Skip to content

E
edx-platform
Commit 484602ad by Carson Gee
Options

Adds redirects for login pages and the registration page so that 

they go through the SSL login process in branding when that feature
is enabled.
parent d5bff2e2
Showing with 56 additions and 0 deletions
common/djangoapps/external_auth/tests/test_ssl.py
......@@ -140,3 +140,47 @@ class SSLClientTest(TestCase):
User.objects.get(email=self.USER_EMAIL)
except ExternalAuthMap.DoesNotExist, ex:
self.fail('User did not get properly added to internal users, exception was {0}'.format(str(ex)))
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms')
@override_settings(FEATURES=FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP)
def test_default_login_decorator_ssl(self):
"""
Make sure that SSL login happens if it is enabled on protected
views instead of showing the login form.
"""
response = self.client.get(reverse('dashboard'), follows=True)
self.assertEqual(response.status_code, 302)
self.assertIn(reverse('accounts_login'), response['location'])
response = self.client.get(
reverse('dashboard'), follow=True,
SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL))
self.assertIn(reverse('dashboard'), response['location'])
self.assertIn('_auth_user_id', self.client.session)
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms')
@override_settings(FEATURES=FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP)
def test_registration_page_bypass(self):
"""
This tests to make sure when immediate signup is on that
the user doesn't get presented with the registration page.
"""
response = self.client.get(
reverse('register_user'), follow=True,
SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL))
self.assertIn(reverse('dashboard'), response['location'])
self.assertIn('_auth_user_id', self.client.session)
@unittest.skipUnless(settings.ROOT_URLCONF == 'lms.urls', 'Test only valid in lms')
@override_settings(FEATURES=FEATURES_WITH_SSL_AUTH_IMMEDIATE_SIGNUP)
def test_signin_page_bypass(self):
"""
This tests to make sure when ssl authentication is on
that user doesn't get presented with the login page if they
have a certificate.
"""
response = self.client.get(
reverse('signin_user'), follow=True,
SSL_CLIENT_S_DN=self.AUTH_DN.format(self.USER_NAME, self.USER_EMAIL))
self.assertIn(reverse('dashboard'), response['location'])
self.assertIn('_auth_user_id', self.client.session)
common/djangoapps/student/views.py
......@@ -239,6 +239,10 @@ def signin_user(request):
"""
This view will display the non-modal login form
"""
if settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']:
# SSL login doesn't require a view, so redirect
# branding and allow that to process the login.
return redirect(reverse('root'))
if request.user.is_authenticated():
return redirect(reverse('dashboard'))
......@@ -256,6 +260,10 @@ def register_user(request, extra_context=None):
"""
if request.user.is_authenticated():
return redirect(reverse('dashboard'))
if settings.FEATURES.get('AUTH_USE_MIT_CERTIFICATES_IMMEDIATE_SIGNUP'):
# Redirect to branding to process their certificate if SSL is enabled
# and registration is disabled.
return redirect(reverse('root'))
context = {
'course_id': request.GET.get('course_id'),
......@@ -518,6 +526,10 @@ def accounts_login(request):
"""
if settings.FEATURES.get('AUTH_USE_CAS'):
return redirect(reverse('cas-login'))
if settings.FEATURES['AUTH_USE_MIT_CERTIFICATES']:
# SSL login doesn't require a view, so redirect
# to branding and allow that to process the login.
return redirect(reverse('root'))
# see if the "next" parameter has been set, whether it has a course context, and if so, whether
# there is a course-specific place to redirect
redirect_to = request.GET.get('next')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment