~jcsackett/charmworld/bac-tag-constraints

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
import logging
from pyramid.httpexceptions import HTTPFound
from pyramid.security import remember
from pyramid.security import forget
from pyramid.view import view_config

from charmworld.models import UserMgr


LOG = logging.getLogger(__name__)


@view_config(route_name="logout")
def logout(request):
    headers = forget(request)
    request.session.delete()
    return HTTPFound(location=request.route_url('home'),
                     headers=headers)


@view_config(
    route_name="auth_callback",
    renderer='charmworld:templates/auth_callback.pt')
def auth_callback(request):
    """Successfully logging in is remembered.

    """
    headers = {}
    params = dict(request.params)

    # Can be an openid.mode = 'cancel' from the SSO.
    mode = params.get('openid.mode')
    if mode == u'cancel':
        # The user didn't login but canceled during walk through.
        LOG.error('OpenID Cancel')
        # Return them to the auth page for now.
        return HTTPFound(location=request.route_url('home'))
    elif mode == u'id_res':
        # Successful login is openid.mode = 'id_res'

        # Attempt to find the user in mongo, else create it.
        found = UserMgr.find_one(request.db, params.get('openid.claimed_id'))

        if not found:
            user = UserMgr.from_sso(params)
            user.save(request.db)
        else:
            user = found
            user.update_from_sso(params)
            user.save(request.db)

        # Add the authn token to the cookie via headers with an expiration XX
        # seconds out.
        headers = remember(
            request,
            user.userid,
            max_age=request.registry.settings.get('login_cookie_timeout'))
    else:
        LOG.error('Unexpected mode from openid: ' + str(mode))

    request.session.delete()
    return HTTPFound(location=request.route_url('home'),
                     headers=headers)