def fb_login(request, onsuccess="/availabook/temp", onfail="/availabook/"): print "fb_login" user_id = str(request.POST.get("email")) pwd = str(request.POST.get("psw")) pwd_a = pwd firstname = request.POST.get("fn") lastname = request.POST.get("ln") age = request.POST.get("age") picture = request.POST.get("picture") print user_id, pwd, firstname, lastname, age, picture city = 'ny' zipcode = '10027' signup_handler = Signup(user_id, pwd, pwd_a, firstname, lastname, age, city, zipcode) signup_handler.add_picture(picture) user_db = Users(user_id, pwd) if user_db.verify_email() == False: print "account not exist" if not user_exists(user_id): user = User(username=user_id, email=user_id) user.set_password(pwd) user.save() authenticate(username=user_id, password=pwd) user.backend = 'django.contrib.auth.backends.ModelBackend' auth_login(request, user) try: print "~~~~~~~~~" signup_handler.push_to_dynamodb() print "push success" except Exception as e: print (e) print str(request.user.username) + " is signed up and logged in: " + str(request.user.is_authenticated()) return redirect(onsuccess) else: user=authenticate(username=user_id, password=pwd) user.backend = 'django.contrib.auth.backends.ModelBackend' auth_login(request, user) print str(request.user.username) + " is signed up and logged in: " + str(request.user.is_authenticated()) return redirect(onsuccess) else: print "dynamo has the user info", user_id, pwd user = authenticate(username=user_id, password=pwd) print user try: if user is not None: auth_login(request, user) print "redirecting" return redirect(onsuccess) else: print "user is none" return redirect(onfail) except Exception as e: print e return redirect(onfail)
def process_request(self, request): if not request.user.is_authenticated(): user = User() user.username = '******' % random.randint(0, 2e9) user.save() user.backend = 'django.contrib.auth.backends.ModelBackend' # lies! login(request, user)
def add_member(request): """ Add a new member to a given enterprise """ enterprise = Enterprise.get_from_user_or_404(request.user) if request.method == 'POST': form = NewEnterpriseMemberForm(request.POST) if form.is_valid(): #Create the user owner_email = form.cleaned_data.get('member_email') passwd = form.cleaned_data.get('password1') user = User(email=owner_email) user.set_password(passwd) user.save() user.username = user.pk user.backend='user_backends.email_username.EmailOrUsernameModelBackend' user.save() #create the enterprise member ep_member = form.save(commit=False)#(user=user,enterprise=ep) ep_member.user = user ep_member.enterprise = enterprise ep_member.save() return redirect('/') else: form = NewEnterpriseMemberForm() return locals()
def register(request): if request.user != None and request.user.is_authenticated(): return redirect('/') if request.method == 'POST': form = RegistrationForm(request.POST) if form.is_valid(): #Create the user email = form.cleaned_data.get('email') passwd = form.cleaned_data.get('password1') user = User(email=email) user.set_password(passwd) user.save() user.username = user.pk user.save() user_profile = UserProfile(user=user) user_profile.save() user.backend='user_backends.email_username.EmailOrUsernameModelBackend' #logs the new user login(request,user) return redirect('/') else: form = RegistrationForm() return locals()
def crypto_login(request): """ Remote admin endpoint, for login to a distributed server (given its IP address; see central/views.py:crypto_login) An admin login is negotiated using the nonce system inside SyncSession """ if "client_nonce" in request.GET: client_nonce = request.GET["client_nonce"] try: session = SyncSession.objects.get(client_nonce=client_nonce) except SyncSession.DoesNotExist: return HttpResponseServerError("Session not found.") if session.server_device.is_trusted(): user = get_object_or_None(User, username="******") if not user: user = User(username="******", is_superuser=True, is_staff=True, is_active=True) user.set_unusable_password() user.save() user.backend = "django.contrib.auth.backends.ModelBackend" auth_login(request, user) session.delete() return HttpResponseRedirect(reverse("homepage"))
def test_logout_user(self): user_logged_in.connect(self.record_user_logged_in) user_logged_out.connect(self.record_user_logged_out) user, _ = do_authenticate() new_user = User(username='******') new_user.backend = 'django.contrib.auth.backends.ModelBackend' new_user.save() request = RequestFactory().get('/') request.session = Client().session login(request, new_user) user2, _ = do_authenticate(new_user) self.assertIsNotNone(user, 'Processed user should not have been None.') self.assertEqual(user, user2, 'No new user should have been created.') self.assertNotEqual(self.logged_in_user, new_user, 'Second user should have been logged out.') self.assertEqual(self.logged_out_user, new_user, 'Second user should have been logged out.') self.assertEqual(self.logged_in_user, user, 'First user should have been logged out.') self.assertNotEqual(self.logged_out_user, user, 'First user should have been logged out.')
