From bbdf40b4dd1bebc81461f1c9294aca95323bf889 Mon Sep 17 00:00:00 2001
From: Mohamed Larabi <aminelarabi@vis067b.sophia.inria.fr>
Date: Mon, 18 Feb 2013 12:21:56 +0100
Subject: [PATCH] attach manifold_session and manifold_person to django's
 request.session

---
 auth/manifoldbackend.py | 22 +++++++++++++++-------
 auth/views.py           |  5 ++++-
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/auth/manifoldbackend.py b/auth/manifoldbackend.py
index f548b434..da3c23f9 100644
--- a/auth/manifoldbackend.py
+++ b/auth/manifoldbackend.py
@@ -11,18 +11,23 @@ class ManifoldBackend:
 
     # Create an authentication method
     # This is called by the standard Django login procedure
-    def authenticate(self, username=None, password=None):
-        if not username or not password:
+    def authenticate(self, token=None):
+        if not token:
             return None
 
         try:
+            username = token['username']
+            password = token['password']
+            request = token['request']
+
             auth = {'AuthMethod': 'password', 'Username': username, 'AuthString': password}
             api = ManifoldAPI(auth)
             # Authenticate user and get session key
             session = api.GetSession()
             if not session : 
                 return None
-
+            
+            request.session['manifold_session'] = session
             #self.session = session
             # Change GetSession() at some point to return expires as well
             expires = time.time() + (24 * 60 * 60)
@@ -32,18 +37,21 @@ class ManifoldBackend:
             #self.api = api
 
             # Get account details
-            person = api.GetPersons(auth)
+            person = api.GetPersons(auth)[0]
+            request.session['manifold_person'] = person
             #self.person = person[0]
         except:
             return None
 
         try:
             # Check if the user exists in Django's local database
-            user = User.objects.get(email=username)
+            user = User.objects.get(username=username)
         except User.DoesNotExist:
             # Create a user in Django's local database
-            user = User.objects.create_user(time.time(), username, 'passworddoesntmatter')
-
+            user = User.objects.create_user(username, username, 'passworddoesntmatter')
+            user.first_name = person['first_name']
+            user.last_name = person['last_name']
+            user.email = person['email']
         return user
 
     # Required for your backend to work properly - unchanged in most scenarios
diff --git a/auth/views.py b/auth/views.py
index f6afa3fb..45fe6378 100644
--- a/auth/views.py
+++ b/auth/views.py
@@ -20,8 +20,11 @@ def login_user(request):
     if request.POST:
         username = request.POST.get('username')
         password = request.POST.get('password')
+        
+        # pass request within the token, so manifold session key could be attached to the request session.
+        token = {'username': username, 'password': password, 'request': request}    
 
-        user = authenticate(username=username, password=password)
+        user = authenticate(token=token)
         if user is not None:
             if user.is_active:
                 login(request, user)
-- 
2.47.0