[FIX] (bug 1570) /login => /auth with better next_page handling

fd9b53a3 · Romain Loth · 8099d381 · fd9b53a3 · fd9b53a3 · fd9b53a3
Commit fd9b53a3 authored Jan 25, 2016 by Romain Loth
6 changed files
--- a/gargantext_web/corpus_views.py
+++ b/gargantext_web/corpus_views.py
@@ -58,7 +58,7 @@ from ngram.lists import listIds, listNgramIds, ngramList , doList
 def test_page(request , project_id , corpus_id):

    if not request.user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)

    try:
        offset = int(project_id)
@@ -96,7 +96,7 @@ def test_page(request , project_id , corpus_id):

 def get_ngrams(request , project_id , corpus_id ):
    if not request.user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)

    try:
        offset = int(project_id)
@@ -170,7 +170,7 @@ def test_test(request , corpus_id , doc_id):
 def get_journals(request , project_id , corpus_id ):

    if not request.user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)

    try:
        offset = int(project_id)

--- a/gargantext_web/views.py
+++ b/gargantext_web/views.py
@@ -51,9 +51,23 @@ from gargantext_web.db import session, cache, NodeNgram, NodeNgramNgram
 def login_user(request):
    logout(request)
    username = password = ''
-    print(request)
-    if request.POST:
+
+    next_page = ""
+
+    if request.GET:
+        # if for exemple: auth/?next=/project/5/corpus/554/document/556/
+        #   => we'll forward ?next="..." into template with form
+        additional_context = {'next_page':request.GET['next']}
+
+        return render_to_response('authentication.html', 
+                            additional_context,
+                            context_instance=RequestContext(request)
+                            )
+
+    elif request.POST:
        username = request.POST['username']
+        
+        # /!\ pass is sent clear in POST data
        password = request.POST['password']

        user = authenticate(username=username, password=password)
@@ -61,8 +75,13 @@ def login_user(request):

            if user.is_active:
                login(request, user)
-                return HttpResponseRedirect('/projects/')
-    return render_to_response('authentication.html', context_instance=RequestContext(request))
+
+                # if "next" forwarded from the GET via the template form
+                next_page = request.POST['the_next_page']
+                if next_page:
+                    return HttpResponseRedirect(next_page)
+                else:
+                    return HttpResponseRedirect('/projects/')

 def logout_user(request):
    logout(request)
@@ -297,7 +316,7 @@ def update_nodes(request, project_id, corpus_id, view=None):
    '''
    
    if not request.user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)

    try:
        offset = int(project_id)
@@ -360,7 +379,7 @@ def update_nodes(request, project_id, corpus_id, view=None):
 def corpus(request, project_id, corpus_id):
    
    if not request.user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)

    try:
        offset = int(project_id)
@@ -488,7 +507,7 @@ def move_to_trash_multiple(request):
    user = request.user
    
    if not user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)

    results = ["operation","failed"]

@@ -516,7 +535,7 @@ def delete_node(request, node_id):
    node = session.query(Node).filter(Node.id == node_id).first()

    if not user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)
    if node.user_id != user.id:
        return HttpResponseForbidden()


--- a/gargantext_web/views_optimized.py
+++ b/gargantext_web/views_optimized.py
@@ -52,7 +52,7 @@ def project(request, project_id):
    # do we have a valid user?
    user = request.user
    if not user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)
    if project.user_id != user.id:
        in_group = """ SELECT user_parent FROM node_user_user WHERE user_id=%d""" % ( int(user.id)  )
        cursor = connection.cursor()

--- a/scrappers/scrap_pubmed/views.py
+++ b/scrappers/scrap_pubmed/views.py
@@ -104,7 +104,7 @@ def doTheQuery(request , project_id):
 	# do we have a valid user?
 	user = request.user
 	if not user.is_authenticated():
-		return redirect('/login/?next=%s' % request.path)
+		return redirect('/auth/?next=%s' % request.path)
 	if project.user_id != user.id:
 		return HttpResponseForbidden()

@@ -208,7 +208,7 @@ def testISTEX(request , project_id):
 	# do we have a valid user?
 	user = request.user
 	if not user.is_authenticated():
-		return redirect('/login/?next=%s' % request.path)
+		return redirect('/auth/?next=%s' % request.path)
 	if project.user_id != user.id:
 		return HttpResponseForbidden()


--- a/templates/authentication.html
+++ b/templates/authentication.html
@@ -62,8 +62,8 @@
                                    <div id="login">
                                        <form class="form-horizontal" name="LoginForm" action="/auth/" method="post">
                                        {% csrf_token %}
-                                        {% if next %}
-                                            <input type="hidden" name="next" value="{{ next }}" />
+                                        {% if next_page %}
+                                            <input type="hidden" name="the_next_page" value="{{ next_page }}" />
                                        {% endif %}
                                        <div class="grp-row">
                                            <label class="control-label" for="username">Username</label>
@@ -102,4 +102,4 @@
        })(grp.jQuery);
    </script>
 </body>
-</html>
\ No newline at end of file
+</html>
--- a/tests/ngramstable/views.py
+++ b/tests/ngramstable/views.py
@@ -50,7 +50,7 @@ from rest_v1_0.api import JsonHttpResponse

 def get_ngrams(request , project_id , corpus_id ):
    if not request.user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)

    try:
        offset = int(project_id)
@@ -108,7 +108,7 @@ def get_ngrams(request , project_id , corpus_id ):
 def get_journals(request , project_id , corpus_id ):

    if not request.user.is_authenticated():
-        return redirect('/login/?next=%s' % request.path)
+        return redirect('/auth/?next=%s' % request.path)

    try:
        offset = int(project_id)