5 from django.contrib.auth.middleware import RemoteUserMiddleware
6 from django.contrib.auth.backends import RemoteUserBackend
7 from django.contrib.auth.views import login
8 from django.contrib.auth import REDIRECT_FIELD_NAME
9 from django.http import HttpResponseRedirect
10 from django.contrib import auth
11 from django.core.exceptions import ObjectDoesNotExist
14 def zephyr(msg, clas='message', instance='log', rcpt='nobody',):
15 proc = subprocess.Popen(
16 ['zwrite', '-d', '-n', '-c', clas, '-i', instance, rcpt, ],
17 stdin=subprocess.PIPE, stdout=subprocess.PIPE
21 class ScriptsRemoteUserMiddleware(RemoteUserMiddleware):
22 header = 'SSL_CLIENT_S_DN_Email'
24 class ScriptsRemoteUserBackend(RemoteUserBackend):
25 def clean_username(self, username, ):
27 name, domain = username.split('@')
28 assert domain.upper() == 'MIT.EDU'
32 def configure_user(self, user, ):
33 username = user.username
34 user.password = "ScriptsSSLAuth"
35 con = ldap.open('ldap-too.mit.edu')
36 con.simple_bind_s("", "")
38 fields = ['cn', 'sn', 'givenName', 'mail', ]
39 userfilter = ldap.filter.filter_format('uid=%s', [username])
40 result = con.search_s('dc=mit,dc=edu', ldap.SCOPE_SUBTREE, userfilter, fields)
42 user.first_name = result[0][1]['givenName'][0]
43 user.last_name = result[0][1]['sn'][0]
45 user.email = result[0][1]['mail'][0]
47 user.email = username + '@mit.edu'
49 user.groups.add(auth.models.Group.objects.get(name='mit'))
50 except ObjectDoesNotExist:
51 print "Failed to retrieve mit group"
53 raise ValueError, ("Could not find user with username '%s' (filter '%s')"%(username, userfilter))
55 user.groups.add(auth.models.Group.objects.get(name='autocreated'))
56 except ObjectDoesNotExist:
57 print "Failed to retrieve autocreated group"
61 def get_or_create_mit_user(username, ):
63 Given an MIT username, return a Django user object for them.
64 If necessary, create (and save) the Django user for them.
65 If the MIT user doesn't exist, raises ValueError.
67 user, created = auth.models.User.objects.get_or_create(username=username, )
69 backend = ScriptsRemoteUserBackend()
70 # Raises ValueError if the user doesn't exist
72 return backend.configure_user(user), created
79 def scripts_login(request, **kwargs):
80 host = request.META['HTTP_HOST'].split(':')[0]
81 if host == 'localhost':
82 return login(request, **kwargs)
83 elif request.META['SERVER_PORT'] == '444':
84 if request.user.is_authenticated():
85 # They're already authenticated --- go ahead and redirect
86 if 'redirect_field_name' in kwargs:
87 redirect_field_name = kwargs['redirect_field_names']
89 from django.contrib.auth import REDIRECT_FIELD_NAME
90 redirect_field_name = REDIRECT_FIELD_NAME
91 redirect_to = request.REQUEST.get(redirect_field_name, '')
92 if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
93 redirect_to = settings.LOGIN_REDIRECT_URL
94 return HttpResponseRedirect(redirect_to)
96 return login(request, **kwargs)
99 redirect_to = "https://%s:444%s" % (host, request.META['REQUEST_URI'], )
100 return HttpResponseRedirect(redirect_to)