now()
PAGE_TITLE = "Student Dashboard"
LOGOUT_URL = settings.LOGOUT_URL
return render(request,'member/dashboard.html',locals())
def index(request):
""" Barebone 'diagnistics' view, print user attributes if logged in + login/logout links.
"""
if request.user.is_authenticated:
out = "LOGGED IN: <a href={0}>LOGOUT</a><br>".format(settings.LOGOUT_URL)
out += "".join(['%s: %s</br>' % (field.name, getattr(request.user, field.name))
for field in request.user._meta.get_fields()
if field.concrete])
return HttpResponse(out)
else:
return HttpResponse("LOGGED OUT: <a href={0}>LOGIN</a>".format(settings.LOGIN_URL))
# TODO fix this in IdP side?
def login_logout(request):
"""
Adds LOGIN_URL and LOGOUT_URL from the settings to the context
"""
return {"LOGIN_URL": settings.LOGIN_URL, "LOGOUT_URL": settings.LOGOUT_URL}
def process_response(self, request, response):
"""Convert HttpResponseRedirect to HttpResponse if request is via ajax
to allow ajax request to redirect url
"""
if request.is_ajax() and hasattr(request, 'horizon'):
queued_msgs = request.horizon['async_messages']
if type(response) == http.HttpResponseRedirect:
# Drop our messages back into the session as per usual so they
# don't disappear during the redirect. Not that we explicitly
# use django's messages methods here.
for tag, message, extra_tags in queued_msgs:
getattr(django_messages, tag)(request, message, extra_tags)
if response['location'].startswith(settings.LOGOUT_URL):
redirect_response = http.HttpResponse(status=401)
# This header is used for handling the logout in JS
redirect_response['logout'] = True
if self.logout_reason is not None:
utils.add_logout_reason(
request, redirect_response, self.logout_reason)
else:
redirect_response = http.HttpResponse()
# Use a set while checking if we want a cookie's attributes
# copied
cookie_keys = set(('max_age', 'expires', 'path', 'domain',
'secure', 'httponly', 'logout_reason'))
# Copy cookies from HttpResponseRedirect towards HttpResponse
for cookie_name, cookie in six.iteritems(response.cookies):
cookie_kwargs = dict((
(key, value) for key, value in six.iteritems(cookie)
if key in cookie_keys and value
))
redirect_response.set_cookie(
cookie_name, cookie.value, **cookie_kwargs)
redirect_response['X-Horizon-Location'] = response['location']
return redirect_response
if queued_msgs:
# TODO(gabriel): When we have an async connection to the
# client (e.g. websockets) this should be pushed to the
# socket queue rather than being sent via a header.
# The header method has notable drawbacks (length limits,
# etc.) and is not meant as a long-term solution.
response['X-Horizon-Messages'] = json.dumps(queued_msgs)
return response
