From 9fecbcecf52bbbc7586349caf9a68b778af006d9 Mon Sep 17 00:00:00 2001
From: Umair Khan <umair.waheed@gmail.com>
Date: Tue, 10 Jan 2017 14:44:56 +0500
Subject: [PATCH] subdomains: Don't show login page on root aliases.

---
 zerver/lib/utils.py   | 13 +++++++++++--
 zerver/tests/tests.py | 41 +++++++++++++++++++++++++++++++++++++++++
 zerver/views/auth.py  |  9 +++++++--
 3 files changed, 59 insertions(+), 4 deletions(-)

diff --git a/zerver/lib/utils.py b/zerver/lib/utils.py
index ae04e9d8f1..58c1bb44fa 100644
--- a/zerver/lib/utils.py
+++ b/zerver/lib/utils.py
@@ -186,17 +186,26 @@ def query_chunker(queries, id_collector=None, chunk_size=1000, db_chunk_size=Non
 
         yield [row for row_id, i, row in tup_chunk]
 
-def get_subdomain(request):
+def _extract_subdomain(request):
     # type: (HttpRequest) -> Text
     domain = request.get_host().lower()
     index = domain.find("." + settings.EXTERNAL_HOST)
     if index == -1:
         return ""
-    subdomain = domain[0:index]
+    return domain[0:index]
+
+def get_subdomain(request):
+    # type: (HttpRequest) -> Text
+    subdomain = _extract_subdomain(request)
     if subdomain in settings.ROOT_SUBDOMAIN_ALIASES:
         return ""
     return subdomain
 
+def is_subdomain_root_or_alias(request):
+    # type: (HttpRequest) -> bool
+    subdomain = _extract_subdomain(request)
+    return not subdomain or subdomain in settings.ROOT_SUBDOMAIN_ALIASES
+
 def check_subdomain(realm_subdomain, user_subdomain):
     # type: (Text, Text) -> bool
     if settings.REALMS_HAVE_SUBDOMAINS and realm_subdomain is not None:
diff --git a/zerver/tests/tests.py b/zerver/tests/tests.py
index a08b225823..0377605f8d 100644
--- a/zerver/tests/tests.py
+++ b/zerver/tests/tests.py
@@ -2318,6 +2318,47 @@ class TestLoginPage(ZulipTestCase):
         result = self.client_get("/login/?subdomain=1")
         self.assertIn(WRONG_SUBDOMAIN_ERROR, result.content.decode('utf8'))
 
+    @patch('django.http.HttpRequest.get_host')
+    def test_login_page_redirects_for_root_alias(self, mock_get_host):
+        # type: (MagicMock) -> None
+        mock_get_host.return_value = 'www.testserver'
+        with self.settings(REALMS_HAVE_SUBDOMAINS=True,
+                           ROOT_SUBDOMAIN_ALIASES=['www']):
+            result = self.client_get("/en/login/")
+            self.assertEqual(result.status_code, 302)
+            self.assertEqual(result.url, '/find_my_team/')
+
+    @patch('django.http.HttpRequest.get_host')
+    def test_login_page_redirects_for_root_domain(self, mock_get_host):
+        # type: (MagicMock) -> None
+        mock_get_host.return_value = 'testserver'
+        with self.settings(REALMS_HAVE_SUBDOMAINS=True,
+                           ROOT_SUBDOMAIN_ALIASES=['www']):
+            result = self.client_get("/en/login/")
+            self.assertEqual(result.status_code, 302)
+            self.assertEqual(result.url, '/find_my_team/')
+
+        mock_get_host.return_value = 'www.testserver.com'
+        with self.settings(REALMS_HAVE_SUBDOMAINS=True,
+                           EXTERNAL_HOST='www.testserver.com',
+                           ROOT_SUBDOMAIN_ALIASES=['test']):
+            result = self.client_get("/en/login/")
+            self.assertEqual(result.status_code, 302)
+            self.assertEqual(result.url, '/find_my_team/')
+
+    @patch('django.http.HttpRequest.get_host')
+    def test_login_page_works_without_subdomains(self, mock_get_host):
+        # type: (MagicMock) -> None
+        mock_get_host.return_value = 'www.testserver'
+        with self.settings(ROOT_SUBDOMAIN_ALIASES=['www']):
+            result = self.client_get("/en/login/")
+            self.assertEqual(result.status_code, 200)
+
+        mock_get_host.return_value = 'testserver'
+        with self.settings(ROOT_SUBDOMAIN_ALIASES=['www']):
+            result = self.client_get("/en/login/")
+            self.assertEqual(result.status_code, 200)
+
 class TestFindMyTeam(ZulipTestCase):
     def test_template(self):
         # type: () -> None
diff --git a/zerver/views/auth.py b/zerver/views/auth.py
index 97b4662a48..5c0d8e9f4d 100644
--- a/zerver/views/auth.py
+++ b/zerver/views/auth.py
@@ -6,7 +6,8 @@ from django.contrib.auth.views import login as django_login_page, \
     logout_then_login as django_logout_then_login
 from django.core.urlresolvers import reverse
 from zerver.decorator import authenticated_json_post_view, require_post
-from django.http import HttpRequest, HttpResponse, HttpResponseRedirect
+from django.http import HttpRequest, HttpResponse, HttpResponseRedirect, \
+    HttpResponseNotFound
 from django.middleware.csrf import get_token
 from django.shortcuts import redirect
 from django.views.decorators.csrf import csrf_exempt
@@ -21,7 +22,7 @@ from zerver.forms import HomepageForm, OurAuthenticationForm, \
 
 from zerver.lib.request import REQ, has_request_variables, JsonableError
 from zerver.lib.response import json_success, json_error
-from zerver.lib.utils import get_subdomain
+from zerver.lib.utils import get_subdomain, is_subdomain_root_or_alias
 from zerver.models import PreregistrationUser, UserProfile, remote_user_to_email, Realm
 from zerver.views.registration import create_preregistration_user, get_realm_from_request, \
     redirect_and_log_into_subdomain
@@ -326,6 +327,10 @@ def log_into_subdomain(request):
 
 def login_page(request, **kwargs):
     # type: (HttpRequest, **Any) -> HttpResponse
+    if is_subdomain_root_or_alias(request) and settings.REALMS_HAVE_SUBDOMAINS:
+        redirect_url = reverse('zerver.views.registration.find_my_team')
+        return HttpResponseRedirect(redirect_url)
+
     extra_context = kwargs.pop('extra_context', {})
     if dev_auth_enabled():
         # Development environments usually have only a few users, but