Jay Yu avatar Jay Yu committed 8e674a2

Proper template dir name; Fixed redirect query string check

Comments (0)

Files changed (5)

cas_provider/templates/cas/login.html

-{% extends "base.html" %}
-
-{% block title %}
-Login
-{% endblock %}
-
-{% block content %}
-  <form action='.' method='post'>
-    <fieldset>
-      <legend>Log in to your account</legend>
-      {% if errors %}
-        <ul>
-            {% for error in errors %}
-                <li>{{ error|escape }}</li>
-            {% endfor %}
-        </ul>
-      {% endif %}
-      <table style="border: none;">
-        {{ form.as_table }}
-      </table>
-      <p><input type="submit" value="Login"/></p>
-    </fieldset>
-  </form>
-{% endblock %}

cas_provider/templates/cas/logout.html

-{% extends "base.html" %}
-
-{% block title %}
-Logged out
-{% endblock %}
-
-{% block content %}
-    <h3>Logged out</h3>
-
-    <p>You have successfully logged out. To ensure that you are logged out of all services, please close your browser.</p>
-    {% if url %}<p><a href="{{ url }}">Click here</a> to return to {{ url }}</p>{% endif %}
-{% endblock %}

cas_provider/templates/cas_provider/login.html

+{% extends "base.html" %}
+
+{% block title %}
+Login
+{% endblock %}
+
+{% block content %}
+  <form action='.' method='post'>{% csrf_token %}
+    <fieldset>
+      <legend>Log in to your account</legend>
+      {% if errors %}
+        <ul>
+            {% for error in errors %}
+                <li>{{ error|escape }}</li>
+            {% endfor %}
+        </ul>
+      {% endif %}
+      <table style="border: none;">
+        {{ form.as_table }}
+      </table>
+      <p><input type="submit" value="Login"/></p>
+    </fieldset>
+  </form>
+{% endblock %}

cas_provider/templates/cas_provider/logout.html

+{% extends "base.html" %}
+
+{% block title %}
+Logged out
+{% endblock %}
+
+{% block content %}
+    <h3>Logged out</h3>
+
+    <p>You have successfully logged out. To ensure that you are logged out of all services, please close your browser.</p>
+    {% if url %}<p><a href="{{ url }}">Click here</a> to return to {{ url }}</p>{% endif %}
+{% endblock %}

cas_provider/views.py

+from django.contrib.auth import authenticate
+from django.contrib.auth import login as auth_login, logout as auth_logout
 from django.http import HttpResponse, HttpResponseRedirect
 from django.shortcuts import render_to_response
 from django.template import RequestContext
-from django.contrib.auth import authenticate
-from django.contrib.auth import login as auth_login, logout as auth_logout
 
 from forms import LoginForm
 from models import ServiceTicket, LoginTicket
 
 __all__ = ['login', 'validate', 'logout']
 
-def login(request, template_name='cas/login.html', success_redirect='/accounts/'):
+def login(request, template_name='cas_provider/login.html', success_redirect='/accounts/'):
     service = request.GET.get('service', None)
     if request.user.is_authenticated():
         if service is not None:
         password = request.POST.get('password', None)
         service = request.POST.get('service', None)
         lt = request.POST.get('lt', None)
-        
+
         try:
             login_ticket = LoginTicket.objects.get(ticket=lt)
         except:
                     auth_login(request, user)
                     if service is not None:
                         ticket = create_service_ticket(user, service)
-                        return HttpResponseRedirect(service + '?ticket=' + ticket.ticket)
+                        if service.find('?') == -1:
+                            return HttpResponseRedirect(service + '?ticket=' + ticket.ticket)
+                        else:
+                            return HttpResponseRedirect(service + '&ticket=' + ticket.ticket)
                     else:
+                        print success_redirect
                         return HttpResponseRedirect(success_redirect)
                 else:
                     errors.append('This account is disabled.')
             else:
-                    errors.append('Incorrect username and/or password.')
+                errors.append('Incorrect username and/or password.')
+
     form = LoginForm(service)
     return render_to_response(template_name, {'form': form, 'errors': errors}, context_instance=RequestContext(request))
     
             pass
     return HttpResponse("no\n\n")
     
-def logout(request, template_name='cas/logout.html'):
+def logout(request, template_name='cas_provider/logout.html'):
     url = request.GET.get('url', None)
     auth_logout(request)
     return render_to_response(template_name, {'url': url}, context_instance=RequestContext(request))
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.