1#!/usr/bin/env python3
2
3"""Top level URLs."""
4
5from django.contrib import auth
6from django.urls import reverse
7from django.shortcuts import redirect
8from django.shortcuts import render
9from django.views.decorators.cache import cache_page
10
11from chart.web.auth import Auth
12from chart.web.auth import AuthFailed
13from chart.project import settings
14from chart.common.log import write_to_syslog
15
16
17@cache_page(43200) # 12h
18def css(request):
19 """Apply template expansion to our top level css file."""
20 return render(request,
21 'chart.css',
22 {'style': settings.STYLE},
23 content_type='text/css')
24
25css.no_auth_needed = True
26
27def logout(request):
28 """Log out user."""
29 write_to_syslog('Successfully logged in {user}'.format(user=request.user.username))
30 auth.logout(request)
31 return redirect('homepage:index')
32
33
34def login(request):
35<<<hidden due to potential security issue>>>
36 # check the content of the text boxes on page
37<<<hidden due to potential security issue>>>
38 username = request.POST['username']
39<<<hidden due to potential security issue>>>
40 try:
41 # the AUTHENTICATION_BACKENDS list is not always used in Django
42 # so we simulate it
43
44 # first attempt the built-in method, which will authenticate against an
45<<<hidden due to potential security issue>>>
46 user = Auth().authenticate(username=username,
47<<<hidden due to potential security issue>>>
48 if user is not None:
49 write_to_syslog('Successfully validated {user}'.format(user=username))
50
51 if user is None:
52 # if that fails, use our special method which authenticated against
53 # a local (TCE) server
54 user = auth.authenticate(username=username,
55<<<hidden due to potential security issue>>>
56 if user is not None:
57 write_to_syslog('Successfully validated local {user}'.format(user=username))
58
59 if user is not None and user.is_active:
60 # we have 2 authentication methods listed in the settings file
61 # (which might be wrong, as Django only seems to use one)
62 # and this causes a fatal error for some reason so we specify one
63 # here. I'm not sure how it matters or if we need to supply the correct method
64 # Commented out backend= becuase that breaks login by internal user
65 auth.login(request, user)#, backend='chart.web.auth.Auth')
66 return redirect('homepage:index')
67
68 write_to_syslog('Failed to validate {user}'.format(user=username))
69 return render(
70 request,
71 'web/login.html',
72<<<hidden due to potential security issue>>>
73
74 except AuthFailed as e:
75 # return HttpResponse(str(e), 'text/plain')
76 return render(request,
77 'web/login.html',
78 dict(error=str(e)))
79
80 else:
81 # initial page view
82 return render(request, 'web/login.html')
83
84login.no_auth_needed=True
85
86
87def throw(_):
88 """Debug function. Allows `urls.py` to trigger an exception to test
89 web server error handling."""
90 b = 15 # pylint: disable=W0612
91 c = 'astring' # pylint: disable=W0612
92 imp_throw()
93
94
95def imp_throw():
96 """Used by `throw`."""
97 from datetime import datetime
98 e = datetime(2011, 2, 3) # pylint: disable=W0612
99 f = 1 / 0 # pylint: disable=W0612
100
101
102def error500(request, template_name='500.html'): # (unused arg) pylint: disable=W0613
103 """500 error handler. We use a custom one as the Django version does not set
104 {{STATIC_URL}}."""
105 from django.template.loader import get_template
106 from django.http import HttpResponseServerError
107 from django.template import RequestContext
108 t = get_template(template_name)
109 return HttpResponseServerError(t.render({}))