diff --git a/helios/templates/cast_done.html b/helios/templates/cast_done.html
index e0b9098f076e8fe3e8ef7a0eed787adf34b61627..dc40805d268b492561f02f036bc64a13970cbbcc 100644
--- a/helios/templates/cast_done.html
+++ b/helios/templates/cast_done.html
@@ -15,7 +15,7 @@
{% if logout %}
<p><b>For your safety, we have logged you out.</b></p>
-<iframe width="0" height="0" border="0" frameborder="0" src="/auth/logout">
+<iframe width="0" height="0" border="0" frameborder="0" src="{% url "auth@logout" %}">
</iframe>
{% endif %}
diff --git a/helios/templates/election_view.html b/helios/templates/election_view.html
index 8eccf4faa9fbebad95fec71db466a495860c5f69..fcb71210ab90582c5bac3d3a21bbf4ad322b506a 100644
--- a/helios/templates/election_view.html
+++ b/helios/templates/election_view.html
@@ -236,7 +236,7 @@ You are <em>not eligible</em> to vote in this {{election.election_type}}.
{% if election.openreg %}
{% if election.eligibility %}
This election is open to: {{election.pretty_eligibility|safe}}
-<a href="{{settings.SECURE_URL_HOST}}{% url "helios_auth.views.index" %}?return_url={{CURRENT_URL}}">Log in</a> to check your eligibility.
+<a href="{{settings.SECURE_URL_HOST}}{% url "auth@index" %}?return_url={{CURRENT_URL}}">Log in</a> to check your eligibility.
{% else %}
Anyone can vote in this election.
{% endif %}
diff --git a/helios/views.py b/helios/views.py
index bb7d6402f5ce12785889d0c162d58ee8e8cf4765..4234c6e559511afc6c9badf964852d9b1ec52c91 100644
--- a/helios/views.py
+++ b/helios/views.py
@@ -24,6 +24,7 @@ from view_utils import SUCCESS, FAILURE, return_json, render_template, render_te
from helios_auth.security import check_csrf, login_required, get_user, save_in_session_across_logouts
from helios_auth.auth_systems import AUTH_SYSTEMS, can_list_categories
from helios_auth.models import AuthenticationExpired
+import helios_auth.url_names as helios_auth_urls
from helios_auth import views as auth_views
@@ -76,7 +77,7 @@ def user_reauth(request, user):
# FIXME: should we be wary of infinite redirects here, and
# add a parameter to prevent it? Maybe.
login_url = "%s%s?%s" % (settings.SECURE_URL_HOST,
- reverse(auth_views.start, args=[user.user_type]),
+ reverse(helios_auth_urls.AUTH_START, args=[user.user_type]),
urllib.urlencode({'return_url':
request.get_full_path()}))
return HttpResponseRedirect(login_url)
diff --git a/helios_auth/auth_systems/cas.py b/helios_auth/auth_systems/cas.py
index 6d0055f22485054ba677d1d2a783b3c18e899609..cb10fac0a201e93eda7b29ec0a5073348733c772 100644
--- a/helios_auth/auth_systems/cas.py
+++ b/helios_auth/auth_systems/cas.py
@@ -34,11 +34,11 @@ STATUS_UPDATES = False
def _get_service_url():
# FIXME current URL
- from helios_auth.views import after
+ from helios_auth import url_names
from django.conf import settings
from django.core.urlresolvers import reverse
- return settings.SECURE_URL_HOST + reverse(after)
+ return settings.SECURE_URL_HOST + reverse(url_names.AUTH_AFTER)
def get_auth_url(request, redirect_url):
request.session['cas_redirect_url'] = redirect_url
diff --git a/helios_auth/auth_systems/password.py b/helios_auth/auth_systems/password.py
index f78d9f6a1fffe679570b5f4e3a83837b14e082a5..6204f1d4a88c67e8a402ae242c560ae4c0bdcb70 100644
--- a/helios_auth/auth_systems/password.py
+++ b/helios_auth/auth_systems/password.py
@@ -7,12 +7,16 @@ from django import forms
from django.core.mail import send_mail
from django.conf import settings
