Commit 5a306216 authored by Štěpán Henek's avatar Štěpán Henek 🐻
Browse files

storing 'next page' into session fix (it can be set via MOJEID_SESSION_NEXT_PAGE_ATTR)

parent 2e199de9
......@@ -7,6 +7,7 @@ from django.core.exceptions import ImproperlyConfigured
MOJEID_LOGIN_METHOD = "ANY"
MOJEID_INSTANCE_PRODUCTION = False
MOJEID_MAX_AUTH_AGE = None
MOJEID_SESSION_NEXT_PAGE_ATTR = 'mojeid_next_page'
class Settings(object):
def __getattr__(self, name):
......
......@@ -129,8 +129,8 @@ def render_failure(request, error, template_name='openid/failure.html'):
def login_begin(request, attribute_set='default'):
"""Begin an MojeID login request."""
if 'next_page' in request.session:
del request.session['next_page']
if mojeid_settings.MOJEID_SESSION_NEXT_PAGE_ATTR in request.session:
del request.session[mojeid_settings.MOJEID_SESSION_NEXT_PAGE_ATTR]
# create consumer, start login process
consumer = MojeIDConsumer(DjangoOpenIDStore())
......@@ -170,7 +170,7 @@ def login_begin(request, attribute_set='default'):
# get 'next page' and save it to the session
redirect_to = sanitise_redirect_url(OpenIDBackend.get_redirect_to(request))
if redirect_to:
request.session['next_page'] = redirect_to
request.session[mojeid_settings.MOJEID_SESSION_NEXT_PAGE_ATTR] = redirect_to
# Realm should be always something like 'https://example.org/openid/'
realm = getattr(settings, 'MOJEID_REALM', None)
......@@ -224,12 +224,13 @@ def registration(request, attribute_set='default',
@csrf_exempt
def login_complete(request):
# Get addres where to redirect after the login
redirect_to = sanitise_redirect_url(request.session.get('next_page'))
redirect_to = sanitise_redirect_url(
request.session.get(mojeid_settings.MOJEID_SESSION_NEXT_PAGE_ATTR))
attribute_set = request.session.get(SESSION_ATTR_SET_KEY, 'default')
# clean the session
if 'next_page' in request.session:
del request.session['next_page']
if mojeid_settings.MOJEID_SESSION_NEXT_PAGE_ATTR in request.session:
del request.session[mojeid_settings.MOJEID_SESSION_NEXT_PAGE_ATTR]
if SESSION_ATTR_SET_KEY in request.session:
del request.session[SESSION_ATTR_SET_KEY]
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment