def get_email_confirmation_redirect_url(self, request, badgr_app=None):
"""
The URL to return to after successful e-mail confirmation.
"""
if badgr_app is None:
badgr_app = BadgrApp.objects.get_current(request)
if not badgr_app:
logger = logging.getLogger(self.__class__.__name__)
logger.warning("Could not determine authorized badgr app")
return super(BadgrAccountAdapter,
self).get_email_confirmation_redirect_url(request)
try:
resolverMatch = resolve(request.path)
confirmation = EmailConfirmationHMAC.from_key(
resolverMatch.kwargs.get('confirm_id'))
# publish changes to cache
email_address = CachedEmailAddress.objects.get(
pk=confirmation.email_address.pk)
email_address.save()
redirect_url = urlparse.urljoin(
badgr_app.email_confirmation_redirect.rstrip('/') + '/',
urllib.quote(email_address.user.first_name.encode('utf8')))
redirect_url = set_url_query_params(
redirect_url, email=email_address.email.encode('utf8'))
return redirect_url
except Resolver404, EmailConfirmation.DoesNotExist:
return badgr_app.email_confirmation_redirect
def get_email_confirmation_redirect_url(self, request, badgr_app=None):
"""
The URL to return to after successful e-mail confirmation.
"""
if badgr_app is None:
badgr_app = BadgrApp.objects.get_current(request)
if not badgr_app:
logger = logging.getLogger(self.__class__.__name__)
logger.warning("Could not determine authorized badgr app")
return super(BadgrAccountAdapter, self).get_email_confirmation_redirect_url(request)
try:
resolverMatch = resolve(request.path)
confirmation = EmailConfirmationHMAC.from_key(resolverMatch.kwargs.get('confirm_id'))
# publish changes to cache
email_address = CachedEmailAddress.objects.get(pk=confirmation.email_address.pk)
email_address.save()
redirect_url = urlparse.urljoin(
badgr_app.email_confirmation_redirect.rstrip('/') + '/',
urllib.quote(email_address.user.first_name.encode('utf8'))
)
redirect_url = set_url_query_params(redirect_url, email=email_address.email.encode('utf8'))
return redirect_url
except Resolver404, EmailConfirmation.DoesNotExist:
return badgr_app.email_confirmation_redirect
def get_redirect_url(self):
badgr_app = get_session_badgr_app(self.request)
if badgr_app is not None:
return set_url_query_params(
badgr_app.ui_login_redirect,
authError=
'An account already exists with provided email address')
def get_redirect_url(self):
provider_name = self.request.GET.get('provider', None)
if provider_name is None:
raise ValidationError('No provider specified')
badgr_app = BadgrApp.objects.get_current(request=self.request)
if badgr_app is not None:
set_session_badgr_app(self.request, badgr_app)
else:
raise ValidationError('Unable to save BadgrApp in session')
try:
redirect_url = reverse('{}_login'.format(
self.request.GET.get('provider')))
except NoReverseMatch:
raise ValidationError('No {} provider found'.format(provider_name))
auth_token = self.request.GET.get('authToken', None)
if auth_token is not None:
get_verified_user(
auth_token
) # Raises AuthenticationFailed if auth token is invalid
set_session_auth_token(self.request, auth_token)
return set_url_query_params(redirect_url,
process=AuthProcess.CONNECT)
else:
return redirect_url
def get(self, request, **kwargs):
"""
Confirm an email address with a token provided in an email
---
parameters:
- name: token
type: string
paramType: form
description: The token received in the recovery email
required: true
"""
token = request.query_params.get('token')
badgrapp_id = request.query_params.get('a', None)
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
emailconfirmation = EmailConfirmationHMAC.from_key(kwargs.get('confirm_id'))
if emailconfirmation is None:
return Response(status=HTTP_404_NOT_FOUND)
try:
email_address = CachedEmailAddress.cached.get(pk=emailconfirmation.email_address.pk)
except CachedEmailAddress.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
matches = re.search(r'([0-9A-Za-z]+)-(.*)', token)
if not matches:
return Response(status=HTTP_404_NOT_FOUND)
uidb36 = matches.group(1)
key = matches.group(2)
if not (uidb36 and key):
return Response(status=HTTP_404_NOT_FOUND)
user = self._get_user(uidb36)
if user is None or not default_token_generator.check_token(user, key):
return Response(status=HTTP_404_NOT_FOUND)
if email_address.user != user:
return Response(status=HTTP_404_NOT_FOUND)
old_primary = CachedEmailAddress.objects.get_primary(user)
if old_primary is None:
email_address.primary = True
email_address.verified = True
email_address.save()
process_email_verification.delay(email_address.pk)
# get badgr_app url redirect
redirect_url = get_adapter().get_email_confirmation_redirect_url(request, badgr_app=badgrapp)
redirect_url = set_url_query_params(redirect_url, authToken=user.auth_token)
return Response(status=HTTP_302_FOUND, headers={'Location': redirect_url})
def error_redirect_url(self):
if self.badgrapp is None:
try:
self.badgrapp = BadgrApp.objects.get(id=getattr(settings, 'BADGR_APP_ID', 1))
except BadgrApp.DoesNotExist:
return OriginSetting.HTTP
return set_url_query_params(
self.badgrapp.ui_login_redirect.rstrip('/'),
authError='Error validating request.'
