Skip to content

Commit

Permalink
Version 2.1.0, add DEFAULT_NEXT_URL
Browse files Browse the repository at this point in the history
  • Loading branch information
fang.li committed Apr 13, 2017
1 parent b83d379 commit 2107e3b
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 6 deletions.
9 changes: 8 additions & 1 deletion README.rst
Original file line number Diff line number Diff line change
Expand Up @@ -96,9 +96,13 @@ How to use?
url(r'^saml2_auth/', include('django_saml2_auth.urls')),
# The following line will replace the default user login with SAML2 (optional)
# If you want to specific the after-login-redirect-URL, use parameter "?next=/the/path/you/want"
# with this view.
url(r'^accounts/login/$', django_saml2_auth.views.signin),
# The following line will replace the admin login with SAML2 (optional)
# If you want to specific the after-login-redirect-URL, use parameter "?next=/the/path/you/want"
# with this view.
url(r'^admin/login/$', django_saml2_auth.views.signin),
#. Add 'django_saml2_auth' to INSTALLED_APPS
Expand All @@ -122,7 +126,8 @@ How to use?
# Required setting
'METADATA_AUTO_CONF_URL': '[The auto(dynamic) metadata configuration URL of SAML2]',
# Optional settings
# Optional settings below
'DEFAULT_NEXT_URL': '/admin', # Custom target redirect URL after the user get logged in. Default to /admin if not set. This setting will be overwritten if you have parameter ?next= specificed in the login URL.
'NEW_USER_PROFILE': {
'USER_GROUPS': [], # The default group name when a new user logs in
'ACTIVE_STATUS': True, # The default active status for new users
Expand Down Expand Up @@ -232,6 +237,8 @@ How to Contribute
Release Log
===========

2.1.0: Add DEFAULT_NEXT_URL. Issue #19.

2.0.4: Fixed compatibility with Windows.

2.0.3: Fixed a vulnerabilities in the login flow, thanks qwrrty.
Expand Down
8 changes: 4 additions & 4 deletions django_saml2_auth/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,7 @@ def welcome(r):
try:
return render(r, 'django_saml2_auth/welcome.html', {'user': r.user})
except TemplateDoesNotExist:
return HttpResponseRedirect(get_reverse('admin:index'))
return HttpResponseRedirect(settings.SAML2_AUTH.get('DEFAULT_NEXT_URL', get_reverse('admin:index')))


def denied(r):
Expand All @@ -119,7 +119,7 @@ def _create_new_user(username, email, firstname, lastname):
def acs(r):
saml_client = _get_saml_client(get_current_domain(r))
resp = r.POST.get('SAMLResponse', None)
next_url = r.session.get('login_next_url', get_reverse('admin:index'))
next_url = r.session.get('login_next_url', settings.SAML2_AUTH.get('DEFAULT_NEXT_URL', get_reverse('admin:index')))

if not resp:
return HttpResponseRedirect(get_reverse([denied, 'denied', 'django_saml2_auth:denied']))
Expand Down Expand Up @@ -175,13 +175,13 @@ def signin(r):
except:
import urllib.parse as _urlparse
from urllib.parse import unquote
next_url = r.GET.get('next', get_reverse('admin:index'))
next_url = r.GET.get('next', settings.SAML2_AUTH.get('DEFAULT_NEXT_URL', get_reverse('admin:index')))

try:
if 'next=' in unquote(next_url):
next_url = _urlparse.parse_qs(_urlparse.urlparse(unquote(next_url)).query)['next'][0]
except:
next_url = r.GET.get('next', get_reverse('admin:index'))
next_url = r.GET.get('next', settings.SAML2_AUTH.get('DEFAULT_NEXT_URL', get_reverse('admin:index')))

# Only permit signin requests where the next_url is a safe URL
if not is_safe_url(next_url):
Expand Down
2 changes: 1 addition & 1 deletion setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
setup(
name='django_saml2_auth',

version='2.0.4',
version='2.1.0',

description='Django SAML2 Authentication Made Easy. Easily integrate with SAML2 SSO identity providers like Okta',
long_description=long_description,
Expand Down

0 comments on commit 2107e3b

Please sign in to comment.