def authenticate(self, request): UserModel = get_user_model() translator = settings.TLSUSER_TRANSLATOR der = request.META.get("HTTPS_CLIENT_CERTIFICATE") if der is None: return None cert = x509.load_der_x509_certificate(der, default_backend()) username = translator.get_username(cert) if username is None: return None is_admin = username in settings.ADMINS try: user = User.objects.get(username=username) except User.DoesNotExist: email = translator.get_email(cert) user = User(username=username, email=email) user.is_active = True user.is_staff = is_admin user.is_admin = is_admin user.is_superuser = is_admin user.backend = 'tlsuser.backends.ClientTLSBackend' user.save() return user
def process_request(self, request): if request.path.startswith('/logout') and "HTTP_X_LOGOUT_URL" in request.META: logout(request) return http.HttpResponseRedirect(request.META["HTTP_X_LOGOUT_URL"]) if not request.user.is_authenticated() and "HTTP_REMOTE_USER" in request.META: attributemap = { "username": "******", "last_name": "HTTP_X_LAST_NAME", "first_name": "HTTP_X_FIRST_NAME", "email": "HTTP_X_EMAIL", } for key, value in attributemap.iteritems(): attributemap[key] = request.META[value] if hasattr(settings, "ALLOWED_EMAIL_SUFFIXES") and settings.ALLOWED_EMAIL_SUFFIXES: allowed = settings.ALLOWED_EMAIL_SUFFIXES if isinstance(settings.ALLOWED_EMAIL_SUFFIXES, basestring): allowed = [settings.ALLOWED_EMAIL_SUFFIXES] if not any([attributemap["email"].lower().endswith(x) for x in allowed]): return http.HttpResponseForbidden() if User.objects.filter(email__istartswith=attributemap["email"]).exists(): user = User.objects.get(email__istartswith=attributemap["email"]) elif User.objects.filter(username__iexact=attributemap["username"]).exists(): user = User.objects.get(username__iexact=attributemap["username"]) else: user = User() user.__dict__.update(attributemap) user.save() user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user)
def register(request): if request.user != None and request.user.is_authenticated(): return redirect('/') if request.method == 'POST': form = RegistrationForm(request.POST) if form.is_valid(): #Create the user owner_email = form.cleaned_data.get('owner_email') passwd = form.cleaned_data.get('password1') user = User(email=owner_email) user.set_password(passwd) user.save() user.username = user.pk user.save() user.backend = 'user_backends.email_username.EmailOrUsernameModelBackend' #create the enterprise ep_name = form.cleaned_data.get('enterprise') ep = Enterprise(name=ep_name) ep.save() #create the enterprise member ep_member = EnterpriseMember(user=user, enterprise=ep) ep_member.member_type = EnterpriseMember.MEMBER_TYPE.owner ep_member.save() #logs the new user login(request, user) return redirect('/') else: form = RegistrationForm() return locals()
def register(request): if request.user != None and request.user.is_authenticated(): return redirect('/') if request.method == 'POST': form = RegistrationForm(request.POST) if form.is_valid(): #Create the user email = form.cleaned_data.get('email') passwd = form.cleaned_data.get('password1') user = User(email=email) user.set_password(passwd) user.save() user.username = user.pk user.save() user_profile = UserProfile(user=user) user_profile.save() user.backend = 'user_backends.email_username.EmailOrUsernameModelBackend' #logs the new user login(request, user) return redirect('/') else: form = RegistrationForm() return locals()
def save(self): """ gets returns the social user with the form data. creates one if it does not already exists. """ data = self.cleaned_data user = None try: # get associated user if it exists: social_id = data['id'] social_profile = SocialProfile.objects.get( provider=SocialProfile.FACEBOOK, social_id=social_id, ) user = social_profile.user except SocialProfile.DoesNotExist: # Create the user: user = User(username=data['id'], first_name=data['first_name'], last_name=data['last_name']) user.save() # Create the user's social_profile: social_profile = SocialProfile(provider=SocialProfile.FACEBOOK, social_id=data['id'], photo=data['photo'], user=user) social_profile.save() user.backend = 'django.contrib.auth.backends.ModelBackend' return user
def test_matching_current_session_should_responde_with_success(self): user = User(username='******', is_staff=True) user.set_password('password') user.save() backend = Backend() request = self.get_view_handler_request(backend, user, 'hearbeat', 'post', '/admin/hearbeat/') # log user in user.backend = 'django.contrib.auth.backends.ModelBackend' auth_login(request, user) self.assertTrue(user.is_authenticated()) # create session object and patch request session_key = '123456789123456789123456789123456789' session = Session.objects.create( session_key=session_key, session_data=Session.objects.encode({'_auth_user_id': user.id}), expire_date=datetime.datetime.now() + datetime.timedelta(days=1)) request.session._session_key = session_key # run request and verify that we get successful responde response = backend.run_handler(request, 'heartbeat') json = decode_json(response.content) self.assertEqual({'result': 'Success', 'taskInfo': None}, json)
def signin(request): data = json.loads(request.POST['data']) response = json_response({'errors': {'email': 'Failed to verify email'}}) verification_data = verify(request, data['assertion']) if verification_data: email = verification_data['email'] username = data.get('username') qs = User.objects.filter(email__iexact=email) if qs.count() == 0: if not username: response = json_response({ 'errors': { 'username': '******' } }) return response user = User() user.email = email user.username = username user.save() else: user = qs[0] if user.is_active: request.session['ui'] = '{}' #fixme. use custom backend instead? user.backend = 'django.contrib.auth.backends.ModelBackend' auth.login(request, user) user_json = models.init_user(user, request) response = json_response({'user': user_json}) else: response = json_response({'errors': {'email': 'User Disabled'}}) return response
