def complete_oauth_signin(request):
if 'next_url' in request.session:
next_url = request.session['next_url']
del request.session['next_url']
else:
next_url = reverse('index')
if 'denied' in request.GET:
return HttpResponseRedirect(next_url)
if 'oauth_problem' in request.GET:
return HttpResponseRedirect(next_url)
try:
oauth_token = request.GET['oauth_token']
logging.debug('have token %s' % oauth_token)
oauth_verifier = request.GET['oauth_verifier']
logging.debug('have verifier %s' % oauth_verifier)
session_oauth_token = request.session['oauth_token']
logging.debug('have token from session')
assert(oauth_token == session_oauth_token['oauth_token'])
oauth_provider_name = request.session['oauth_provider_name']
logging.debug('have saved provider name')
del request.session['oauth_provider_name']
oauth = util.OAuthConnection(oauth_provider_name)
user_id = oauth.get_user_id(
oauth_token = session_oauth_token,
oauth_verifier = oauth_verifier
)
logging.debug('have %s user id=%s' % (oauth_provider_name, user_id))
user = authenticate(
oauth_user_id = user_id,
provider_name = oauth_provider_name,
method = 'oauth'
)
logging.debug('finalizing oauth signin')
request.session['email'] = ''#todo: pull from profile
request.session['username'] = ''#todo: pull from profile
return finalize_generic_signin(
request = request,
user = user,
user_identifier = user_id,
login_provider_name = oauth_provider_name,
redirect_url = next_url
)
except Exception, e:
logging.critical(e)
msg = _('Unfortunately, there was some problem when '
'connecting to %(provider)s, please try again '
'or use another provider'
) % {'provider': oauth_provider_name}
request.user.message_set.create(message = msg)
return HttpResponseRedirect(next_url)
def signin(
request,
newquestion=False, #todo: not needed
newanswer=False, #todo: not needed
):
"""
signin page. It manages the legacy authentification (user/password)
and openid authentification
url: /signin/
template : authopenid/signin.htm
"""
logging.debug('in signin view')
on_failure = signin_failure
email_feeds_form = askbot_forms.SimpleEmailSubscribeForm()
next_url = get_next_url(request)
logging.debug('next url is %s' % next_url)
if next_url == reverse('user_signin'):
next_url = '%(next)s?next=%(next)s' % {'next': next_url}
login_form = forms.LoginForm(initial={'next': next_url})
#todo: get next url make it sticky if next is 'user_signin'
if request.method == 'POST':
login_form = forms.LoginForm(request.POST)
if login_form.is_valid():
provider_name = login_form.cleaned_data['login_provider_name']
if login_form.cleaned_data['login_type'] == 'password':
password_action = login_form.cleaned_data['password_action']
if askbot_settings.USE_LDAP_FOR_PASSWORD_LOGIN:
assert (password_action == 'login')
ldap_provider_name = askbot_settings.LDAP_PROVIDER_NAME
username = login_form.cleaned_data['username']
if util.ldap_check_password(
username, login_form.cleaned_data['password']):
user = authenticate(ldap_user_id=username,
provider_name=ldap_provider_name,
method='ldap')
if user is not None:
login(request, user)
return HttpResponseRedirect(next_url)
else:
return finalize_generic_signin(
request=request,
user=user,
user_identifier=username,
login_provider_name=ldap_provider_name,
redirect_url=next_url)
else:
if password_action == 'login':
user = authenticate(
username=login_form.cleaned_data['username'],
password=login_form.cleaned_data['password'],
provider_name=provider_name,
method='password')
if user is None:
login_form.set_password_login_error()
else:
login(request, user)
#todo: here we might need to set cookies
#for external login sites
return HttpResponseRedirect(next_url)
elif password_action == 'change_password':
if request.user.is_authenticated():
new_password = \
login_form.cleaned_data['new_password']
AuthBackend.set_password(
user=request.user,
password=new_password,
