auth: Submit dev login form to the correct subdomain.

This commit is contained in:
Vishnu Ks 2017-10-11 15:30:04 +00:00 committed by Tim Abbott
parent 2337ed65c5
commit 63ed4110fe
2 changed files with 10 additions and 9 deletions

View File

@ -10,16 +10,15 @@
<h4 class="login-page-header">Click on a user to log in!</h4>
{% endif %}
<p class="devlogin_subheader">{{ _('(Or visit the <a href="/login">normal login page</a>)') }}</p>
<form name="direct_login_form" id="direct_login_form" method="post" class="login-form"
action="{{ url('zerver.views.auth.dev_direct_login') }}">
{{ csrf_input }}
<form name="direct_login_form" id="direct_login_form" method="post" class="login-form">
<div class="control-group">
<div class="controls">
<div class="group">
<h2>{{ _('Administrators') }}</h2>
{% if direct_admins %}
{% for user_email in direct_admins %}
<p><input type="submit" name="direct_email" class="btn-direct btn-admin" value="{{ user_email }}" /></p>
{% for direct_admin in direct_admins %}
<p><input type="submit" formaction="{{ direct_admin.realm.uri }}{{ url('zerver.views.auth.dev_direct_login') }}"
name="direct_email" class="btn-direct btn-admin" value="{{ direct_admin.email }}" /></p>
{% endfor %}
{% else %}
<p>No administrators found in this realm</p>
@ -29,8 +28,9 @@
<div class="group">
<h2>{{ _('Normal users') }}</h2>
{% if direct_users %}
{% for user_email in direct_users %}
<p><input type="submit" name="direct_email" class="btn-direct btn-admin" value="{{ user_email }}" /></p>
{% for direct_user in direct_users %}
<p><input type="submit" formaction="{{ direct_user.realm.uri }}{{ url('zerver.views.auth.dev_direct_login') }}"
name="direct_email" class="btn-direct btn-admin" value="{{ direct_user.email }}" /></p>
{% endfor %}
{% else %}
<p>No normal users found in this realm</p>

View File

@ -505,8 +505,8 @@ def login_page(request, **kwargs):
extra_context['current_realm'] = realm
extra_context['all_realms'] = Realm.objects.all()
extra_context['direct_admins'] = [u.email for u in users if u.is_realm_admin]
extra_context['direct_users'] = [u.email for u in users if not u.is_realm_admin]
extra_context['direct_admins'] = [u for u in users if u.is_realm_admin]
extra_context['direct_users'] = [u for u in users if not u.is_realm_admin]
if 'new_realm' in request.POST:
# If we're switching realms, redirect to that realm
@ -539,6 +539,7 @@ def login_page(request, **kwargs):
return template_response
@csrf_exempt
def dev_direct_login(request, **kwargs):
# type: (HttpRequest, **Any) -> HttpResponse
# This function allows logging in without a password and should only be called in development environments.