def _create_anonymous_user(request): def _create_username(): _username = '******'.format(User.objects.last().pk + 1) exists = len(User.objects.filter(username=_username)) while exists == 1: _username += get_random_string(length=5) exists = len(User.objects.filter(username=_username)) return _username username = _create_username() user_data = {} profile_data = {} user_data['username'] = username profile_data.update({'disabled': True, 'anonymous_login': True}) user = User(**user_data) user.save() profile_data['user'] = user profile = Profile(**profile_data) profile.save() next_uri = reverse('accounts.change_password') key = create_user_key(user, usage_left=None, next=next_uri) user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) return key
def add_member(request): """ Add a new member to a given enterprise """ enterprise = Enterprise.get_from_user_or_404(request.user) if request.method == 'POST': form = NewEnterpriseMemberForm(request.POST) if form.is_valid(): #Create the user owner_email = form.cleaned_data.get('member_email') passwd = form.cleaned_data.get('password1') user = User(email=owner_email) user.set_password(passwd) user.save() user.username = user.pk user.backend = 'user_backends.email_username.EmailOrUsernameModelBackend' user.save() #create the enterprise member ep_member = form.save(commit=False) #(user=user,enterprise=ep) ep_member.user = user ep_member.enterprise = enterprise ep_member.save() return redirect('/') else: form = NewEnterpriseMemberForm() return locals()
def site_signup(request): if request.method == 'POST': form = PatientRegistrationForm(request.POST) if form.is_valid(): cd = form.cleaned_data uname = cd['username'] pword = cd['password'] firstname = cd['firstname'] lastname = cd['lastname'] email = cd['emailid'] mobNum = cd['mobNum'] locality = cd['locality'] user = User(username=uname,password=make_password(pword),first_name=firstname,last_name=lastname,email=email) user.backend='django.contrib.auth.backends.ModelBackend' user.save() usr = User.objects.get(username=uname) if usr: pat = Patient(phone_number=mobNum,locality=locality,user=usr) pat.save() usr.groups.add(Group.objects.get(name='Patient')) #usr = authenticate(username=uname,password=pword) login(request,user) request.session['new_un'] = uname #return HttpResponseRedirect("/signupsuccess/") return HttpResponseRedirect("/home/") else: form = PatientRegistrationForm(error_class=DivErrorList) return render(request,"signup_patient.html",{'form':form})
def google_login_callback(request): code = request.GET.get('code') if not code: return HttpResponse("Oops! We couldn't authenticate!") # FIXME: I have hard-coded the client secrets file path for now. flow = flow_from_clientsecrets('/Users/lxidd/Desktop/client_secrets.json', scope='https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/userinfo.email', redirect_uri='http://*****:*****@')[0], password='******', email=email) user.save() google_user = GoogleAccount(user=user, access_token=access_token) google_user.save() user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) return redirect(reverse('video-list'))
def authenticate(self, fb_user=None): try: profile = UserProfile.objects.get(fb_username=fb_user.username) profile.user.backend = \ 'ohibokapatterns.common.utils.FacebookBackend' return profile.user except UserProfile.DoesNotExist: # Create a new user. Note that we can set password # to anything, because it won't be checked; the password # from settings.py will. username = fb_user.username users = User.objects.filter(username__startswith=username + '-').order_by('id').reverse() if not users: users = User.objects.filter(username=username).order_by('id').reverse() if users: username += '-1' else: users = users[0] username += '-' + str(int(users.url.split('-')[1]) + 1) user = User(username=username, password=hashlib.sha224(username + \ str(date.today())).hexdigest()) user.is_staff = False user.is_superuser = False user.save() userprofile = UserProfile(fb_username=fb_user.username, fb_name=fb_user.name, user=user) userprofile.save() user.backend = 'ohibokapatterns.common.utils.FacebookBackend' return user
def google_return (request, url=None): from django.contrib.auth import login good = False # ocdir.clean_gkeys() email = request.REQUEST.get('openid.ext1.value.email', '') handle = request.REQUEST.get('openid.assoc_handle', '') mode = request.REQUEST.get('openid.mode', '') if handle != '' and email != '' and mode == 'id_res': u = User.objects.filter(email=email) if not u: u = User(email=email,username=email.split("@")[0]) u.save() u.set_unusable_password() u = User.objects.get(email=email) u.backend='django.contrib.auth.backends.ModelBackend' login(request,u) good = True x = request.user if not url.startswith("http://"): url = url.replace("http:/", "http://") if not re.search("http://", url): url = "http://" + url if good: return HttpResponseRedirect(url) if not "?" in url: url += "?" url += '&message=' url += urllib.quote("Invalid Google login, please try again.") return HttpResponseRedirect(url)
def google_login_callback(request): code = request.GET.get('code') if not code: return HttpResponse("Oops! We couldn't authenticate!") # FIXME: I have hard-coded the client secrets file path for now. flow = flow_from_clientsecrets( '/Users/lxidd/Desktop/client_secrets.json', scope= 'https://www.googleapis.com/auth/youtube https://www.googleapis.com/auth/userinfo.email', redirect_uri='http://*****:*****@')[0], password='******', email=email) user.save() google_user = GoogleAccount(user=user, access_token=access_token) google_user.save() user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) return redirect(reverse('video-list'))
