From c8b6a26a8961884128fbc393c389a8332251cacd Mon Sep 17 00:00:00 2001
From: Loic Baron
Date: Wed, 24 May 2017 14:38:42 +0200
Subject: [PATCH] AiC and REST login
---
myslice/urls.py | 1 +
portal/templates/loginwidget.html | 2 +-
portal/templates/onelab/onelab_home-view.html | 22 ++++++-
rest/login.py | 63 +++++++++++++++++++
4 files changed, 86 insertions(+), 2 deletions(-)
create mode 100644 rest/login.py
diff --git a/myslice/urls.py b/myslice/urls.py
index 6b1c9fa6..954c7ec1 100644
--- a/myslice/urls.py
+++ b/myslice/urls.py
@@ -86,6 +86,7 @@ urls = [
#
#
# RESTful interface
+ (r'^rest/login/$','rest.login.dispatch'),
(r'^rest/(?P[^/]+)/(?P[^/]+)?/?$', 'rest.get.dispatch'),
(r'^sfa/(?P[^/]+)/?$', 'rest.sfa_api.dispatch'),
(r'^table/(?P[^/]+)/(?P[^/]+)?/?$', 'rest.get.dispatch'),
diff --git a/portal/templates/loginwidget.html b/portal/templates/loginwidget.html
index 763fab62..b738d46a 100644
--- a/portal/templates/loginwidget.html
+++ b/portal/templates/loginwidget.html
@@ -14,4 +14,4 @@
You don't have an account yet?
Sign Up!
-
\ No newline at end of file
+
diff --git a/portal/templates/onelab/onelab_home-view.html b/portal/templates/onelab/onelab_home-view.html
index c98ee918..d7689fcb 100644
--- a/portal/templates/onelab/onelab_home-view.html
+++ b/portal/templates/onelab/onelab_home-view.html
@@ -88,7 +88,27 @@
{% include theme|add:"_dashboard_links.html" %}
-
+
+
+
diff --git a/rest/login.py b/rest/login.py
new file mode 100644
index 00000000..ca9b7841
--- /dev/null
+++ b/rest/login.py
@@ -0,0 +1,63 @@
+import json
+from django.shortcuts import render_to_response
+from django.views.decorators.csrf import csrf_exempt
+from django.http import HttpResponse, HttpResponseNotFound, HttpResponseForbidden, HttpResponseServerError, HttpResponseBadRequest
+from django.contrib.auth import authenticate, login
+from manifoldapi.manifoldresult import ManifoldResult
+
+import activity.user
+
+@csrf_exempt
+def dispatch(request):
+ if request.method == 'POST':
+ data = json.loads(request.body)
+ else:
+ return HttpResponseBadRequest(json.dumps({"error":"Bad request use POST"}), content_type="application/json")
+
+ result = None
+ username = None
+ password = None
+ if 'email' in data:
+ username = data['email']
+ if 'password' in data:
+ password = data['password']
+
+ if not username or not password:
+ return HttpResponseBadRequest(json.dumps({"error":"Bad request"}), content_type="application/json")
+ else:
+ token = {'username': username, 'password': password, 'request': request}
+ auth_result = authenticate(token=token)
+ # our authenticate function returns either
+ # . a ManifoldResult - when something has gone wrong, like e.g. backend is unreachable
+ # . a django User in case of success
+ # . or None if the backend could be reached but the authentication failed
+ if isinstance (auth_result, ManifoldResult):
+ manifoldresult = auth_result
+ # let's use ManifoldResult.__repr__
+ msg="%s"%manifoldresult
+ return HttpResponseServerError(json.dumps({"error":msg}), content_type="application/json")
+ # user was authenticated at the backend
+ elif auth_result is not None:
+ user=auth_result
+ if user is not None and user.is_active:
+ login(request, user)
+
+ if request.user.is_authenticated():
+ try:
+ result = {'email':username}
+ # log user activity
+ activity.user.login(request)
+ except Exception as e:
+ import traceback
+ traceback.print_exc()
+ msg = "Your session has expired"
+ return HttpResponseServerError(json.dumps({"error":msg}), content_type="application/json")
+ else:
+ msg = "Your account is not active, please contact the site admin."
+ return HttpResponseForbidden(json.dumps({"error":msg}), content_type="application/json")
+ # otherwise
+ else:
+ msg = "Your username and/or password were incorrect."
+ return HttpResponseNotFound(json.dumps({"error":msg}), content_type="application/json")
+ return HttpResponse(json.dumps(result))
+
--
2.43.0