Horizon UI message when browser cookies disabled

Used dijango's CSRF_FAILURE_VIEW setting to create a view indicating the reason the request was rejected. This information is passed on to the login page so it can render the error. Change-Id: I61c7195c9bafb269816fde12b058e19ebc69953c Closes-Bug: #1412483
2018-01-17 14:11:59 +13:00 · 2018-01-17 14:11:59 +13:00 · c9a143fab4
commit c9a143fab4
parent 6c2193b994
4 changed files with 22 additions and 0 deletions
--- a/horizon/templates/auth/_login_form.html
+++ b/horizon/templates/auth/_login_form.html
@ -59,6 +59,11 @@
              <p>{{ request.COOKIES.logout_reason }}</p>
            </div>
        {% endif %}
+        {% if csrf_failure %}
+            <div class="form-group clearfix error help-block alert alert-danger" id="logout_reason">
+              <p>{{ csrf_failure }}</p>
+            </div>
+        {% endif %}
        {% if next %}
          <input type="hidden" name="{{ redirect_field_name }}" value="{{ next }}" />
        {% endif %}
--- a/openstack_auth/views.py
+++ b/openstack_auth/views.py
@ -90,6 +90,8 @@ def login(request, template_name=None, extra_context=None, **kwargs):
    if extra_context is None:
        extra_context = {'redirect_field_name': auth.REDIRECT_FIELD_NAME}

+    extra_context['csrf_failure'] = request.GET.get('csrf_failure')
+
    if not template_name:
        if request.is_ajax():
            template_name = 'auth/_login.html'
--- a/openstack_dashboard/settings.py
+++ b/openstack_dashboard/settings.py
@ -214,6 +214,8 @@ SESSION_COOKIE_MAX_SIZE = 4093
 #                https://bugs.launchpad.net/horizon/+bug/1349463
 SESSION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'

+CSRF_FAILURE_VIEW = 'openstack_dashboard.views.csrf_failure'
+
 LANGUAGES = (
    ('cs', 'Czech'),
    ('de', 'German'),
--- a/openstack_dashboard/views.py
+++ b/openstack_dashboard/views.py
@ -17,7 +17,9 @@ import logging

 from django.conf import settings
 from django.core import urlresolvers
+from django import http
 from django import shortcuts
+from django.utils.translation import ugettext as _
 import django.views.decorators.vary
 from django.views.generic import TemplateView
 from six.moves import urllib
@ -118,3 +120,14 @@ class ExtensibleHeaderView(TemplateView):

        context['header_sections'] = header_sections
        return context
+
+
+def csrf_failure(request, reason=""):
+    if reason:
+        reason += " "
+    reason += _("Cookies may be turned off. "
+                "Make sure cookies are enabled and try again.")
+
+    url = settings.LOGIN_URL + "?csrf_failure=%s" % urllib.parse.quote(reason)
+    response = http.HttpResponseRedirect(url)
+    return response