def gitlab_auth_callback(request): redirect_uri = 'http://' + request.get_host() + str(reverse_lazy('gitlab_auth_callback')) gitlab = get_gitlab(redirect_uri=redirect_uri) token_url = settings.GITLAB_URL + '/oauth/token' client_secret = settings.GITLAB_APPLICATION_SECRET gitlab.fetch_token(token_url, client_secret=client_secret, code=request.GET['code']) r = gitlab.get("http://185.22.60.142:8889/api/v3/user") user_json = json.loads(r.content.decode("utf-8")) try: user = User.objects.get(gitlabauthorisation__gitlab_user_id=user_json['id']) except ObjectDoesNotExist: user = User() user.username = "******" + str(user_json["id"]) user.save() user.gitlabauthorisation = GitlabAuthorisation() user.gitlabauthorisation.gitlab_user_id = user_json["id"] user.gitlabauthorisation.name = user_json["name"] user.gitlabauthorisation.username = user_json["username"] user.gitlabauthorisation.token = gitlab.token user.gitlabauthorisation.save() user.backend = 'django.contrib.auth.backends.ModelBackend' django_login(request, user) return HttpResponseRedirect(reverse('HuskyJamGuru:project-list'))
def form_valid(self, form): existing_examinee = Examinee.objects.filter( group = self.examination.group, first_name = form.instance.first_name, middle_name = form.instance.middle_name, last_name = form.instance.last_name, ).last() if existing_examinee: print('hooray') user = existing_examinee.user user.backend = 'django.contrib.auth.backends.ModelBackend' login(self.request, user) return redirect('welcome') import random user = User( username='******' % (unidecode(form.instance.first_name), random.randint(0,10000)), first_name = form.instance.first_name, last_name = form.instance.last_name, password='') user.save() user.backend = 'django.contrib.auth.backends.ModelBackend' login(self.request, user) form.instance.user = user form.instance.group = self.examination.group form.save() return super(ExamineeCreateView, self).form_valid(form)
def authenticate_user(request): if request.is_ajax(): import urllib from jose import jwt from django.contrib.auth import login idtoken = request.POST.get('idtoken') target_audience = "the-birding-book" certificate_url = 'https://www.googleapis.com/robot/v1/metadata/x509/[email protected]' response = urllib.urlopen(certificate_url) certs = response.read() certs = json.loads(certs) firebase_user = jwt.decode(idtoken, certs, algorithms='RS256', audience=target_audience) if User.objects.filter(uid__uid=firebase_user['sub']).exists(): user = User.objects.get(uid__uid=firebase_user['sub']) user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) return HttpResponse(json.dumps({'msg':'old_user'}), content_type='application/json') else: user = User() user.save() user.username = '******'+str(user.id) user.save() new_avatar = Avatar.objects.create( user = user ) filename = 'default_avatar.png' new_avatar.avatar = 'default_avatar.png' new_avatar.thumbnail_url = "https://s3.amazonaws.com/birdingappsmall/%s" % filename new_avatar.save() uid = Uid.objects.create( uid = firebase_user['sub'], user = user ) user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) return HttpResponse(json.dumps({'msg':'new_user'}), content_type='application/json') else: return HttpResponseForbidden()
def save(self): """ gets returns the social user with the form data. creates one if it does not already exists. """ data = self.cleaned_data user = None try: # get associated user if it exists: social_id = data["id"] social_profile = SocialProfile.objects.get(provider=SocialProfile.FACEBOOK, social_id=social_id) user = social_profile.user except SocialProfile.DoesNotExist: # Create the user: user = User(username=data["id"], first_name=data["first_name"], last_name=data["last_name"]) user.save() # Create the user's social_profile: social_profile = SocialProfile( provider=SocialProfile.FACEBOOK, social_id=data["id"], photo=data["photo"], user=user ) social_profile.save() user.backend = "django.contrib.auth.backends.ModelBackend" return user
def register(request): if request.user != None and request.user.is_authenticated(): return redirect('/') if request.method == 'POST': form = RegistrationForm(request.POST) if form.is_valid(): #Create the user owner_email = form.cleaned_data.get('owner_email') passwd = form.cleaned_data.get('password1') user = User(email=owner_email) user.set_password(passwd) user.save() user.username = user.pk user.save() user.backend='user_backends.email_username.EmailOrUsernameModelBackend' #create the enterprise ep_name = form.cleaned_data.get('enterprise') ep = Enterprise(name=ep_name) ep.save() #create the enterprise member ep_member = EnterpriseMember(user=user,enterprise=ep) ep_member.member_type = EnterpriseMember.MEMBER_TYPE.owner ep_member.save() #logs the new user login(request,user) return redirect('/') else: form = RegistrationForm() return locals()
def authenticate(self, request, username=None, password=None): #TODO could save users? if username is None or password is None: return None digester = hashlib.sha1() digester.update(password.encode('utf-8')) #TODO REST API call pwd_json = { 'userPasswordHash': digester.hexdigest() } # {'userPasswordHash': digester.digest().decode('utf-8')} login_response = requests.post( ("%s/users/verify/%s" % (base_url, username)), data=json.dumps(pwd_json), verify= '/home/webserver/virtual_environment/ca_webserver/ssl/cacert.pem') # pdb.set_trace() if login_response.ok: auth_status = login_response.json()['correctCredentials'] #pdb.set_trace() if auth_status: try: user = User.objects.get(username=username) # Dirty fix user.backend = 'RemoteBackend' except User.DoesNotExist: user = User(username=username) user.backend = 'RemoteBackend' user.save() return user return None
def postback(request): """ """ if request.method != 'POST': return HttpResponseNotAllowed(['POST']) if 'token' not in request.POST: return HttpResponseBadRequest() response = ulogin_response(request.POST['token'], request.get_host()) if 'error' in response: return render(request, 'django_ulogin/error.html', {'json': response}) if request.user.is_authenticated(): user = request.user registered = False ulogin = None if not request.user.ulogin_users.count(): ulogin = ULoginUser.objects.create(network = response['network'], uid = response['uid'], identity = response['identity'], user = user) registered = True # Not authenticated else: try: ulogin = ULoginUser.objects.get(network=response['network'], uid=response['uid']) registered = False user = ulogin.user except ULoginUser.DoesNotExist: user = User() user.username=uuid.uuid4().hex[:30] user.set_unusable_password() user.save() ulogin = ULoginUser.objects.create(network = response['network'], uid = response['uid'], identity = response['identity'], user = user) registered = True # Authenticate user if not hasattr(user, 'backend'): user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) # End of not authenticated assign.send(sender=ULoginUser, request=request, user=user, registered=registered, ulogin_user=ulogin, ulogin_data=response) return redirect(request.GET.get(REDIRECT_FIELD_NAME) or '/')
