Example #1
0
def register(request, login_provider_name=None, user_identifier=None):
    """
    this function is used via it's own url with request.method=POST
    or as a simple function call from "finalize_generic_signin"
    in which case request.method must ge 'GET'
    and login_provider_name and user_identifier arguments must not be None

    user_identifier will be stored in the UserAssociation as openid_url
    login_provider_name - as provider_name

    this function may need to be refactored to simplify the usage pattern

    template : authopenid/complete.html
    """

    logging.debug("")

    next_url = get_next_url(request)

    user = None
    username = request.session.get("username", "")
    email = request.session.get("email", "")
    logging.debug("request method is %s" % request.method)

    form_class = forms.get_registration_form_class()
    register_form = form_class(
        initial={
            "next": next_url,
            "username": request.session.get("username", ""),
            "email": request.session.get("email", ""),
        }
    )

    if request.method == "GET":
        assert login_provider_name is not None
        assert user_identifier is not None
        # store this data into the session
        # to persist for the post request
        request.session["login_provider_name"] = login_provider_name
        request.session["user_identifier"] = user_identifier

    elif request.method == "POST":

        if "login_provider_name" not in request.session or "user_identifier" not in request.session:
            logging.critical("illegal attempt to register")
            return HttpResponseRedirect(reverse("user_signin"))

        # load this data from the session
        user_identifier = request.session["user_identifier"]
        login_provider_name = request.session["login_provider_name"]

        logging.debug("trying to create new account associated with openid")
        form_class = forms.get_registration_form_class()
        register_form = form_class(request.POST)
        if not register_form.is_valid():
            logging.debug("registration form is INVALID")
        else:
            username = register_form.cleaned_data["username"]
            email = register_form.cleaned_data["email"]

            if "ldap_user_info" in request.session:
                user_info = request.session["ldap_user_info"]
                # we take this info from the user input where
                # they can override the default provided by LDAP
                user_info["django_username"] = username
                user_info["email"] = email
                user = ldap_create_user(user_info).user
                user = authenticate(user_id=user.id, method="force")
                del request.session["ldap_user_info"]
                login(request, user)
                cleanup_post_register_session(request)
                return HttpResponseRedirect(next_url)

            elif askbot_settings.REQUIRE_VALID_EMAIL_FOR == "nothing":

                user = create_authenticated_user_account(
                    username=username,
                    email=email,
                    user_identifier=user_identifier,
                    login_provider_name=login_provider_name,
                )
                login(request, user)
                cleanup_post_register_session(request)
                return HttpResponseRedirect(next_url)
            else:
                email_verifier = UserEmailVerifier(key=generate_random_key())
                email_verifier.value = {
                    "username": username,
                    "email": email,
                    "user_identifier": user_identifier,
                    "login_provider_name": login_provider_name,
                }
                email_verifier.save()
                send_email_key(email, email_verifier.key, handler_url_name="verify_email_and_register")
                redirect_url = reverse("verify_email_and_register") + "?next=" + next_url
                return HttpResponseRedirect(redirect_url)

    providers = {
        "yahoo": '<font color="purple">Yahoo!</font>',
        "flickr": '<font color="#0063dc">flick</font><font color="#ff0084">r</font>&trade;',
        "google": "Google&trade;",
        "aol": '<font color="#31658e">AOL</font>',
        "myopenid": "MyOpenID",
    }
    if login_provider_name not in providers:
        provider_logo = login_provider_name
    else:
        provider_logo = providers[login_provider_name]

    logging.debug("printing authopenid/complete.html output")
    data = {
        "openid_register_form": register_form,
        "default_form_action": django_settings.LOGIN_URL,
        "provider": mark_safe(provider_logo),
        "username": username,
        "email": email,
        "login_type": "openid",
        "gravatar_faq_url": reverse("faq") + "#gravatar",
    }
    return render(request, "authopenid/complete.html", data)
Example #2
0
def signup_with_password(request):
    """Create a password-protected account
    template: authopenid/signup_with_password.html
    """

    logging.debug(get_request_info(request))
    login_form = forms.LoginForm(initial={"next": get_next_url(request)})
    # this is safe because second decorator cleans this field
    provider_name = request.REQUEST["login_provider"]

    if askbot_settings.USE_RECAPTCHA:
        RegisterForm = forms.SafeClassicRegisterForm
    else:
        RegisterForm = forms.ClassicRegisterForm

    logging.debug("request method was %s" % request.method)
    if request.method == "POST":
        form = RegisterForm(request.POST)

        # validation outside if to remember form values
        logging.debug("validating classic register form")
        form1_is_valid = form.is_valid()
        if form1_is_valid:
            logging.debug("classic register form validated")
        else:
            logging.debug("classic register form is not valid")

        if form1_is_valid:
            logging.debug("both forms are valid")
            next = form.cleaned_data["next"]
            username = form.cleaned_data["username"]
            password = form.cleaned_data["password1"]
            email = form.cleaned_data["email"]

            if askbot_settings.REQUIRE_VALID_EMAIL_FOR == "nothing":
                user = create_authenticated_user_account(username=username, email=email, password=password)
                login(request, user)
                cleanup_post_register_session(request)
                return HttpResponseRedirect(get_next_url(request))
            else:
                email_verifier = UserEmailVerifier(key=generate_random_key())
                email_verifier.value = {
                    "username": username,
                    "login_provider_name": provider_name,
                    "email": email,
                    "password": password,
                }
                email_verifier.save()
                send_email_key(email, email_verifier.key, handler_url_name="verify_email_and_register")
                redirect_url = reverse("verify_email_and_register") + "?next=" + get_next_url(request)
                return HttpResponseRedirect(redirect_url)

        else:
            # todo: this can be solved with a decorator, maybe
            form.initial["login_provider"] = provider_name
            logging.debug("create classic account forms were invalid")
    else:
        # todo: here we have duplication of get_password_login_provider...
        form = RegisterForm(initial={"next": get_next_url(request), "login_provider": provider_name})
    logging.debug("printing legacy signup form")

    major_login_providers = util.get_enabled_major_login_providers()
    minor_login_providers = util.get_enabled_minor_login_providers()

    context_data = {
        "form": form,
        "page_class": "openid-signin",
        "major_login_providers": major_login_providers.values(),
        "minor_login_providers": minor_login_providers.values(),
        "login_form": login_form,
    }
    return render(request, "authopenid/signup_with_password.html", context_data)