Skip to content

D
Djangoldp Account
Commit e55cdd37 authored by Calum Mackervoy's avatar Calum Mackervoy Committed by Jean-Baptiste Pasquier
Browse files
Options

Register redirect

parent 11375430
Hide whitespace changes
Inline Side-by-side
Showing with 74 additions and 16 deletions
djangoldp_account/djangoldp_urls.py
View file @ e55cdd37
......@@ -5,12 +5,12 @@ from django.conf.urls import url, include
from django.contrib.auth.models import Group
from django.views.decorators.csrf import csrf_exempt
from django_registration.backends.activation.views import RegistrationView
from djangoldp.permissions import LDPPermissions
from djangoldp.views import LDPViewSet
from djangoldp_account.forms import LDPUserForm
from .models import ChatProfile, Account
from .views import userinfocustom, RPLoginView, RPLoginCallBackView, check_user, LDPAccountLoginView, RedirectView
from .views import userinfocustom, RPLoginView, RPLoginCallBackView, check_user, LDPAccountLoginView, RedirectView, \
LDPAccountRegsitrationView
Group._meta.serializer_fields = ['name']
Group._meta.anonymous_perms = getattr(settings, 'GROUP_ANONYMOUS_PERMISSIONS', ['view'])
......@@ -24,7 +24,7 @@ urlpatterns = [
)
),
url(r'^auth/register/$',
RegistrationView.as_view(
LDPAccountRegsitrationView.as_view(
form_class=LDPUserForm
),
name='django_registration_register',
......
djangoldp_account/templates/django_registration/activation_complete.html
View file @ e55cdd37
......@@ -4,5 +4,9 @@
{% block content %}
{% url 'login' as auth_login_url %}
<h1 class="text-center">{% trans "Thanks, activation complete!" %}</h1>
<p class="text-center">{% trans "You may now <a href='{{ auth_login_url }}'>login</a> using the username and password you set at registration." %}</p>
<p class="text-center">
{% blocktrans %}
You may now <a href='{{ auth_login_url }}'>login</a> using the username and password you set at registration.
{% endblocktrans %}
</p>
{% endblock %}
djangoldp_account/templates/django_registration/registration_form.html
View file @ e55cdd37
......@@ -12,6 +12,7 @@
{% block content %}
<table>
<form method='post' action=''>{% csrf_token %}
<input type="hidden" name="next" value="{{ next }}"/>
{{ form }}
<tr>
<td></td>
......
djangoldp_account/templates/registration/login.html
View file @ e55cdd37
......@@ -61,7 +61,7 @@
<div class="flex-column">
<p class="other-login-title text-center">{% trans "Doesn't have an account yet?" %}</p>
<a class="sib-link sib-register-link" href="{% url 'django_registration_register' %}">{% trans "Register now!" %}</a>
<a class="sib-link sib-register-link" href="{% url 'django_registration_register' %}?next={{next|urlencode}}">{% trans "Register now!" %}</a>
</div>
</div>
{% endblock %}
djangoldp_account/views.py
View file @ e55cdd37
from django.http import HttpResponse, JsonResponse, HttpResponseRedirect, HttpResponseNotFound
from django.views import View
from django.contrib.auth.views import LoginView
from django.contrib.auth import get_user_model
from django.contrib.auth.views import LoginView, SuccessURLAllowedHostsMixin
from django.shortcuts import redirect, render
from django.urls import reverse
from django.utils.http import (
is_safe_url, urlsafe_base64_decode,
)
from django_registration.backends.activation.views import RegistrationView
from djangoldp_account import settings
from djangoldp_account.endpoints.rp_login import RPLoginCallBackEndpoint, RPLoginEndpoint
......@@ -44,6 +49,20 @@ def check_user(request, *args, **kwargs):
return HttpResponseNotFound()
# auxiliary function to set a user's default_redirect_uri
def _set_default_redirect_uri(user, redirect_uri):
from django.conf import settings
if redirect_uri is not None and len(redirect_uri) > 1 and redirect_uri != settings.LOGIN_REDIRECT_URL \
and hasattr(user, 'default_redirect_uri'):
try:
user.default_redirect_uri = redirect_uri
user.save()
# if the URL is too long, or invalid, we can just move on
except:
pass
class RedirectView(View):
"""
View for managing where to redirect the user after a successful login
......@@ -75,20 +94,54 @@ class LDPAccountLoginView(LoginView):
"""
# Save login url as preferred redirect
def post(self, request, *args, **kwargs):
from django.conf import settings
return_value = super(LDPAccountLoginView, self).post(request, *args, **kwargs)
# if the user has 'next' set which is not default, update their preference
next = request.POST.get('next')
if next is not None and len(next) > 1 and next != settings.LOGIN_REDIRECT_URL\
and request.user.is_authenticated:
try:
request.user.default_redirect_uri = next
request.user.save()
# if the URL is too long, or invalid, we can just move on
except:
pass
_set_default_redirect_uri(request.user, next)
return return_value
class LDPAccountRegsitrationView(SuccessURLAllowedHostsMixin, RegistrationView):
"""
Extension of django-registration's RegistrationView for managing user's default_redirect_uri
"""
def get_redirect_url(self):
"""Return the user-originating redirect URL if it's safe."""
redirect_to = self.request.POST.get(
'next',
self.request.GET.get('next', '')
)
url_is_safe = is_safe_url(
url=redirect_to,
allowed_hosts=self.get_success_url_allowed_hosts(),
require_https=self.request.is_secure(),
)
return redirect_to if url_is_safe else ''
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context.update({
'next': self.get_redirect_url(),
})
return context
def post(self, request, *args, **kwargs):
return_value = super(LDPAccountRegsitrationView, self).post(request, *args, **kwargs)
# if the user has 'next' set which is not default, update their preference
next = request.POST.get('next', '')
username = request.POST.get('username')
# fetch the user which should now be created
try:
user = get_user_model().objects.get(username=username)
except get_user_model().DoesNotExist:
return return_value
_set_default_redirect_uri(user, next)
return return_value
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment