Commit 484602ad by Carson Gee

Adds redirects for login pages and the registration page so that

they go through the SSL login process in branding when that feature
is enabled.
parent d5bff2e2
...@@ -140,3 +140,47 @@ class SSLClientTest(TestCase): ...@@ -140,3 +140,47 @@ class SSLClientTest(TestCase):
User.objects.get(email=self.USER_EMAIL) User.objects.get(email=self.USER_EMAIL)
except ExternalAuthMap.DoesNotExist, ex: except ExternalAuthMap.DoesNotExist, ex:
self.fail('User did not get properly added to internal users, exception was {0}'.format(str(ex))) self.fail('User did not get properly added to internal users, exception was {0}'.format(str(ex)))
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms')
@override_settings(FEATURES=FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP)
def test_default_login_decorator_ssl(self):
"""
Make sure that SSL login happens if it is enabled on protected
views instead of showing the login form.
"""
response = self.client.get(reverse('dashboard'), follows=True)
self.assertEqual(response.status_code, 302)
self.assertIn(reverse('accounts_login'), response['location'])
response = self.client.get(
reverse('dashboard'), follow=True,
SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL))
self.assertIn(reverse('dashboard'), response['location'])
self.assertIn('_auth_user_id', self.client.session)
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms')
@override_settings(FEATURES=FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP)
def test_registration_page_bypass(self):
"""
This tests to make sure when immediate signup is on that
the user doesn't get presented with the registration page.
"""
response = self.client.get(
reverse('register_user'), follow=True,
SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL))
self.assertIn(reverse('dashboard'), response['location'])
self.assertIn('_auth_user_id', self.client.session)
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms')
@override_settings(FEATURES=FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP)
def test_signin_page_bypass(self):
"""
This tests to make sure when ssl authentication is on
that user doesn't get presented with the login page if they
have a certificate.
"""
response = self.client.get(
reverse('signin_user'), follow=True,
SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL))
self.assertIn(reverse('dashboard'), response['location'])
self.assertIn('_auth_user_id', self.client.session)
...@@ -239,6 +239,10 @@ def signin_user(request): ...@@ -239,6 +239,10 @@ def signin_user(request):
""" """
This view will display the non-modal login form This view will display the non-modal login form
""" """
if settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']:
# SSL login doesn't require a view, so redirect
# branding and allow that to process the login.
return redirect(reverse('root'))
if request.user.is_authenticated(): if request.user.is_authenticated():
return redirect(reverse('dashboard')) return redirect(reverse('dashboard'))
...@@ -256,6 +260,10 @@ def register_user(request, extra_context=None): ...@@ -256,6 +260,10 @@ def register_user(request, extra_context=None):
""" """
if request.user.is_authenticated(): if request.user.is_authenticated():
return redirect(reverse('dashboard')) return redirect(reverse('dashboard'))
if settings.FEATURES.get('AUTH_USE_MIT_CERTIFICATES_IMMEDIATE_SIGNUP'):
# Redirect to branding to process their certificate if SSL is enabled
# and registration is disabled.
return redirect(reverse('root'))
context = { context = {
'course_id': request.GET.get('course_id'), 'course_id': request.GET.get('course_id'),
...@@ -518,6 +526,10 @@ def accounts_login(request): ...@@ -518,6 +526,10 @@ def accounts_login(request):
""" """
if settings.FEATURES.get('AUTH_USE_CAS'): if settings.FEATURES.get('AUTH_USE_CAS'):
return redirect(reverse('cas-login')) return redirect(reverse('cas-login'))
if settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']:
# SSL login doesn't require a view, so redirect
# to branding and allow that to process the login.
return redirect(reverse('root'))
# see if the "next" parameter has been set, whether it has a course context, and if so, whether # see if the "next" parameter has been set, whether it has a course context, and if so, whether
# there is a course-specific place to redirect # there is a course-specific place to redirect
redirect_to = request.GET.get('next') redirect_to = request.GET.get('next')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment