This adds a file 'utils.py' to simplify templating.

Functions exist to create headers that include javascript files, and create javascript functions for login and registration. There are also functions that create login and registration forms. These functions don't necessarily account for everything a web developer might want to do, but it should simplify things for most developers and provide guidelines for developers who want to build on top of this functionality. Views.py now builds the login and register pages based on these functions. The register page now uses the login.html template, and the register.html template should be deleted in the next release.
author: ausiv4 <ausiv4@eb105b4a-77de-11de-a249-6bf219df57d5> 2009-08-15 23:15:31 +0000
committer: ausiv4 <ausiv4@eb105b4a-77de-11de-a249-6bf219df57d5> 2009-08-15 23:15:31 +0000
commit: 53dcb038bd5637bee2ee68fb380920b2b0d9febb (patch)
tree: 7add126609f8cca823a0621d118575fb2d1b558a /django/srpproject/srp/views.py
parent: 233850bb437c8dd666ee6594076a903e530a4ab9 (diff)
1 files changed, 16 insertions, 7 deletions
diff --git a/django/srpproject/srp/views.py b/django/srpproject/srp/views.py
index cde4e5a..74209e5 100644
--- a/django/srpproject/srp/views.py
+++ b/django/srpproject/srp/views.py
@@ -1,5 +1,3 @@
-# Create your views here.
-
 from django.http import HttpResponse, HttpResponseRedirect
 
 from django.contrib.auth.models import User
@@ -44,16 +42,21 @@ def generate_verifier(salt, username, password):
     
 def login_page(request):
     from django.shortcuts import render_to_response
+    import util
     return render_to_response('login.html', \
         {'error': "Invalid username or password" if "error" in request.GET and request.GET["error"] == '1' and not request.user.is_authenticated() else "",\
-        'static_files': "http://%s/srp-test/javascript" % request.get_host(), \
-        'srp_url': "http://%s/srp/" % request.get_host()})
+        'jsHeader': util.loginHeader("http://%s/srp-test/javascript" % request.get_host()),\
+        'loginForm': util.loginForm("http://%s/srp/" % request.get_host(), "http://google.com"),\
+        'loginFunction': util.loginFunction() })
 
 def register_page(request):
     from django.shortcuts import render_to_response
-    return render_to_response('register.html',\
-        {'static_files': "http://%s/srp-test/javascript" % request.get_host(),\
-         'srp_url': "http://%s/srp/" % request.get_host()})
+    import util
+    return render_to_response('login.html', \
+        {'error': "Invalid username or password" if "error" in request.GET and request.GET["error"] == '1' and not request.user.is_authenticated() else "",\
+        'jsHeader': util.registerHeader("http://%s/srp-test/javascript" % request.get_host()),\
+        'loginForm': util.registerForm("http://%s/srp/" % request.get_host(), "http://google.com"),\
+        'loginFunction': util.registerFunction() })
 
 ###
 ### User Registration
@@ -190,6 +193,8 @@ def no_javascript(request):
     try:
         user = User.objects.get(username=request.POST["srp_username"])
         try:
+            # Create a verifier for the user, and check that it matches the user's verifier
+            # Since we're doing it all on one side, we can skip the rest of the protocol
             v = generate_verifier(user.srpuser.salt, request.POST["srp_username"], request.POST["srp_password"])
             user = authenticate(username=request.POST["srp_username"], M=(user.srpuser.verifier, v))
             if user:
@@ -199,6 +204,8 @@ def no_javascript(request):
                 else:
                     return HttpResponseRedirect("%s%s" % (request.META["HTTP_REFERER"], request.POST["srp_forward"]))
         except SRPUser.DoesNotExist:
+            # The user exists in the auth table, but not the SRP table
+            # Create an SRP version of the user
             if user.check_password(request.POST["srp_password"]):
                 srpuser = SRPUser()
                 srpuser.__dict__.update(user.__dict__)
@@ -211,6 +218,8 @@ def no_javascript(request):
                 else:
                     return HttpResponseRedirect("%s%s" % (request.META["HTTP_REFERER"], request.POST["srp_forward"]))
     except User.DoesNotExist:
+        # The user does not exist in the auth tables
+        # Send the client back to the login page with an error
         pass
     if "?" in request.META["HTTP_REFERER"]:
         if "error=1" in request.META["HTTP_REFERER"]:
author	ausiv4 <ausiv4@eb105b4a-77de-11de-a249-6bf219df57d5>	2009-08-15 23:15:31 +0000
committer	ausiv4 <ausiv4@eb105b4a-77de-11de-a249-6bf219df57d5>	2009-08-15 23:15:31 +0000
commit	53dcb038bd5637bee2ee68fb380920b2b0d9febb (patch)
tree	7add126609f8cca823a0621d118575fb2d1b558a /django/srpproject/srp/views.py
parent	233850bb437c8dd666ee6594076a903e530a4ab9 (diff)