def authenticate(self,access_token=None,user=None,expires=None): user_object = None user_facebook = None try: url = 'https://graph.facebook.com/me?access_token=%s' \ % access_token response = simplejson.load(urllib.urlopen(url)) user_facebook = TipoUsuario.objects.get( userid=response['id'] ) profile = user_facebook.query() user_facebook.access_token = access_token user_facebook.expires = expires user_facebook.save() user_object = user_facebook.usuario.user except TipoUsuario.DoesNotExist: user_facebook = TipoUsuario.objects.get_or_create( access_token=access_token ) profile = user_facebook[0].query() try: user_object = User.objects.get(username=profile['email']) usuario_parent = Usuario( user=user_object ) usuario_parent.save() user_facebook[0].expires = expires user_facebook[0].userid = profile['id'] user_facebook[0].usuario = usuario_parent user_facebook[0].save() usuario_parent.tipo_usuario = user_facebook[0].id usuario_parent.save() except User.DoesNotExist: user_object = User() user_object.username = profile['email'] user_object.set_unusable_password() user_object.backend = 'community.facebook.Facebook' user_object.first_name = profile['first_name'] user_object.last_name = profile['last_name'] user_object.email = profile['email'] user_object.save() user_object.is_active = True user_object.is_staff = False user_object.is_superuser = False user_object.save() usuario_parent = Usuario( user=user_object ) usuario_parent.save() user_facebook[0].expires = expires user_facebook[0].userid = profile['id'] user_facebook[0].usuario = usuario_parent user_facebook[0].save() usuario_parent.tipo_usuario = user_facebook[0].id usuario_parent.save() return user_object.username
def get_and_update_user(user_info): username = convert_sls_uuid(user_info['sub']) try: user = User.objects.get(username=username) if not user.first_name: user.first_name = user_info['given_name'] if not user.last_name: user.last_name = user_info['family_name'] if not user.email: user.email = user_info['email'] user.save() except User.DoesNotExist: # Create a new user. Note that we can set password # to anything, because it won't be checked. user = User(username=username, password='', first_name=user_info['given_name'], last_name=user_info['family_name'], email=user_info['email']) user.set_unusable_password() user.save() UserProfile.objects.get_or_create(user=user, user_type='BEN') group = Group.objects.get(name='BlueButton') user.groups.add(group) # Log in the user user.backend = 'django.contrib.auth.backends.ModelBackend' # Determine patient_id fhir_source = get_resourcerouter() crosswalk, _ = Crosswalk.objects.get_or_create(user=user, fhir_source=fhir_source) hicn = user_info.get('hicn', "") crosswalk.set_hicn(hicn) crosswalk.save() try: backend_data = authenticate_crosswalk(crosswalk) # Get first and last name from FHIR if not in OIDC Userinfo response. if user_info['given_name'] == "" or user_info['family_name'] == "": if 'entry' in backend_data: if 'name' in backend_data['entry'][0]['resource']: names = backend_data['entry'][0]['resource']['name'] first_name = "" last_name = "" for n in names: if n['use'] == 'usual': last_name = n['family'] first_name = n['given'][0] if last_name or first_name: user.first_name = first_name user.last_name = last_name user.save() except (UpstreamServerException, exceptions.NotFound): logger.error("Failed to connect Beneficiary " "to FHIR") return user
def signup(request, onsuccess="/availabook/temp", onfail="/availabook/"): user_id = request.POST.get("email") pwd = request.POST.get("psw") pwd_a = request.POST.get("psw_a") firstname = request.POST.get("fn") lastname = request.POST.get("ln") age = request.POST.get("age") city = request.POST.get("city") zipcode = request.POST.get("zipcode") print user_id, pwd, pwd_a, firstname, lastname, age, city, zipcode signup_handler = Signup(user_id, pwd, pwd_a, firstname, lastname, age, city, zipcode) signup_handler.add_picture("https://s3.amazonaws.com/image-availabook/default") if pwd == pwd_a: if not user_exists(user_id): user = User(username=user_id, email=user_id) user.set_password(pwd) user.save() authenticate(username=user_id, password=pwd) user.backend = 'django.contrib.auth.backends.ModelBackend' auth_login(request, user) print ("Successfully saving user information to Django sqlite.") try: signup_handler.push_to_dynamodb() print ("Successfully pushing user information to AWS Dynamodb.") print str(request.user.username) + " is signed up and logged in: " + str(request.user.is_authenticated()) return redirect(onsuccess) except Exception as e: print (e) print ("Pushing user information to AWS Dynamodb failed! Please sign up again!") return HttpResponse("Error") else: user_db = Users(user_id, pwd) if user_db.verify_email() == False: print "Current user is already existed in Django sqlite, but not in AWS Dynamodb! Generally, sign up will fail. For debugging, maybe you should first delete this user from your django sqlite, clean the cache in browser and sign up again!" try: signup_handler.push_to_dynamodb() print ("Successfully pushing user information to AWS Dynamodb.") if request.user.is_authenticated(): print str(request.user.username) + " is signed up and logged in: " + str(request.user.is_authenticated()) return redirect(onsuccess) else: print ("Sign up failed. Please debug following the instructions above!") return HttpResponse("Error") except Exception as e: print (e) print ("Pushing user information to AWS Dynamodb failed! Please debug and sign up again!") return HttpResponse("Error") else: print ("Current user is already existed in both Django sqlite and AWS Dynamodb! Please turn to log in first!") print ("If you still can't sign up and log in, for debugging, please delete this user from your django sqlite, clean the cache in browser and sign up again!") return HttpResponse("Error") else: print "Two input passwords inconsistent! Please sign up again!" return HttpResponse("Error")
