1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
from cas import CASClient
from tornado import gen
from tornado import web
from opnfv_testapi.common import constants
from opnfv_testapi.common.config import CONF
from opnfv_testapi.db import api as dbapi
from opnfv_testapi.handlers import base_handlers
class SignBaseHandler(base_handlers.GenericApiHandler):
def __init__(self, application, request, **kwargs):
super(SignBaseHandler, self).__init__(application, request, **kwargs)
self.table = 'users'
self.cas_client = CASClient(version='2',
server_url=CONF.lfid_cas_url,
service_url='{}/{}'.format(
CONF.ui_url,
CONF.lfid_signin_return))
class SigninHandler(SignBaseHandler):
def get(self):
self.redirect(url=(self.cas_client.get_login_url()))
class SigninReturnHandler(SignBaseHandler):
@web.asynchronous
@gen.coroutine
def get(self):
ticket = self.get_query_argument('ticket', default=None)
if ticket:
(user, attrs, _) = self.cas_client.verify_ticket(ticket=ticket)
login_user = {
'user': user,
'email': attrs.get('mail'),
'fullname': attrs.get('field_lf_full_name'),
'groups': constants.TESTAPI_USERS + attrs.get('group', [])
}
q_user = {'user': user}
db_user = yield dbapi.db_find_one(self.table, q_user)
if not db_user:
dbapi.db_save(self.table, login_user)
else:
dbapi.db_update(self.table, q_user, login_user)
self.clear_cookie(constants.TESTAPI_ID)
self.set_secure_cookie(constants.TESTAPI_ID, user)
self.redirect(url=CONF.ui_url)
class SignoutHandler(SignBaseHandler):
def get(self):
"""Handle signout request."""
self.clear_cookie(constants.TESTAPI_ID)
logout_url = self.cas_client.get_logout_url(redirect_url=CONF.ui_url)
self.redirect(url=logout_url)
|
