Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

remote_billing: Redirect via next_page param in legacy server flow. 

Analogical to 1df8e00d7c which implemented
this for the RemoteRealm auth flow.
Except here we don't need to add next_page to the IdentityDict
(LegacyServerIdentityDict in this flow), because the redirect happens
immediately at remote_billing_legacy_server_login upon login - so no
need to have a structure to carry the info through intermediate steps.
This commit is contained in:
Mateusz Mandera 2023-12-03 02:16:14 +01:00 committed by Tim Abbott
parent 3d6863b5b9
commit 44ac99b8fc
2 changed files with 25 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
corporate/views/remote_billing_page.py
View File

@ -1,5 +1,5 @@
import logging
from typing import Literal, Optional
from typing import Any, Dict, Literal, Optional
from django.conf import settings
from django.core import signing
@ -233,44 +233,31 @@ def remote_billing_legacy_server_login(
*,
server_org_id: Optional[str] = None,
server_org_secret: Optional[str] = None,
next_page: VALID_NEXT_PAGES_TYPE = None,
) -> HttpResponse:
context: Dict[str, Any] = {"next_page": next_page}
if server_org_id is None or server_org_secret is None:
# Should not be possible to submit the form like this, so this is the default
# case, where the user just opened this page and therefore we render a fresh form.
return render(
request,
"corporate/legacy_server_login.html",
context={"error_message": False},
)
context.update({"error_message": False})
return render(request, "corporate/legacy_server_login.html", context)
# The form must be submitted via POST.
if request.method != "POST":
return HttpResponseNotAllowed(["POST"])
try:
remote_server = get_remote_server_by_uuid(server_org_id)
except RemoteZulipServer.DoesNotExist:
return render(
request,
"corporate/legacy_server_login.html",
context={
"error_message": _("Did not find a server registration for this server_org_id.")
},
context.update(
{"error_message": _("Did not find a server registration for this server_org_id.")}
)
return render(request, "corporate/legacy_server_login.html", context)
if not constant_time_compare(server_org_secret, remote_server.api_key):
return render(
request,
"corporate/legacy_server_login.html",
context={"error_message": _("Invalid server_org_secret.")},
)
if remote_server.deactivated:
return render(
request,
"corporate/legacy_server_login.html",
context={"error_message": _("Your server registration has been deactivated.")},
)
context.update({"error_message": _("Invalid server_org_secret.")})
return render(request, "corporate/legacy_server_login.html", context)
if remote_server.deactivated:
context.update({"error_message": _("Your server registration has been deactivated.")})
return render(request, "corporate/legacy_server_login.html", context)
remote_server_uuid = str(remote_server.uuid)
request.session["remote_billing_identities"] = {}
@ -281,4 +268,12 @@ def remote_billing_legacy_server_login(
authenticated_at=datetime_to_timestamp(timezone_now()),
)
return HttpResponseRedirect(reverse("remote_server_billing_page", args=(remote_server_uuid,)))
assert next_page in VALID_NEXT_PAGES
if next_page is None:
return HttpResponseRedirect(
reverse("remote_server_billing_page", args=(remote_server_uuid,))
)
else:
return HttpResponseRedirect(
reverse(f"remote_server_{next_page}_page", args=(remote_server_uuid,))
)

3
templates/corporate/legacy_server_login.html
View File

@ -17,6 +17,9 @@
<div id="server-login-input-section">
<form id="server-login-form" method="post" action="/serverlogin/">
{{ csrf_input }}
{% if next_page %}
<input type="hidden" name="next_page" value="{{ next_page }}" />
{% endif %}
<div class="input-box server-login-form-field">
<label for="username" class="inline-block label-title">
server_org_id