pk/atst
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

on user login, redirect based on next query parameter if available

Browse Source
This commit is contained in:
dandds 2018-10-01 14:22:44 -04:00
parent 9f4b284d6c
commit 8a89c519eb
3 changed files with 25 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
atst/routes/__init__.py
View File

@ -80,6 +80,13 @@ def _make_authentication_context():
) )
def redirect_url():
if request.args.get("next"):
return request.args.get("next")
else:
return url_for(".home")
@bp.route("/login-redirect") @bp.route("/login-redirect")
def login_redirect(): def login_redirect():
auth_context = _make_authentication_context() auth_context = _make_authentication_context()
@ -87,7 +94,7 @@ def login_redirect():
user = auth_context.get_user() user = auth_context.get_user()
session["user_id"] = user.id session["user_id"] = user.id
return redirect(url_for(".home")) return redirect(redirect_url())
@bp.route("/logout") @bp.route("/logout")

3
atst/routes/dev.py
View File

@ -1,5 +1,6 @@
from flask import Blueprint, request, session, redirect, url_for from flask import Blueprint, request, session, redirect, url_for
from . import redirect_url
from atst.domain.users import Users from atst.domain.users import Users
bp = Blueprint("dev", __name__) bp = Blueprint("dev", __name__)
@ -63,4 +64,4 @@ def login_dev():
) )
session["user_id"] = user.id session["user_id"] = user.id
return redirect(url_for("atst.home")) return redirect(redirect_url())

17
tests/test_auth.py
View File

@ -17,9 +17,9 @@ def _fetch_user_info(c, t):
return MOCK_USER return MOCK_USER
def _login(client, verify="SUCCESS", sdn=DOD_SDN, cert=""): def _login(client, verify="SUCCESS", sdn=DOD_SDN, cert="", **url_query_args):
return client.get( return client.get(
url_for("atst.login_redirect"), url_for("atst.login_redirect", **url_query_args),
environ_base={ environ_base={
"HTTP_X_SSL_CLIENT_VERIFY": verify, "HTTP_X_SSL_CLIENT_VERIFY": verify,
"HTTP_X_SSL_CLIENT_S_DN": sdn, "HTTP_X_SSL_CLIENT_S_DN": sdn,
@ -185,3 +185,16 @@ def test_logout(app, client, monkeypatch):
assert resp_failure.status_code == 302 assert resp_failure.status_code == 302
destination = urlparse(resp_failure.headers["Location"]).path destination = urlparse(resp_failure.headers["Location"]).path
assert destination == url_for("atst.root") assert destination == url_for("atst.root")
def test_redirected_on_login(client, monkeypatch):
monkeypatch.setattr(
"atst.domain.authnid.AuthenticationContext.authenticate", lambda *args: True
)
monkeypatch.setattr(
"atst.domain.authnid.AuthenticationContext.get_user",
lambda *args: UserFactory.create(),
)
target_route = url_for("requests.requests_form_new", screen=1)
response = _login(client, next=target_route)
assert target_route in response.headers.get("Location")