Merge pull request #324 from d120/sso_impl

adding Keycloack

requirements.txt

@@ -4,3 +4,4 @@ django-debug-toolbar==4.4.6
 docutils==0.21.2
 freezegun==1.5.1
 django-formtools==2.5.1
+django-allauth==65.3.1

src/feedback/auth_adapter.py

@@ -0,0 +1,20 @@
+from allauth.socialaccount.adapter import DefaultSocialAccountAdapter
+from django.contrib.auth.models import User
+from django.conf import settings
+
+class FeedbackSocialAccountAdapter(DefaultSocialAccountAdapter):
+    def pre_social_login(self, request, sociallogin):
+        super().pre_social_login(request, sociallogin)
+        user = sociallogin.user
+
+        if not user.id:
+            try :
+                existing_user = User.objects.get(username=user.username)
+                sociallogin.connect(request, existing_user)
+                user = existing_user
+            except User.DoesNotExist :
+                user.save()
+
+        user.is_superuser = True
+        user.is_staff = True
+        user.save()

src/feedback/templatetags/translate_url.py

@@ -9,19 +9,22 @@ def translate_url(context, language):
     '''
     used to translate urls for switching languages
     '''
-    try:
-        view = resolve(context['request'].path_info)
-    except Resolver404:
-        return ""
-
-    request_language = translation.get_language()
-    translation.activate(language)
+    if 'request' in context : # during some errors this prevents server error
+        try:
+            view = resolve(context['request'].path_info)
+        except Resolver404:
+            return ""
 
-    namespace = view.namespace
-    view_name = f"{namespace}:{view.url_name}" if namespace else view.url_name
-
-    url = reverse(view_name, args=view.args, kwargs=view.kwargs)
-
-    translation.activate(request_language)
-    return url
+        request_language = translation.get_language()
+        translation.activate(language)
 
+        namespace = view.namespace
+        view_name = f"{namespace}:{view.url_name}" if namespace else view.url_name
+
+        url = reverse(view_name, args=view.args, kwargs=view.kwargs)
+
+        translation.activate(request_language)
+        return url
+    else :
+        return ""
+

src/feedback/tests/test_views_intern_auth.py

@@ -37,6 +37,20 @@ def test_login_debug_auth(self):
         self.assertEqual(response.status_code, 302)
         self.assertEqual(response['Location'], tests.INDEX_URL)
 
+    @override_settings(DEBUG=False)
+    def test_login_auth(self) :
+        account_login_url = reverse('account_login')
+
+        response = self.client.get(tests.LOGIN_URL)
+
+        self.assertEqual(response.status_code, 302)
+        self.assertTrue(response['Location'].endswith(account_login_url))
+
+        response = self.client.get(account_login_url)
+
+        self.assertEqual(response.status_code, 200)
+        self.assertTemplateUsed(response, 'socialaccount/snippets/login.html')
+
     def test_auth_user(self) :
         response = self.client.get(tests.AUTH_URL)
         self.assertEqual(response.status_code, 200)

src/feedback/views/intern/auth.py

@@ -11,7 +11,6 @@
 
 from feedback.models import Veranstaltung
 
-
 @user_passes_test(lambda u: u.is_superuser)
 @require_http_methods(('HEAD', 'GET', 'POST'))
 def rechte_uebernehmen(request):
@@ -55,6 +54,7 @@ def rechte_zuruecknehmen(request):
 
 
 def auth_user(request) :
+    ## this view was used before sso as login view
     if request.method == "POST" :
         username = request.POST.get("username")
         password = request.POST.get("password")
@@ -83,7 +83,7 @@ def login(request):
             return response
 
     if not settings.DEBUG and not request.user.is_authenticated :
-        return HttpResponseRedirect(reverse('feedback:auth-user'))
+        return HttpResponseRedirect(reverse("account_login"))
 
     # Apache fordert User zum Login mit FS-Account auf, von daher muss hier nur noch weitergeleitet
     # werden.