def callback(req): token = req.session.get('token', None) if not token: return render('callback.html', { 'token': True }) token = oauth.OAuthToken.from_string(token) if token.key != req.GET.get('oauth_token', 'no-token'): return render('callback.html', { 'mismatch': True }) token = get_authorized_token(token) obj = is_authorized(token) if obj is None: return render('callback.html', { 'username': True }) user = None try: user = User.objects.get(username=obj['screen_name']) except: user = User(username=obj['screen_name']) user.save() profile = None try: profile = user.get_profile() except: profile = UserProfile(user=user) profile.oauth_token = token.key profile.oauth_token_secret = token.secret profile.followers = obj['followers_count'] profile.image = obj['profile_image_url'] try: profile.location = obj['location'] except: pass try: profile.lang = obj['lang'] except: pass try: profile.time_zone = obj['time_zone'] except: pass profile.save() from django.contrib.auth import login, load_backend if not hasattr(user, 'backend'): for backend in settings.AUTHENTICATION_BACKENDS: if user == load_backend(backend).get_user(user.pk): user.backend = backend break if hasattr(user, 'backend'): login(req, user) del req.session['token'] return redirect('/info/')
def register_user(request): output = {} if request.method == 'POST': errors = {} # extract values from POST, will be None if not present username, pw1, pw2 = extract(request.POST, 'username', 'password1', 'password2') # begin validation... if username is None or len(username) == 0: errors['username'] = '******' else: try: user = User.objects.get(username=username) #user.delete() errors['username'] = '******' except User.DoesNotExist: # good pass if pw1 is None or len(pw1) == 0: errors['password1'] = 'Required' if pw2 is None or len(pw2) == 0: errors['password2'] = 'Required' if pw1 != pw2: errors['password1'] = 'Passwords must match' # ... end of validation if len(errors) == 0: user = User(username=username) user.set_password(pw1) user.is_active = True user.save() # SUCCESS, redirect... if REQUIRE_ACTIVATION: # set active flag to false until email verified user.is_active = False user.save() return redirect('/activate') else: # don't need to verify. log user in and go to home user.backend='django.contrib.auth.backends.ModelBackend' login(request, user) return redirect('/') output['errors'] = errors output['username'] = username # fall through if errors return render_to(request, 'profiles/register.html', output)
def create_user_if_anonymous(request): if not request.user.is_authenticated(): anon_user = User(username=str(uuid.uuid4().hex[:30]), first_name="Anonymous", last_name="User") anon_user.set_unusable_password() anon_user.save() anon_user.username = "******" + str(anon_user.id) anon_user.userprofile.is_anonymous = True anon_user.save() anon_user.backend = "django.contrib.auth.backends.ModelBackend" login(request, anon_user)
def venmoauth(request): """ This is the view that Venmo redirects to from their authorization page. Venmo returns a authorization code which can be used with the API keys to get access and refresh tokens for the user. """ # Get auth code returned by Venmo AUTH_CODE = request.GET.get('code') data = { "client_id": CLIENT_ID, "client_secret": CLIENT_SECRET, "code": AUTH_CODE } url = "https://api.venmo.com/v1/oauth/access_token" # POST data to Venmo's oauth to get access and refresh tokens response = requests.post(url, data) response_dict = response.json() access_token = response_dict.get('access_token') refresh_token = response_dict.get('refresh_token') # Put returned user info into dict to look up or create User/BetUser vuser = response_dict.get('user') username = vuser['username'] try: user = User.objects.get(username=username) except User.DoesNotExist: user = User() user.username = username user.password = access_token user.email = vuser['email'] user.first_name = vuser['first_name'] user.last_name = vuser['last_name'] user.save() try: betuser = BetUser.objects.get(user=user) except BetUser.DoesNotExist: betuser = BetUser() betuser.user = user betuser.venmoid = vuser['id'] betuser.venmoname = username betuser.access_token = access_token betuser.refresh_token = refresh_token betuser.save() # Force login in order to avoid handling passwords user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) # Redirect Logged in User return HttpResponseRedirect('/api/v1/')
def init_user_login(request): # If social login then return if not request.user.is_anonymous() and UserSocialAuth.objects.filter( user=request.user).count() > 0: return # If not valid user, create anonymous user based on session key if request.user.is_anonymous(): session = request.session if not session.session_key: request.session.create() u = User(username="******" + request.session.session_key) u.save() u.backend = 'django.contrib.auth.backends.ModelBackend' login(request, u)
def test_keep_next_redirect(self): next_uri = '/test/' _, next_returned = do_authenticate(next_uri=next_uri) self.assertEqual(next_returned, next_uri, 'Redirect using next parameter has not been retained.') new_user = User(username='******') new_user.backend = 'django.contrib.auth.backends.ModelBackend' new_user.save() request = RequestFactory().get('/') request.session = Client().session login(request, new_user) _, next_returned = do_authenticate(new_user, next_uri=next_uri) self.assertEqual(next_returned, next_uri, 'Redirect using next parameter has not been retained.')
