####
## Community authentication endpoint
####
+from django.views.decorators.csrf import csrf_protect
+
@ssl_required
-@login_required
+@csrf_protect
def communityauth(request, siteid):
+ # Get whatever site the user is trying to log in to.
+ site = get_object_or_404(CommunityAuthSite, pk=siteid)
+
+ if request.GET.has_key('su'):
+ su = request.GET['su']
+ if not su.startswith('/'):
+ su = None
+ else:
+ su = None
+
+ # Verify if the user is authenticated, and if he/she is not, generate
+ # a login form that has information about which site is being logged
+ # in to, and basic information about how the community login system
+ # works.
+ if not request.user.is_authenticated():
+ if su:
+ suburl = "?su=%s" % su
+ else:
+ suburl = ""
+ return render_to_response('account/communityauth.html', {
+ 'sitename': site.name,
+ 'next': '/account/auth/%s/%s' % (siteid, suburl),
+ }, NavContext(request, 'account'))
+
+
# When we reach this point, the user *has* already been authenticated.
# The request variable "su" *may* contain a suburl and should in that
# case be passed along to the site we're authenticating for. And of
# course, we fill a structure with information about the user.
- site = get_object_or_404(CommunityAuthSite, pk=siteid)
-
info = {
'u': request.user.username,
'f': request.user.first_name,
'l': request.user.last_name,
'e': request.user.email,
}
- if request.GET.has_key('su'):
- if request.GET['su'].startswith('/'):
- info.update({
- 'su': request.GET['su']
- })
+ if su:
+ info['su'] = request.GET['su']
# URL-encode the structure
s = urllib.urlencode(info)
--- /dev/null
+{%extends "base/page.html"%}
+{%block contents%}
+<h1>Community authentication</h1>
+<p>
+The website you are trying to log in to ({{sitename}}) is using the
+postgresql.org community login system. In this system you create a
+central account that is used to log into most postgresql.org services.
+Once you are logged into this account, you will automatically be
+logged in to the associated postgresql.org services. Note that this
+single sign on is only used for official postgresql.org websites.
+</p>
+<p>
+If you do not already have an account, you may
+<a href="/account/signup/">sign up</a> for one now.
+If you have one but have lost your
+password, you can use the <a href="/account/reset/">password reset</a> form.
+</p>
+
+<form action="/account/login/" method="post" id="login-form">{% csrf_token %}
+ <div class="form-row">
+ <label for="id_username">Username:</label> <input type="text" name="username" id="id_username" />
+ </div>
+ <div class="form-row">
+ <label for="id_password">Password:</label> <input type="password" name="password" id="id_password" />
+ <input type="hidden" name="this_is_the_login_form" value="1" />
+ <input type="hidden" name="next" value="{{next}}" />
+ </div>
+ <div class="submit-row">
+ <label> </label><input type="submit" value="Log in" />
+ </div>
+</form>
+
+<script type="text/javascript">
+document.getElementById('id_username').focus()
+</script>
+
+{%endblock%}
+
projects / pgweb.git / commitdiff