)
def error_redirect_url(self):
if self.badgrapp is None:
try:
self.badgrapp = BadgrApp.objects.get(
id=getattr(settings, 'BADGR_APP_ID', 1))
except BadgrApp.DoesNotExist:
return OriginSetting.HTTP
return set_url_query_params(
self.badgrapp.ui_login_redirect.rstrip('/'),
authError='Error validating request.')
def get_login_redirect_url(self, request):
"""
If successfully logged in, redirect to the front-end, including an authToken query parameter.
"""
if request.user.is_authenticated():
badgr_app = get_session_badgr_app(request)
if badgr_app is not None:
return set_url_query_params(badgr_app.ui_login_redirect,
authToken=request.user.auth_token)
else:
return '/'
def get_redirect_url(self):
provider_name = self.request.GET.get('provider', None)
if provider_name is None:
raise ValidationError('No provider specified')
badgr_app = BadgrApp.objects.get_current(request=self.request)
if badgr_app is not None:
set_session_badgr_app(self.request, badgr_app)
else:
raise ValidationError('Unable to save BadgrApp in session')
try:
redirect_url = reverse('{}_login'.format(self.request.GET.get('provider')))
except NoReverseMatch:
raise ValidationError('No {} provider found'.format(provider_name))
authcode = self.request.GET.get('authCode', None)
if authcode is not None:
set_session_authcode(self.request, authcode)
return set_url_query_params(redirect_url, process=AuthProcess.CONNECT)
else:
validate_name = self.request.GET.get('validateName', "false").lower() == "true"
return set_url_query_params(redirect_url, validateName=validate_name)
def get_redirect_url(self, *args, **kwargs):
authcode = kwargs.get('authcode', None)
if not authcode:
return self.error_redirect_url()
user_info = decrypt_authcode(authcode)
try:
user_info = json.loads(user_info)
except (
TypeError,
ValueError,
):
user_info = None
if not user_info:
return self.error_redirect_url()
badgrapp_id = user_info.get('badgrapp_id')
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
self.badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return self.error_redirect_url()
try:
email_address = CachedEmailAddress.cached.get(
email=user_info.get('email'))
except CachedEmailAddress.DoesNotExist:
return self.error_redirect_url()
user = email_address.user
user.first_name = user_info.get('first_name', user.first_name)
user.last_name = user_info.get('last_name', user.last_name)
user.badgrapp = self.badgrapp
user.marketing_opt_in = user_info.get('marketing_opt_in',
user.marketing_opt_in)
user.agreed_terms_version = TermsVersion.cached.latest_version()
user.email_verified = True
if user_info.get('plaintext_password'):
user.set_password(user_info['plaintext_password'])
user.save()
redirect_url = urlparse.urljoin(
self.badgrapp.email_confirmation_redirect.rstrip('/') + '/',
urllib.quote(user.first_name.encode('utf8')))
redirect_url = set_url_query_params(
redirect_url, email=email_address.email.encode('utf8'))
return redirect_url
def get_redirect_url(self, *args, **kwargs):
authcode = kwargs.get('authcode', None)
if not authcode:
return self.error_redirect_url()
user_info = decrypt_authcode(authcode)
try:
user_info = json.loads(user_info)
except (TypeError, ValueError,):
user_info = None
if not user_info:
return self.error_redirect_url()
badgrapp_id = user_info.get('badgrapp_id')
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
self.badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return self.error_redirect_url()
try:
email_address = CachedEmailAddress.cached.get(email=user_info.get('email'))
except CachedEmailAddress.DoesNotExist:
return self.error_redirect_url()
user = email_address.user
user.first_name = user_info.get('first_name', user.first_name)
user.last_name = user_info.get('last_name', user.last_name)
user.badgrapp = self.badgrapp
user.marketing_opt_in = user_info.get('marketing_opt_in', user.marketing_opt_in)
user.agreed_terms_version = TermsVersion.cached.latest_version()
user.email_verified = True
if user_info.get('plaintext_password'):
user.set_password(user_info['plaintext_password'])
user.save()
redirect_url = urlparse.urljoin(
self.badgrapp.email_confirmation_redirect.rstrip('/') + '/',
urllib.quote(user.first_name.encode('utf8'))
)
redirect_url = set_url_query_params(redirect_url, email=email_address.email.encode('utf8'))
return redirect_url
def get_login_redirect_url(self, request):
"""
If successfully logged in, redirect to the front-end, including an authToken query parameter.
