]>
Commit | Line | Data |
---|---|---|
606f938b | 1 | from django.contrib.auth.middleware import RemoteUserMiddleware |
34b7ba86 | 2 | from django.contrib.auth.backends import RemoteUserBackend |
31769b1f AD |
3 | from django.contrib.auth.views import login |
4 | from django.contrib.auth import REDIRECT_FIELD_NAME | |
5 | from django.http import HttpResponseRedirect | |
34b7ba86 | 6 | from django.contrib import auth |
358136f9 | 7 | from django.core.exceptions import ObjectDoesNotExist |
31769b1f | 8 | import settings |
606f938b AD |
9 | |
10 | def zephyr(msg, clas='remit', instance='log', rcpt='adehnert',): | |
11 | import os | |
12 | os.system("zwrite -d -c '%s' -i '%s' '%s' -m '%s'" % (clas, instance, rcpt, msg, )) | |
13 | ||
14 | class ScriptsRemoteUserMiddleware(RemoteUserMiddleware): | |
15 | header = 'SSL_CLIENT_S_DN_Email' | |
34b7ba86 AD |
16 | |
17 | class ScriptsRemoteUserBackend(RemoteUserBackend): | |
18 | def clean_username(self, username, ): | |
606f938b AD |
19 | if '@' in username: |
20 | name, domain = username.split('@') | |
21 | assert domain.upper() == 'MIT.EDU' | |
22 | return name | |
23 | else: | |
34b7ba86 | 24 | return username |
9c504e48 AD |
25 | def configure_user(self, user, ): |
26 | username = user.username | |
27 | import ldap | |
28 | con = ldap.open('ldap.mit.edu') | |
29 | con.simple_bind_s("", "") | |
30 | dn = "dc=mit,dc=edu" | |
31 | fields = ['cn', 'sn', 'givenName', 'mail', ] | |
32 | result = con.search_s('dc=mit,dc=edu', ldap.SCOPE_SUBTREE, 'uid=%s'%username, fields) | |
33 | if len(result) == 1: | |
34 | user.first_name = result[0][1]['givenName'][0] | |
35 | user.last_name = result[0][1]['sn'][0] | |
36 | user.email = result[0][1]['mail'][0] | |
358136f9 AD |
37 | try: |
38 | user.groups.add(auth.models.Group.objects.get(name='mit')) | |
39 | except ObjectDoesNotExist: | |
40 | print "Failed to retrieve mit group" | |
9c504e48 | 41 | user.save() |
358136f9 AD |
42 | try: |
43 | user.groups.add(auth.models.Group.objects.get(name='autocreated')) | |
44 | except ObjectDoesNotExist: | |
45 | print "Failed to retrieve autocreated group" | |
9c504e48 | 46 | return user |
31769b1f AD |
47 | |
48 | def scripts_login(request, **kwargs): | |
6e5f75cd AD |
49 | host = request.META['HTTP_HOST'].split(':')[0] |
50 | if host == 'localhost': | |
31769b1f AD |
51 | return login(request, **kwargs) |
52 | elif request.META['SERVER_PORT'] == '444': | |
53 | if request.user.is_authenticated(): | |
54 | # They're already authenticated --- go ahead and redirect | |
55 | if 'redirect_field_name' in kwargs: | |
56 | redirect_field_name = kwargs['redirect_field_names'] | |
57 | else: | |
58 | from django.contrib.auth import REDIRECT_FIELD_NAME | |
59 | redirect_field_name = REDIRECT_FIELD_NAME | |
60 | redirect_to = request.REQUEST.get(redirect_field_name, '') | |
61 | if not redirect_to or '//' in redirect_to or ' ' in redirect_to: | |
62 | redirect_to = settings.LOGIN_REDIRECT_URL | |
63 | return HttpResponseRedirect(redirect_to) | |
64 | else: | |
65 | return login(request, **kwargs) | |
66 | else: | |
67 | # Move to port 444 | |
31769b1f AD |
68 | redirect_to = "https://%s:444%s" % (host, request.META['REQUEST_URI'], ) |
69 | return HttpResponseRedirect(redirect_to) |