from django.http import HttpResponseRedirect
+from django.conf.urls import url
+
+from helios_auth import url_names
import logging
# some parameters to indicate that status updating is possible
STATUS_UPDATES = False
-
+PASSWORD_LOGIN_URL_NAME = "auth@password@login"
+PASSWORD_FORGOTTEN_URL_NAME = "auth@password@forgotten"
def create_user(username, password, name = None):
from helios_auth.models import User
@@ -58,7 +62,7 @@ def password_login_view(request):
user = User.get_by_type_and_id('password', username)
if password_check(user, password):
request.session['password_user_id'] = user.user_id
- return HttpResponseRedirect(reverse(after))
+ return HttpResponseRedirect(reverse(url_names.AUTH_AFTER))
except User.DoesNotExist:
pass
error = 'Bad Username or Password'
@@ -101,7 +105,7 @@ Your password: %s
return HttpResponseRedirect(return_url)
def get_auth_url(request, redirect_url = None):
- return reverse(password_login_view)
+ return reverse(PASSWORD_LOGIN_URL_NAME)
def get_user_info_after_auth(request):
from helios_auth.models import User
@@ -125,3 +129,9 @@ def send_message(user_id, user_name, user_info, subject, body):
def can_create_election(user_id, user_info):
return True
+
+
+urlpatterns = [
+ url(r'^password/login', password_login_view, name=PASSWORD_LOGIN_URL_NAME),
+ url(r'^password/forgot', password_forgotten_view, name=PASSWORD_FORGOTTEN_URL_NAME)
+]
diff --git a/helios_auth/auth_systems/twitter.py b/helios_auth/auth_systems/twitter.py
index 9963f9121d42b3c53edaac0c128f67499d98c761..b59cd38fd8f94480f2730221cb6fcbfda6f28291 100644
--- a/helios_auth/auth_systems/twitter.py
+++ b/helios_auth/auth_systems/twitter.py
@@ -4,6 +4,7 @@ Twitter Authentication
from oauthclient import client
+from django.conf.urls import url
from django.core.urlresolvers import reverse
from django.http import HttpResponseRedirect
@@ -21,6 +22,7 @@ DM_TOKEN = settings.TWITTER_DM_TOKEN
# some parameters to indicate that status updating is possible
STATUS_UPDATES = True
STATUS_UPDATE_WORDING_TEMPLATE = "Tweet %s"
+FOLLOW_VIEW_URL_NAME = "auth@twitter@follow"
OAUTH_PARAMS = {
'root_url' : 'https://twitter.com',
@@ -70,7 +72,7 @@ def user_needs_intervention(user_id, user_info, token):
if friendship:
return None
- return HttpResponseRedirect(reverse(follow_view))
+ return HttpResponseRedirect(reverse(FOLLOW_VIEW_URL_NAME))
def _get_client_by_request(request):
access_token = request.session['access_token']
@@ -114,8 +116,8 @@ def follow_view(request):
twitter_client = _get_client_by_token(user.token)
result = twitter_client.oauth_request('http://api.twitter.com/1/friendships/create.json', args={'screen_name': USER_TO_FOLLOW}, method='POST')
- from helios_auth.views import after_intervention
- return HttpResponseRedirect(reverse(after_intervention))
+ from helios_auth.url_names import AUTH_AFTER_INTERVENTION
+ return HttpResponseRedirect(reverse(AUTH_AFTER_INTERVENTION))
@@ -125,3 +127,6 @@ def follow_view(request):
def can_create_election(user_id, user_info):
return True
+
+
+urlpatterns = [url(r'^twitter/follow', follow_view, name=FOLLOW_VIEW_URL_NAME)]
\ No newline at end of file
diff --git a/helios_auth/templates/index.html b/helios_auth/templates/index.html
index f16a7b80cf80e6362c2b70b5ce264f278cc0934f..3c2e9f8d73595f83e9d61c42cd9cf37145735079 100644
--- a/helios_auth/templates/index.html
+++ b/helios_auth/templates/index.html
@@ -8,7 +8,7 @@
You are currently logged in as<br /><b>{{user.user_id}}</b> via <b>{{user.user_type}}</b>.