provider_name=provider_name)
request.user.message_set.create(
message=_('Your new password saved'))
return HttpResponseRedirect(next_url)
else:
logging.critical('unknown password action %s' %
password_action)
raise Http404
elif login_form.cleaned_data['login_type'] == 'openid':
#initiate communication process
logging.debug('processing signin with openid submission')
#todo: make a simple-use wrapper for openid protocol
sreg_req = sreg.SRegRequest(optional=['nickname', 'email'])
redirect_to = "%s%s?%s" % (
get_url_host(request), reverse('user_complete_signin'),
urllib.urlencode({'next': next_url}))
return ask_openid(request,
login_form.cleaned_data['openid_url'],
redirect_to,
on_failure=signin_failure,
sreg_request=sreg_req)
elif login_form.cleaned_data['login_type'] == 'oauth':
try:
#this url may need to have "next" piggibacked onto
callback_url = reverse('user_complete_oauth_signin')
connection = util.OAuthConnection(
provider_name, callback_url=callback_url)
connection.start()
request.session['oauth_token'] = connection.get_token()
request.session['oauth_provider_name'] = provider_name
request.session[
'next_url'] = next_url #special case for oauth
oauth_url = connection.get_auth_url(login_only=False)
return HttpResponseRedirect(oauth_url)
except util.OAuthError, e:
logging.critical(unicode(e))
msg = _('Unfortunately, there was some problem when '
'connecting to %(provider)s, please try again '
'or use another provider') % {
'provider': provider_name
}
request.user.message_set.create(message=msg)
elif login_form.cleaned_data['login_type'] == 'facebook':
#have to redirect for consistency
#there is a requirement that 'complete_signin'
try:
#this call may raise FacebookError
user_id = util.get_facebook_user_id(request)
user = authenticate(method='facebook',
facebook_user_id=user_id)
return finalize_generic_signin(
request=request,
user=user,
user_identifier=user_id,
login_provider_name=provider_name,
redirect_url=next_url)
except util.FacebookError, e:
logging.critical(unicode(e))
msg = _('Unfortunately, there was some problem when '
'connecting to %(provider)s, please try again '
'or use another provider') % {
'provider': 'Facebook'
}
request.user.message_set.create(message=msg)
else:
#raise 500 error - unknown login type
pass
def signin(request):
"""
signin page. It manages the legacy authentification (user/password)
and openid authentification
url: /signin/
template : authopenid/signin.htm
"""
logging.debug('in signin view')
on_failure = signin_failure
email_feeds_form = askbot_forms.SimpleEmailSubscribeForm()
#we need a special priority on where to redirect on successful login
#here:
#1) url parameter "next" - if explicitly set
#2) url from django setting LOGIN_REDIRECT_URL
#3) home page of the forum
login_redirect_url = getattr(settings, 'LOGIN_REDIRECT_URL', None)
next_url = get_next_url(request, default=login_redirect_url)
logging.debug('next url is %s' % next_url)
if askbot_settings.ALLOW_ADD_REMOVE_LOGIN_METHODS == False \
and request.user.is_authenticated():
return HttpResponseRedirect(next_url)
if next_url == reverse('user_signin'):
next_url = '%(next)s?next=%(next)s' % {'next': next_url}
login_form = forms.LoginForm(initial={'next': next_url})
#todo: get next url make it sticky if next is 'user_signin'
if request.method == 'POST':
login_form = forms.LoginForm(request.POST)
if login_form.is_valid():
provider_name = login_form.cleaned_data['login_provider_name']
if login_form.cleaned_data['login_type'] == 'password':
password_action = login_form.cleaned_data['password_action']
if askbot_settings.USE_LDAP_FOR_PASSWORD_LOGIN:
assert (password_action == 'login')
username = login_form.cleaned_data['username']
password = login_form.cleaned_data['password']
# will be None if authentication fails
user = authenticate(username=username,
password=password,
