From d65b4c71f15d04115d2718cae5bee154b2d7d3db Mon Sep 17 00:00:00 2001 From: Mike Olund Date: Sun, 19 Feb 2017 17:16:21 -0800 Subject: [PATCH] Created a fake BCEID login screen for use in localdev environments --- edivorce/apps/core/decorators.py | 25 +++ edivorce/apps/core/middleware/__init__.py | 0 .../apps/core/middleware/bceid_middleware.py | 47 ++++++ .../apps/core/templates/localdev/bceid.html | 154 ++++++++++++++++++ edivorce/apps/core/views/localdev.py | 25 +++ 5 files changed, 251 insertions(+) create mode 100644 edivorce/apps/core/decorators.py create mode 100644 edivorce/apps/core/middleware/__init__.py create mode 100644 edivorce/apps/core/middleware/bceid_middleware.py create mode 100644 edivorce/apps/core/templates/localdev/bceid.html create mode 100644 edivorce/apps/core/views/localdev.py diff --git a/edivorce/apps/core/decorators.py b/edivorce/apps/core/decorators.py new file mode 100644 index 00000000..d74fb410 --- /dev/null +++ b/edivorce/apps/core/decorators.py @@ -0,0 +1,25 @@ +from django.conf import settings +from django.shortcuts import redirect + + +def bceid_required(function=None): + """ View decorator to check if the user is logged in to BCEID """ + """ This decorator has a dependency on bceid_middleware.py """ + + def _dec(view_func): + def _view(request, *args, **kwargs): + if not request.bceid_user.is_authenticated: + return redirect(settings.FORCE_SCRIPT_NAME + '/login') + else: + return view_func(request, *args, **kwargs) + + _view.__name__ = view_func.__name__ + _view.__dict__ = view_func.__dict__ + _view.__doc__ = view_func.__doc__ + + return _view + + if function is None: + return _dec + else: + return _dec(function) diff --git a/edivorce/apps/core/middleware/__init__.py b/edivorce/apps/core/middleware/__init__.py new file mode 100644 index 00000000..e69de29b diff --git a/edivorce/apps/core/middleware/bceid_middleware.py b/edivorce/apps/core/middleware/bceid_middleware.py new file mode 100644 index 00000000..a22a9b2d --- /dev/null +++ b/edivorce/apps/core/middleware/bceid_middleware.py @@ -0,0 +1,47 @@ +import uuid + + +class BceidUser(object): + def __init__(self, guid, first_name, last_name, type, is_authenticated): + self.guid = guid + self.first_name = first_name + self.last_name = last_name + self.type = type + self.is_authenticated = is_authenticated + + +class BceidMiddleware(object): + def process_request(self, request): + # todo: Make sure the request is coming from the justice proxy (via IP/host check) + + # 1. Real BCeID user + + # todo: parse the siteminder headers and stick them into a dictionary request.bceid_user + + if request.session.get('fake-bceid-guid', False): + + # 2. Fake BCeID user + request.bceid_user = BceidUser( + guid=request.session.get('fake-bceid-guid', ''), + is_authenticated=True, + type='FAKE', + first_name='Kelly', + last_name='Bundy' + ) + else: + + # 3. Anonymous User + + if request.session.get('anon-guid', False): + request.session['anon-guid'] = uuid.uuid4().urn[9:] + + request.bceid_user = BceidUser( + guid=request.session.get('anon-guid'), + is_authenticated=False, + type='ANONYMOUS', + first_name='', + last_name='' + ) + + def process_response(self, request, response): + return response diff --git a/edivorce/apps/core/templates/localdev/bceid.html b/edivorce/apps/core/templates/localdev/bceid.html new file mode 100644 index 00000000..4d2a44e0 --- /dev/null +++ b/edivorce/apps/core/templates/localdev/bceid.html @@ -0,0 +1,154 @@ + + + + Government of British Columbia + + + + + + + CLP + + + + + + + + + + + + + + + + + + + + + +
+
+
+
+
Log in to justice.gov.bc.ca/divorce
+
+
+ +
+
+
+ +
+
+
+ + +
+ + + + + + + + + + + + + + + + + + diff --git a/edivorce/apps/core/views/localdev.py b/edivorce/apps/core/views/localdev.py new file mode 100644 index 00000000..57d4be2a --- /dev/null +++ b/edivorce/apps/core/views/localdev.py @@ -0,0 +1,25 @@ +import uuid +import binascii +from encodings.utf_8 import decode +from django.conf import settings +from django.shortcuts import render, redirect +from django.views.decorators.csrf import csrf_exempt + + +@csrf_exempt +def bceid(request): + """ fake bceid login for developer workstation environment """ + if request.method == "POST": + login_name = request.POST.get('user', '') + + # convert the login name to a guid + hex_name = decode(binascii.hexlify(str.encode(login_name)))[0] + fake_guid = uuid.UUID(hex_name.rjust(32, '0')).urn[9:] + + # save the guid in a session variable + request.session['fake-bceid-guid'] = fake_guid + + return redirect(settings.FORCE_SCRIPT_NAME + '/login') + + else: + return render(request, 'localdev/bceid.html')