From 2515c3a15d5525562f40923f1aedebf9a49a5f8a Mon Sep 17 00:00:00 2001 From: Valentin Samir Date: Thu, 30 Jun 2016 18:57:11 +0200 Subject: [PATCH] Disabling ajax login by default --- cas_server/default_settings.py | 2 ++ cas_server/views.py | 6 +++--- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/cas_server/default_settings.py b/cas_server/default_settings.py index 00bb6fa..1d2174c 100644 --- a/cas_server/default_settings.py +++ b/cas_server/default_settings.py @@ -85,3 +85,5 @@ setting_default( 'alias': ['demo1', 'demo2'] } ) + +setting_default('CAS_ENABLE_AJAX_AUTH', False) diff --git a/cas_server/views.py b/cas_server/views.py index 7d42768..f0402f0 100644 --- a/cas_server/views.py +++ b/cas_server/views.py @@ -109,7 +109,7 @@ class LogoutView(View, LogoutMixin): self.request = request self.service = request.GET.get('service') self.url = request.GET.get('url') - self.ajax = 'HTTP_X_AJAX' in request.META + self.ajax = settings.CAS_ENABLE_AJAX_AUTH and 'HTTP_X_AJAX' in request.META def get(self, request, *args, **kwargs): """methode called on GET request on this view""" @@ -203,7 +203,7 @@ class LoginView(View, LogoutMixin): self.renew = bool(request.POST.get('renew') and request.POST['renew'] != "False") self.gateway = request.POST.get('gateway') self.method = request.POST.get('method') - self.ajax = 'HTTP_X_AJAX' in request.META + self.ajax = settings.CAS_ENABLE_AJAX_AUTH and 'HTTP_X_AJAX' in request.META if request.POST.get('warned') and request.POST['warned'] != "False": self.warned = True self.warn = request.POST.get('warn') @@ -298,7 +298,7 @@ class LoginView(View, LogoutMixin): self.renew = bool(request.GET.get('renew') and request.GET['renew'] != "False") self.gateway = request.GET.get('gateway') self.method = request.GET.get('method') - self.ajax = 'HTTP_X_AJAX' in request.META + self.ajax = settings.CAS_ENABLE_AJAX_AUTH and 'HTTP_X_AJAX' in request.META self.warn = request.GET.get('warn') def get(self, request, *args, **kwargs):