Merge branch 'devel' into 'master'

Fix middleware to do exactly what we want/need

See merge request oliver/ivatar!79

ivatar/middleware.py

@@ -6,21 +6,13 @@ from django.utils.deprecation import MiddlewareMixin
 class MultipleProxyMiddleware(MiddlewareMixin):  # pylint: disable=too-few-public-methods
     """
     Middleware to rewrite proxy headers for deployments
-    multiple proxies
+    with multiple proxies
     """
-    FORWARDED_FOR_FIELDS = [
-        'HTTP_X_FORWARDED_FOR',
-        'HTTP_X_FORWARDED_HOST',
-        'HTTP_X_FORWARDED_SERVER',
-    ]
 
     def process_request(self, request):
         """
-        Rewrites the proxy headers so that only the most
-        recent proxy is used.
+        Rewrites the proxy headers so that forwarded server is
+        used if available.
         """
-        for field in self.FORWARDED_FOR_FIELDS:
-            if field in request.META:
-                if ',' in request.META[field]:
-                    parts = request.META[field].split(',')
-                    request.META[field] = parts[-1].strip()
+        if 'HTTP_X_FORWARDED_SERVER' in request.META:
+            request.META['HTTP_X_FORWARDED_HOST'] = request.META['HTTP_X_FORWARDED_SERVER']

templates/openid/login.html

@@ -29,7 +29,7 @@
 
 <p>
 <button type="submit" class="btn btn-default">{% trans 'Login' %}</button>
-<input type="hidden" name="next" value="{{ next }}" />
+<input type="hidden" name="next" value="{{ request.build_absolute_uri }}{% url 'profile' %}" />
 &nbsp;
 <button type="reset" class="btn btn-default" onclick="window.history.back();">{% trans 'Cancel' %}</button>