haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-12 13:24:52 +00:00
Code Issues Releases Wiki Activity

[auth, api, shibboleth] Use primary id in login

Browse Source
This commit is contained in:
zhengxie
2017-08-26 14:18:21 +08:00
parent b912c69c5a
commit 318c7de424
3 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
seahub/api2/serializers.py
View File

@@ -2,6 +2,7 @@
import logging import logging
from rest_framework import serializers from rest_framework import serializers
from seaserv import ccnet_api
from seahub.auth import authenticate from seahub.auth import authenticate
from seahub.api2.models import DESKTOP_PLATFORMS from seahub.api2.models import DESKTOP_PLATFORMS
@@ -68,6 +69,10 @@ class AuthTokenSerializer(serializers.Serializer):
if username is None: if username is None:
username = login_id username = login_id
p_id = ccnet_api.get_primary_id(username)
if p_id is not None:
username = p_id
if username and password: if username and password:
user = authenticate(username=username, password=password) user = authenticate(username=username, password=password)
if user: if user:

9
seahub/auth/forms.py
View File

@@ -4,6 +4,8 @@ from django import forms
from django.utils.translation import ugettext_lazy as _ from django.utils.translation import ugettext_lazy as _
from django.utils.http import int_to_base36 from django.utils.http import int_to_base36
from seaserv import ccnet_api
from seahub.base.accounts import User from seahub.base.accounts import User
from seahub.auth import authenticate from seahub.auth import authenticate
from seahub.auth.tokens import default_token_generator from seahub.auth.tokens import default_token_generator
@@ -45,6 +47,12 @@ class AuthenticationForm(forms.Form):
else: else:
return username return username
def get_primary_id_by_username(self, username):
"""Get user's primary id in case the username is changed.
"""
p_id = ccnet_api.get_primary_id(username)
return p_id if p_id is not None else username
def clean_login(self): def clean_login(self):
return self.cleaned_data['login'].strip() return self.cleaned_data['login'].strip()
@@ -55,6 +63,7 @@ class AuthenticationForm(forms.Form):
# convert login id to username # convert login id to username
username = self.get_username_by_login(login) username = self.get_username_by_login(login)
username = self.get_primary_id_by_username(username)
if username and password: if username and password:
self.user_cache = authenticate(username=username, self.user_cache = authenticate(username=username,
password=password) password=password)

6
thirdpart/shibboleth/middleware.py
View File

@@ -7,7 +7,7 @@ from django.contrib.auth.middleware import RemoteUserMiddleware
from django.core.exceptions import ImproperlyConfigured from django.core.exceptions import ImproperlyConfigured
from django.core.urlresolvers import reverse from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect from django.http import HttpResponseRedirect
from seaserv import seafile_api from seaserv import seafile_api, ccnet_api
from shibboleth.app_settings import SHIB_ATTRIBUTE_MAP, LOGOUT_SESSION_KEY, SHIB_USER_HEADER from shibboleth.app_settings import SHIB_ATTRIBUTE_MAP, LOGOUT_SESSION_KEY, SHIB_USER_HEADER
@@ -58,6 +58,10 @@ class ShibbolethRemoteUserMiddleware(RemoteUserMiddleware):
# AuthenticationMiddleware). # AuthenticationMiddleware).
return return
p_id = ccnet_api.get_primary_id(username)
if p_id is not None:
username = p_id
# If the user is already authenticated and that user is the user we are # If the user is already authenticated and that user is the user we are
# getting passed in the headers, then the correct user is already # getting passed in the headers, then the correct user is already
# persisted in the session and we don't need to continue. # persisted in the session and we don't need to continue.