"""
if request.user.is_authenticated():
badgr_app = get_session_badgr_app(request)
if badgr_app is not None:
accesstoken = BadgrAccessToken.objects.generate_new_token_for_user(
request.user,
application=badgr_app.oauth_application if badgr_app.oauth_application_id else None,
scope='rw:backpack rw:profile rw:issuer')
if badgr_app.use_auth_code_exchange:
authcode = authcode_for_accesstoken(accesstoken)
params = dict(authCode=authcode)
else:
params = dict(authToken=accesstoken.token)
return set_url_query_params(badgr_app.ui_login_redirect, **params)
else:
return '/'
def get_redirect_url(self):
provider_name = self.request.GET.get('provider', None)
if provider_name is None:
raise ValidationError('No provider specified')
badgr_app = BadgrApp.objects.get_current(request=self.request)
if badgr_app is not None:
set_session_badgr_app(self.request, badgr_app)
else:
raise ValidationError('Unable to save BadgrApp in session')
try:
redirect_url = reverse('{}_login'.format(self.request.GET.get('provider')))
except NoReverseMatch:
raise ValidationError('No {} provider found'.format(provider_name))
authcode = self.request.GET.get('authCode', None)
if authcode is not None:
set_session_authcode(self.request, authcode)
return set_url_query_params(redirect_url, process=AuthProcess.CONNECT)
else:
return redirect_url
def get_login_redirect_url(self, request):
"""
If successfully logged in, redirect to the front-end, including an authToken query parameter.
"""
if request.user.is_authenticated:
badgr_app = get_session_badgr_app(request)
if badgr_app is not None:
accesstoken = BadgrAccessToken.objects.generate_new_token_for_user(
request.user,
application=badgr_app.oauth_application if badgr_app.oauth_application_id else None,
scope='rw:backpack rw:profile rw:issuer')
if badgr_app.use_auth_code_exchange:
authcode = authcode_for_accesstoken(accesstoken)
params = dict(authCode=authcode)
else:
params = dict(authToken=accesstoken.token)
return set_url_query_params(badgr_app.ui_login_redirect, **params)
else:
return '/'
def get_redirect_url(self):
badgr_app = get_session_badgr_app(self.request)
if badgr_app is not None:
return set_url_query_params(badgr_app.ui_connect_success_redirect)
def get(self, request, **kwargs):
"""
Confirm an email address with a token provided in an email
---
parameters:
- name: token
type: string
paramType: form
description: The token received in the recovery email
required: true
"""
token = request.query_params.get('token')
badgrapp_id = request.query_params.get('a', None)
if badgrapp_id is None:
badgrapp_id = getattr(settings, 'BADGR_APP_ID', 1)
try:
badgrapp = BadgrApp.objects.get(id=badgrapp_id)
except BadgrApp.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
emailconfirmation = EmailConfirmationHMAC.from_key(kwargs.get('confirm_id'))
if emailconfirmation is None:
return Response(status=HTTP_404_NOT_FOUND)
try:
email_address = CachedEmailAddress.cached.get(pk=emailconfirmation.email_address.pk)
except CachedEmailAddress.DoesNotExist:
return Response(status=HTTP_404_NOT_FOUND)
matches = re.search(r'([0-9A-Za-z]+)-(.*)', token)
if not matches:
return Response(status=HTTP_404_NOT_FOUND)
uidb36 = matches.group(1)
key = matches.group(2)
if not (uidb36 and key):
return Response(status=HTTP_404_NOT_FOUND)
user = self._get_user(uidb36)
if user is None or not default_token_generator.check_token(user, key):
return Response(status=HTTP_404_NOT_FOUND)
if email_address.user != user:
return Response(status=HTTP_404_NOT_FOUND)
old_primary = CachedEmailAddress.objects.get_primary(user)
if old_primary is None:
email_address.primary = True
email_address.verified = True
email_address.save()
process_email_verification.delay(email_address.pk)
# get badgr_app url redirect
redirect_url = get_adapter().get_email_confirmation_redirect_url(request, badgr_app=badgrapp)
# generate an AccessToken for the user
accesstoken = BadgrAccessToken.objects.generate_new_token_for_user(
user,
application=badgrapp.oauth_application if badgrapp.oauth_application_id else None,
scope='rw:backpack rw:profile rw:issuer')
if badgrapp.use_auth_code_exchange:
authcode = authcode_for_accesstoken(accesstoken)
redirect_url = set_url_query_params(redirect_url, authCode=authcode)
else:
redirect_url = set_url_query_params(redirect_url, authToken=accesstoken.token)
return Response(status=HTTP_302_FOUND, headers={'Location': redirect_url})
def get_redirect_url(self):
badgr_app = get_session_badgr_app(self.request)
if badgr_app is not None:
return set_url_query_params(badgr_app.ui_connect_success_redirect)
def get_redirect_url(self):
badgr_app = get_session_badgr_app(self.request)
if badgr_app is not None:
return set_url_query_params(badgr_app.ui_login_redirect,
authError='An account already exists with provided email address')