def process_request(self, request): identity = self.plugin.identify(request.environ.copy()) if identity and 'repoze.who.plugins.auth_tkt.userid' in identity: user_id = identity['repoze.who.plugins.auth_tkt.userid'] try: user = User.objects.get(id=user_id) except User.DoesNotExist: user = User(id=user_id) self.callback(user) user.save() user.backend='django.contrib.auth.backends.ModelBackend' login(request, user) request.user = user request.environ['authtkt.identify'] = self.identify request.environ['authtkt.forget'] = self.forget
def g_login(request): random_sentence() world_wide_list = user_detail.objects.all().order_by('-highest_wpm')[:15] author_list = user_detail.objects.filter( author_count__gt=0).order_by('-author_count')[:10] if request.is_ajax(): g_user_id = request.POST.get('google_id') g_user_email = request.POST.get('g_user_email') g_user_profile = request.POST.get('g_user_profile') g_user_name = request.POST.get('g_user_name') try: user = User.objects.get(email=g_user_email) user.backend = 'django.contrib.auth.backends.ModelBackend' user_detail_object = user_detail(user_id=user) if user is not None: if user.is_active: login(request, user) is_login = 1 else: return HttpResponse('Accound Disabled') except User.DoesNotExist: user = User(username=g_user_email, email=g_user_email, first_name=g_user_name) user.save() user_detail_object = user_detail(user_id=user, name=user.first_name, profile_picture=g_user_profile, google_id=g_user_id) user_detail_object.save() user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) is_login = 1 #mail_auth(request,temp_pass) response = render_to_response( 'index.html', { "sentence": this_sentence, "author": this_author, "author_detail": this_author_detail, "author_list": author_list, "User": user, "user_detail": user_detail_object, "world_wide_list": world_wide_list, "is_login": is_login }, RequestContext(request)) if request.user.is_authenticated(): response = redirect('/home') return response
def process_request(self, request): if "signed_request_payload" not in request.REQUEST or "signed_request_signature" not in request.REQUEST: return None data64 = request.REQUEST["signed_request_payload"] signature = request.REQUEST["signed_request_signature"] try: # Verify the signature if hmac.new(SHARED_SECRET, data64).hexdigest() != signature: return HttpResponseForbidden('<h1>Forbidden</h1>') data = base64.b64decode(data64) user_dict = simplejson.loads(data) except: return HttpResponseBadRequest("Reading signature failed.") for param in REQUIRED_PARAMETERS: if param not in user_dict: return HttpResponseBadRequest("Missing parameter " + param) signed_timestamp = user_dict["timestamp"] # Make sure timestamp is current current_timestamp = int(time.time()) # Check that the timestamp is no older than 120 seconds if abs(current_timestamp - signed_timestamp) > 120: return HttpResponseForbidden('<h1>Expired</h1><p>The link you used has expired or the system clock is inaccurate.</p>') try: user = User.objects.get(username=user_dict["username"]) except: user = User(username=user_dict["username"]) user.first_name = user_dict["first_name"] user.last_name = user_dict["last_name"] user.is_staff = user_dict["is_staff"] user.save() user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) get_params = request.GET.copy() del get_params["signed_request_payload"] del get_params["signed_request_signature"] return redirect(request.path + "?" + urllib.urlencode(get_params))
def registerPage(request): if request.method == 'POST': user = User() user.first_name = request.POST.get("FirstName") user.last_name = request.POST.get("LastName") user.email = request.POST.get("Email") user.username = request.POST.get("Login") user.set_password(request.POST.get("Password")) user.save() messages.success( request, f"Регистрация успешно завершена. Здравствуйте," f" {user.first_name} {user.last_name}! Добро пожаловать") user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) next_page = reverse_lazy('index') return render(request, 'buildApp/index.html')
def create_new_user_for_group(request,signup=False, group_id=None): if request.method == 'POST': # If the form has been submitted... form = UserForm(request.POST) # A form bound to the POST data if form.is_valid(): name = form.cleaned_data['firstname'] email = form.cleaned_data['email'] password = form.cleaned_data['password'] try: user = User.objects.get(email=email) if user.check_password(password): login(request,user) if signup: return HttpResponseRedirect('/creategroup/') return HttpResponseRedirect('/login/') except: user = User(username=email,email=email,password=password) user.set_password(password) user.save() verify_url = ''.join([choice('1234567890qwertyuiopasdfghjklzxcvbnm') for i in range(40)]) userprof = UserProfile(user=user,name=name,admin_mode=False,verify_url=verify_url) userprof.save() sg_title = "Ujungo Tutorial" sg_title_id = get_title_id(sg_title,userprof) tutorial_sg = StudyGuide(owner=userprof,title=sg_title,title_id=sg_title_id) tutorial_sg.save() create_tutorial_guide(userprof,tutorial_sg) userprof.current_guide=sg_title_id userprof.save() try: pass #email = EmailMessage('Celestrium Verification', "127.0.0.1:8000/verify/" + str(verify_url), to=[email]) #email.send() except: print "no email" user.backend = 'django.contrib.auth.backends.ModelBackend' login(request,user) c = {} c.update(csrf(request)) return HttpResponseRedirect('/main/') c = {} c.update(csrf(request)) # ... view code here return render_to_response('login.html',c)
def github_callback(request): #original_state = request.session.get('github_auth_state') #if not original_state: # raise Http404 #del(request.session['github_auth_state']) state = request.GET.get('state') code = request.GET.get('code') if not state or not code: raise Http404 #if original_state != state: #raise Http404 params = { 'client_id': GITHUB_API_ID, 'client_secret': GITHUB_API_SECRET, 'code': code, 'state': state, } headers = {'accept': 'application/json'} url = 'https://github.com/login/oauth/access_token' r = requests.post(url, params=params, headers=headers) if not r.ok: raise Http404 data = r.json() access_token = data['access_token'] try: github_user = GitHubUser.objects.get(access_token=access_token) user = github_user.user except: # New user github_instance = Github(login_or_token=access_token).get_user() user = User(username=github_instance.login, password='******', email=github_instance.email) user.save() github_user = GitHubUser(user=user, access_token=access_token) github_user.save() user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) print access_token return redirect(reverse('get-repo'))