</p>
<p>
- <a href="{% url "helios_auth.views.logout" %}">logout</a>
+ <a href="{% url "auth@logout" %}">logout</a>
</p>
{% else %}
diff --git a/helios_auth/templates/login_box.html b/helios_auth/templates/login_box.html
index 2e89e94e49fb8384d97fe81a8ffed94aa2204f85..27ca7da17aa80df0367db54adc7bf4d4336365f8 100644
--- a/helios_auth/templates/login_box.html
+++ b/helios_auth/templates/login_box.html
@@ -1,12 +1,12 @@
{% if default_auth_system %}
<p>
-<a class="small button" href="{% url "helios_auth.views.start" system_name=default_auth_system %}?return_url={{return_url}}">Log in</a></p>
+<a class="small button" href="{% url "auth@start" system_name=default_auth_system %}?return_url={{return_url}}">Log in</a></p>
{% else %}
{% for auth_system in enabled_auth_systems %}
{% ifequal auth_system "password" %}
{% else %}
<p>
- <a href="{{SECURE_URL_HOST}}{% url "helios_auth.views.start" system_name=auth_system %}?return_url={{return_url}}" style="font-size: 1.4em;">
+ <a href="{{SECURE_URL_HOST}}{% url "auth@start" system_name=auth_system %}?return_url={{return_url}}" style="font-size: 1.4em;">
<img style="height: 35px; border: 0px;" src="/static/auth/login-icons/{{auth_system}}.png" alt="{{auth_system}}" /> {{auth_system}}
{% endifequal %}
</a>
diff --git a/helios_auth/tests.py b/helios_auth/tests.py
index f07f309fb5176007ca67a25ce14c712efc33af35..824dc535183e9b8f1483a2ffc9d9897212353b44 100644
--- a/helios_auth/tests.py
+++ b/helios_auth/tests.py
@@ -116,7 +116,7 @@ class UserBlackboxTests(TestCase):
# self.assertContains(response, "Foobar User")
def test_logout(self):
- response = self.client.post(reverse(views.logout), follow=True)
+ response = self.client.post(reverse("auth@logout"), follow=True)
self.assertContains(response, "not logged in")
self.assertNotContains(response, "Foobar User")
diff --git a/helios_auth/url_names.py b/helios_auth/url_names.py
new file mode 100644
index 0000000000000000000000000000000000000000..29f7b228f8363f090f44cf21225a5f6e2595caf1
--- /dev/null
+++ b/helios_auth/url_names.py
@@ -0,0 +1,6 @@
+AUTH_INDEX="auth@index"
+AUTH_LOGOUT="auth@logout"
+AUTH_START="auth@start"
+AUTH_AFTER="auth@after"
+AUTH_WHY="auth@why"
+AUTH_AFTER_INTERVENTION="auth@after-intervention"
diff --git a/helios_auth/urls.py b/helios_auth/urls.py
index 11d10139530db6f84becb2cf5f55326641fb2163..5244e10b8a1e2f07f8ab712c3b8f3997e58bedfa 100644
--- a/helios_auth/urls.py
+++ b/helios_auth/urls.py
@@ -7,27 +7,27 @@ Ben Adida (ben@adida.net)
from django.conf.urls import url
+import url_names
import views
from settings import AUTH_ENABLED_AUTH_SYSTEMS
urlpatterns = [
# basic static stuff
- url(r'^$', views.index),
- url(r'^logout$', views.logout),
- url(r'^start/(?P<system_name>.*)$', views.start),
+ url(r'^$', views.index, name=url_names.AUTH_INDEX),
+ url(r'^logout$', views.logout, name=url_names.AUTH_LOGOUT),
+ url(r'^start/(?P<system_name>.*)$', views.start, name=url_names.AUTH_START),
# weird facebook constraint for trailing slash
- url(r'^after/$', views.after),
- url(r'^why$', views.perms_why),
- url(r'^after_intervention$', views.after_intervention),
+ url(r'^after/$', views.after, name=url_names.AUTH_AFTER),
+ url(r'^why$', views.perms_why, name=url_names.AUTH_WHY),
+ url(r'^after_intervention$', views.after_intervention, name=url_names.AUTH_AFTER_INTERVENTION),
]
# password auth
if 'password' in AUTH_ENABLED_AUTH_SYSTEMS:
- from auth_systems.password import password_login_view, password_forgotten_view
- urlpatterns.append(url(r'^password/login', password_login_view))
- urlpatterns.append(url(r'^password/forgot', password_forgotten_view))
+ from auth_systems.password import urlpatterns as password_patterns
+ urlpatterns.extend(password_patterns)
# twitter
if 'twitter' in AUTH_ENABLED_AUTH_SYSTEMS:
- from auth_systems.twitter import follow_view
- urlpatterns.append(url(r'^twitter/follow', follow_view))
+ from auth_systems.twitter import urlpatterns as twitter_patterns
+ urlpatterns.extend(twitter_patterns)
diff --git a/helios_auth/views.py b/helios_auth/views.py
index 8d2808917d3d4b981b4a6b454c4b419fd751eaf6..27614478c8e827b06426b0f28c40ed5345839b27 100644
--- a/helios_auth/views.py
+++ b/helios_auth/views.py
@@ -14,6 +14,7 @@ import settings
from auth_systems import AUTH_SYSTEMS
from auth_systems import password
from helios_auth.security import get_user
+from helios_auth.url_names import AUTH_INDEX, AUTH_START, AUTH_AFTER, AUTH_WHY, AUTH_AFTER_INTERVENTION
from models import User
from security import FIELDS_TO_SAVE
from view_utils import render_template, render_template_raw
@@ -28,7 +29,7 @@ def index(request):
# single auth system?
if len(helios_auth.ENABLED_AUTH_SYSTEMS) == 1 and not user:
- return HttpResponseRedirect(reverse(start, args=[helios_auth.ENABLED_AUTH_SYSTEMS[0]])+ '?return_url=' + request.GET.get('return_url', ''))
+ return HttpResponseRedirect(reverse(AUTH_START, args=[helios_auth.ENABLED_AUTH_SYSTEMS[0]])+ '?return_url=' + request.GET.get('return_url', ''))
#if helios_auth.DEFAULT_AUTH_SYSTEM and not user:
# return HttpResponseRedirect(reverse(start, args=[helios_auth.DEFAULT_AUTH_SYSTEM])+ '?return_url=' + request.GET.get('return_url', ''))
@@ -141,7 +142,7 @@ def _do_auth(request):
system = AUTH_SYSTEMS[system_name]
