diff options
Diffstat (limited to 'openstack_auth/forms.py')
| -rw-r--r-- | openstack_auth/forms.py | 155 |
1 files changed, 0 insertions, 155 deletions
diff --git a/openstack_auth/forms.py b/openstack_auth/forms.py deleted file mode 100644 index 107fb19..0000000 --- a/openstack_auth/forms.py +++ /dev/null @@ -1,155 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -import collections -import logging - -from django.conf import settings -from django.contrib.auth import authenticate -from django.contrib.auth import forms as django_auth_forms -from django import forms -from django.utils.translation import ugettext_lazy as _ -from django.views.decorators.debug import sensitive_variables - -from openstack_auth import exceptions -from openstack_auth import utils - - -LOG = logging.getLogger(__name__) - - -class Login(django_auth_forms.AuthenticationForm): - """Form used for logging in a user. - - Handles authentication with Keystone by providing the domain name, username - and password. A scoped token is fetched after successful authentication. - - A domain name is required if authenticating with Keystone V3 running - multi-domain configuration. - - If the user authenticated has a default project set, the token will be - automatically scoped to their default project. - - If the user authenticated has no default project set, the authentication - backend will try to scope to the projects returned from the user's assigned - projects. The first successful project scoped will be returned. - - Inherits from the base ``django.contrib.auth.forms.AuthenticationForm`` - class for added security features. - """ - use_required_attribute = False - region = forms.ChoiceField(label=_("Region"), required=False) - username = forms.CharField( - label=_("User Name"), - widget=forms.TextInput(attrs={"autofocus": "autofocus"})) - password = forms.CharField(label=_("Password"), - widget=forms.PasswordInput(render_value=False)) - - def __init__(self, *args, **kwargs): - super(Login, self).__init__(*args, **kwargs) - fields_ordering = ['username', 'password', 'region'] - if getattr(settings, - 'OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT', - False): - last_domain = self.request.COOKIES.get('login_domain', None) - if getattr(settings, - 'OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN', - False): - self.fields['domain'] = forms.ChoiceField( - label=_("Domain"), - initial=last_domain, - required=True, - choices=getattr(settings, - 'OPENSTACK_KEYSTONE_DOMAIN_CHOICES', - ())) - else: - self.fields['domain'] = forms.CharField( - initial=last_domain, - label=_("Domain"), - required=True, - widget=forms.TextInput(attrs={"autofocus": "autofocus"})) - self.fields['username'].widget = forms.widgets.TextInput() - fields_ordering = ['domain', 'username', 'password', 'region'] - self.fields['region'].choices = self.get_region_choices() - if len(self.fields['region'].choices) == 1: - self.fields['region'].initial = self.fields['region'].choices[0][0] - self.fields['region'].widget = forms.widgets.HiddenInput() - elif len(self.fields['region'].choices) > 1: - self.fields['region'].initial = self.request.COOKIES.get( - 'login_region') - - # if websso is enabled and keystone version supported - # prepend the websso_choices select input to the form - if utils.is_websso_enabled(): - initial = getattr(settings, 'WEBSSO_INITIAL_CHOICE', 'credentials') - self.fields['auth_type'] = forms.ChoiceField( - label=_("Authenticate using"), - choices=getattr(settings, 'WEBSSO_CHOICES', ()), - required=False, - initial=initial) - # add auth_type to the top of the list - fields_ordering.insert(0, 'auth_type') - - # websso is enabled, but keystone version is not supported - elif getattr(settings, 'WEBSSO_ENABLED', False): - msg = ("Websso is enabled but horizon is not configured to work " + - "with keystone version 3 or above.") - LOG.warning(msg) - self.fields = collections.OrderedDict( - (key, self.fields[key]) for key in fields_ordering) - - @staticmethod - def get_region_choices(): - default_region = (settings.OPENSTACK_KEYSTONE_URL, "Default Region") - regions = getattr(settings, 'AVAILABLE_REGIONS', []) - if not regions: - regions = [default_region] - return regions - - @sensitive_variables() - def clean(self): - default_domain = getattr(settings, - 'OPENSTACK_KEYSTONE_DEFAULT_DOMAIN', - 'Default') - username = self.cleaned_data.get('username') - password = self.cleaned_data.get('password') - region = self.cleaned_data.get('region') - domain = self.cleaned_data.get('domain', default_domain) - - if not (username and password): - # Don't authenticate, just let the other validators handle it. - return self.cleaned_data - - try: - self.user_cache = authenticate(request=self.request, - username=username, - password=password, - user_domain_name=domain, - auth_url=region) - msg = 'Login successful for user "%(username)s", remote address '\ - '%(remote_ip)s.' % { - 'username': username, - 'remote_ip': utils.get_client_ip(self.request) - } - LOG.info(msg) - except exceptions.KeystoneAuthException as exc: - msg = 'Login failed for user "%(username)s", remote address '\ - '%(remote_ip)s.' % { - 'username': username, - 'remote_ip': utils.get_client_ip(self.request) - } - LOG.warning(msg) - raise forms.ValidationError(exc) - if hasattr(self, 'check_for_test_cookie'): # Dropped in django 1.7 - self.check_for_test_cookie() - return self.cleaned_data |