django/mit/__init__.py

   1 from django.contrib.auth.middleware import RemoteUserMiddleware
   2 from django.contrib.auth.backends import RemoteUserBackend
   3 from django.contrib.auth.views import login
   4 from django.contrib.auth import REDIRECT_FIELD_NAME
   5 from django.http import HttpResponseRedirect
   6 from django.contrib import auth
   7 from django.core.exceptions import ObjectDoesNotExist
   8 import settings
   9
  10 def zephyr(msg, clas='remit', instance='log', rcpt='adehnert',):
  11     import os
  12     os.system("zwrite -d -c '%s' -i '%s' '%s' -m '%s'" % (clas, instance, rcpt, msg, ))
  13
  14 class ScriptsRemoteUserMiddleware(RemoteUserMiddleware):
  15     header = 'SSL_CLIENT_S_DN_Email'
  16
  17 class ScriptsRemoteUserBackend(RemoteUserBackend):
  18     def clean_username(self, username, ):
  19         if '@' in username:
  20             name, domain = username.split('@')
  21             assert domain.upper() == 'MIT.EDU'
  22             return name
  23         else:
  24             return username
  25     def configure_user(self, user, ):
  26         username = user.username
  27         import ldap
  28         con = ldap.open('ldap.mit.edu')
  29         con.simple_bind_s("", "")
  30         dn = "dc=mit,dc=edu"
  31         fields = ['cn', 'sn', 'givenName', 'mail', ]
  32         result = con.search_s('dc=mit,dc=edu', ldap.SCOPE_SUBTREE, 'uid=%s'%username, fields)
  33         if len(result) == 1:
  34             user.first_name = result[0][1]['givenName'][0]
  35             user.last_name = result[0][1]['sn'][0]
  36             user.email = result[0][1]['mail'][0]
  37             try:
  38                 user.groups.add(auth.models.Group.objects.get(name='mit'))
  39             except ObjectDoesNotExist:
  40                 print "Failed to retrieve mit group"
  41             user.save()
  42         try:
  43             user.groups.add(auth.models.Group.objects.get(name='autocreated'))
  44         except ObjectDoesNotExist:
  45             print "Failed to retrieve autocreated group"
  46         return user
  47
  48 def scripts_login(request, **kwargs):
  49     host = request.META['HTTP_HOST'].split(':')[0]
  50     if host == 'localhost':
  51         return login(request, **kwargs)
  52     elif request.META['SERVER_PORT'] == '444':
  53         if request.user.is_authenticated():
  54             # They're already authenticated --- go ahead and redirect
  55             if 'redirect_field_name' in kwargs:
  56                 redirect_field_name = kwargs['redirect_field_names']
  57             else:
  58                 from django.contrib.auth import REDIRECT_FIELD_NAME
  59                 redirect_field_name = REDIRECT_FIELD_NAME
  60             redirect_to = request.REQUEST.get(redirect_field_name, '')
  61             if not redirect_to or '//' in redirect_to or ' ' in redirect_to:
  62                 redirect_to = settings.LOGIN_REDIRECT_URL
  63             return HttpResponseRedirect(redirect_to)
  64         else:
  65             return login(request, **kwargs)
  66     else:
  67         # Move to port 444
  68         redirect_to = "https://%s:444%s" % (host, request.META['REQUEST_URI'], )
  69         return HttpResponseRedirect(redirect_to)