# where to send the user to?
- redirect_url = settings.SECURE_URL_HOST + reverse(after)
+ redirect_url = settings.SECURE_URL_HOST + reverse(AUTH_AFTER)
auth_url = system.get_auth_url(request, redirect_url=redirect_url)
if auth_url:
@@ -151,7 +152,7 @@ def _do_auth(request):
def start(request, system_name):
if not (system_name in helios_auth.ENABLED_AUTH_SYSTEMS):
- return HttpResponseRedirect(reverse(index))
+ return HttpResponseRedirect(reverse(AUTH_INDEX))
# why is this here? Let's try without it
# request.session.save()
@@ -187,7 +188,7 @@ def after(request):
request.session['user'] = user
else:
- return HttpResponseRedirect("%s?%s" % (reverse(perms_why), urllib.urlencode({'system_name' : request.session['auth_system_name']})))
+ return HttpResponseRedirect("%s?%s" % (reverse(AUTH_WHY), urllib.urlencode({'system_name' : request.session['auth_system_name']})))
# does the auth system want to present an additional view?
# this is, for example, to prompt the user to follow @heliosvoting
@@ -198,7 +199,7 @@ def after(request):
return intervention_response
# go to the after intervention page. This is for modularity
- return HttpResponseRedirect(reverse(after_intervention))
+ return HttpResponseRedirect(reverse(AUTH_AFTER_INTERVENTION))
def after_intervention(request):
return_url = "/"
diff --git a/server_ui/templates/base.html b/server_ui/templates/base.html
index 08d769d04a58556afebba04b311df5ba1ec66a49..8357be2aaa31636509e32c51609ce92f8d0b3801 100644
--- a/server_ui/templates/base.html
+++ b/server_ui/templates/base.html
@@ -88,13 +88,13 @@
</span>-->
{% if user %}
logged in as <b>{{user.display_html_small|safe}}</b>
- <a class="tiny button" href="{% url "helios_auth.views.logout" %}?return_url={{CURRENT_URL}}">logout</a><br />
+ <a class="tiny button" href="{% url "auth@logout" %}?return_url={{CURRENT_URL}}">logout</a><br />
{% else %}
{% if voter %}
- You are signed in as voter <u>{% if voter.alias %}{{voter.alias}}{% else %}{{voter.name}}{% endif %}</u> in election <u>{{voter.election.name}}</u>. [<a href="{{settings.SECURE_URL_HOST}}{% url "helios_auth.views.logout" %}?return_url={{CURRENT_URL}}">sign out</a>]
+ You are signed in as voter <u>{% if voter.alias %}{{voter.alias}}{% else %}{{voter.name}}{% endif %}</u> in election <u>{{voter.election.name}}</u>. [<a href="{{settings.SECURE_URL_HOST}}{% url "auth@logout" %}?return_url={{CURRENT_URL}}">sign out</a>]
{% else %}
{% if settings.SHOW_LOGIN_OPTIONS %}
- not logged in. <a class="tiny button" href="{{settings.SECURE_URL_HOST}}{% url "helios_auth.views.index" %}?return_url={{CURRENT_URL}}">log in</a>
+ not logged in. <a class="tiny button" href="{{settings.SECURE_URL_HOST}}{% url "auth@index" %}?return_url={{CURRENT_URL}}">log in</a>
{% else %}
powered by <a href="http://heliosvoting.org">Helios Voting</a>.
{% endif %}
diff --git a/server_ui/templates/confirm.html b/server_ui/templates/confirm.html
index 33fb2a22af28cbf423dd92d3633d5fcebe1bee9c..2f24a807a0ae1854a5f2b8207c037d3b8a6c74d0 100644
--- a/server_ui/templates/confirm.html
+++ b/server_ui/templates/confirm.html
@@ -38,7 +38,7 @@ function show_waiting() {
</form>
<p>
- Forgot your password? <a href="{% url "helios_auth.auth_systems.password.password_forgotten_view" %}?return_url={% url "election@cast-confirm" %}">Have it emailed to you</a>.<br />(don't worry, we won't forget your vote).
+ Forgot your password? <a href="{% url "auth@password@forgotten" %}?return_url={% url "election@cast-confirm" %}">Have it emailed to you</a>.<br />(don't worry, we won't forget your vote).
</p>
</div>