method='ldap')
if user is not None:
login(request, user)
return HttpResponseRedirect(next_url)
else:
return finalize_generic_signin(
request=request,
user=user,
user_identifier=username,
login_provider_name=provider_name,
redirect_url=next_url)
else:
if password_action == 'login':
user = authenticate(
username=login_form.cleaned_data['username'],
password=login_form.cleaned_data['password'],
provider_name=provider_name,
method='password')
if user is None:
login_form.set_password_login_error()
else:
login(request, user)
#todo: here we might need to set cookies
#for external login sites
return HttpResponseRedirect(next_url)
elif password_action == 'change_password':
if request.user.is_authenticated():
new_password = \
login_form.cleaned_data['new_password']
AuthBackend.set_password(
user=request.user,
password=new_password,
provider_name=provider_name)
request.user.message_set.create(
message=_('Your new password saved'))
return HttpResponseRedirect(next_url)
else:
logging.critical('unknown password action %s' %
password_action)
raise Http404
elif login_form.cleaned_data['login_type'] == 'openid':
#initiate communication process
logging.debug('processing signin with openid submission')
#todo: make a simple-use wrapper for openid protocol
sreg_req = sreg.SRegRequest(optional=['nickname', 'email'])
redirect_to = "%s%s?%s" % (
get_url_host(request), reverse('user_complete_signin'),
urllib.urlencode({'next': next_url}))
return ask_openid(request,
login_form.cleaned_data['openid_url'],
redirect_to,
on_failure=signin_failure,
sreg_request=sreg_req)
elif login_form.cleaned_data['login_type'] == 'oauth':
try:
#this url may need to have "next" piggibacked onto
callback_url = reverse('user_complete_oauth_signin')
connection = util.OAuthConnection(
provider_name, callback_url=callback_url)
connection.start()
request.session['oauth_token'] = connection.get_token()
request.session['oauth_provider_name'] = provider_name
request.session[
'next_url'] = next_url #special case for oauth
oauth_url = connection.get_auth_url(login_only=False)
return HttpResponseRedirect(oauth_url)
except util.OAuthError, e:
logging.critical(unicode(e))
msg = _('Unfortunately, there was some problem when '
'connecting to %(provider)s, please try again '
'or use another provider') % {
'provider': provider_name
}
request.user.message_set.create(message=msg)
elif login_form.cleaned_data['login_type'] == 'facebook':
#have to redirect for consistency
#there is a requirement that 'complete_signin'
try:
#this call may raise FacebookError
user_id = util.get_facebook_user_id(request)
user = authenticate(method='facebook',
facebook_user_id=user_id)
return finalize_generic_signin(
request=request,
user=user,
user_identifier=user_id,
login_provider_name=provider_name,
redirect_url=next_url)
except util.FacebookError, e:
logging.critical(unicode(e))
msg = _('Unfortunately, there was some problem when '
'connecting to %(provider)s, please try again '
'or use another provider') % {
'provider': 'Facebook'
}
request.user.message_set.create(message=msg)
elif login_form.cleaned_data['login_type'] == 'wordpress_site':
#here wordpress_site means for a self hosted wordpress blog not a wordpress.com blog
wp = Client(askbot_settings.WORDPRESS_SITE_URL,
login_form.cleaned_data['username'],
login_form.cleaned_data['password'])
try:
wp_user = wp.call(GetUserInfo())
custom_wp_openid_url = '%s?user_id=%s' % (wp.url,
wp_user.user_id)
user = authenticate(method='wordpress_site',
wordpress_url=wp.url,
wp_user_id=wp_user.user_id)
return finalize_generic_signin(
request=request,
user=user,
user_identifier=custom_wp_openid_url,
login_provider_name=provider_name,
redirect_url=next_url)
except WpFault, e:
logging.critical(unicode(e))
msg = _('The login password combination was not correct')
request.user.message_set.create(message=msg)