def venmoauth(request): """ This is the view that Venmo redirects to from their authorization page. Venmo returns a authorization code which can be used with the API keys to get access and refresh tokens for the user. """ # Get auth code returned by Venmo AUTH_CODE = request.GET.get('code') data = {"client_id": CLIENT_ID, "client_secret": CLIENT_SECRET, "code": AUTH_CODE} url = "https://api.venmo.com/v1/oauth/access_token" # POST data to Venmo's oauth to get access and refresh tokens response = requests.post(url, data) response_dict = response.json() access_token = response_dict.get('access_token') refresh_token = response_dict.get('refresh_token') # Put returned user info into dict to look up or create User/BetUser vuser = response_dict.get('user') username = vuser['username'] try: user = User.objects.get(username=username) except User.DoesNotExist: user = User() user.username = username user.password = access_token user.email = vuser['email'] user.first_name = vuser['first_name'] user.last_name = vuser['last_name'] user.save() try: betuser = BetUser.objects.get(user=user) except BetUser.DoesNotExist: betuser = BetUser() betuser.user = user betuser.venmoid = vuser['id'] betuser.venmoname = username betuser.access_token = access_token betuser.refresh_token = refresh_token betuser.save() # Force login in order to avoid handling passwords user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) # Redirect Logged in User return HttpResponseRedirect('/api/v1/')
def crypto_login(request): if "client_nonce" in request.GET: client_nonce = request.GET["client_nonce"] try: session = SyncSession.objects.get(client_nonce=client_nonce) except SyncSession.DoesNotExist: return HttpResponseServerError("Session not found.") if session.server_device.get_metadata().is_trusted: user = get_object_or_None(User, username="******") if not user: user = User(username="******", is_superuser=True, is_staff=True, is_active=True) user.set_unusable_password() user.save() user.backend = "django.contrib.auth.backends.ModelBackend" auth_login(request, user) session.delete() return HttpResponseRedirect("/")
def oauth_return(request): if not request.user.is_authenticated(): # Create a new user automagically. user = User() user.username = '******' % random.randrange(16**30) # password = '******' % random.randrange(16**30) user.set_unusable_password() user.save() # authenticate(username=user.username) user.backend='django.contrib.auth.backends.ModelBackend' login(request, user) # Now we need to create a user profile and an initial league. # TODO let the user create the league. And have multiple leagues. user_profile = UserProfile() user_profile.user = user user_profile.save() return oauth_utils.process_oauth_redirect(request, client_secrets_filename=client_secrets_filename, redirect_uri=settings.GOOGLE_REDIRECT_URI)
def handle_google_logon(self, request): id_token = request.POST.get("id_token") if not id_token: raise ValueError() payload = {'id_token': id_token} r = requests.get("https://www.googleapis.com/oauth2/v3/tokeninfo", params=payload) data = r.json() email = data["email"] last_name = data["family_name"] first_name = data["given_name"] hosted_domain = data.get("hd", "") desired_hosted_domain = settings.GOOGLE_HOSTED_DOMAIN if desired_hosted_domain and hosted_domain.lower() != desired_hosted_domain.lower(): raise ValueError() try: user = User.objects.get(email=email) except User.DoesNotExist: email_username, domain = email.split("@") username = email_username chars = "23456789abcdefghjkmnpqrstuvwxyz" while User.objects.filter(username=username).exists(): random_str = "".join([choice(chars) for i in range(10)]) username = username[0:19] + "-" + random_str user = User(email=email, username=username) user.save() #We'll see if this works... user.backend = 'django.contrib.auth.backends.ModelBackend' auth_login(request, user) self.set_groups(user) return JsonResponse({'status_code': 200, 'email': email})
def oauth_callback(request): oauth_verifier = request.REQUEST.get('oauth_verifier', None) request_token = request.session.get('oauth_sina_request_token', None) auth = OAuthHandler(settings.SINA_CONSUMER_KEY, settings.SINA_CONSUMER_SECRET) auth.request_token = request_token access_token = auth.get_access_token(oauth_verifier) logger.debug("authorized") request.session['oauth_sina'] = auth api = API(auth) data = api.verify_credentials() from django.contrib.auth import authenticate, login as django_login user = authenticate(sinaweiboid=data.id) if user is None: # query = SinaWeibo.objects.filter(weiboid = data.id) # if (len(query) == 0): user = User() user.username = "******" + data.name user.backend = 'sinaweibo' user.save() sina_weibo = SinaWeibo() sina_weibo.weiboid = data.id sina_weibo.name = data.name sina_weibo.access_token = auth.access_token.key sina_weibo.access_secret = auth.access_token.secret sina_weibo.user = user sina_weibo.save() user = authenticate(sinaweiboid=data.id) assert user != None # else: # sina_weibo = query[0] # user = sina_weibo.user # user.backend = 'sinaweibo' django_login(request, user) return HttpResponseRedirect("/")
def get(self, request, *args, **kwargs): next_value = request.GET.get('next') user_id = request.GET.get('sub') try: google_user = GoogleUser.objects.get(google_id=user_id) user = User.objects.get(id=google_user.app_user.id) user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) except GoogleUser.DoesNotExist: if 'hd' not in request.GET: return HttpResponseNotAllowed("Invalid parameters given") if ( request.GET['hd'] != 'andela.com' and request.GET['iss'] != "accounts.google.com" and request.GET['email_verified'] != "true" and request.GET['aud'] != "21865176717-u4dio2k0teg84v27mlrpruvigveeua7i.apps.googleusercontent" ): return HttpResponseNotAllowed("Invalid parameters given") # proceed to create the user username = request.GET['name'] # Create the user # need to find alternate data for these fields user = User( username=username, email=request.GET["email"], first_name=request.GET['given_name'], last_name=request.GET['family_name'] ) user.save() google_user = GoogleUser(google_id=user_id, app_user=user,) user.backend = 'django.contrib.auth.backends.ModelBackend' google_user.save() login(request, user) if next_value: return HttpResponse("success_next", content_type="text/plain") else: return HttpResponse("success_home", content_type="text/plain")
def get(self, request, *args, **kwargs): next_value = request.GET.get('next') user_id = request.GET.get('sub') try: google_user = GoogleUser.objects.get(google_id=user_id) user = User.objects.get(id=google_user.app_user.id) user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) except GoogleUser.DoesNotExist: if 'hd' not in request.GET: return HttpResponseNotAllowed("Invalid parameters given") if (request.GET['hd'] != 'andela.com' and request.GET['iss'] != "accounts.google.com" and request.GET['email_verified'] != "true" and request.GET['aud'] != "21865176717-u4dio2k0teg84v27mlrpruvigveeua7i.apps.googleusercontent" ): return HttpResponseNotAllowed("Invalid parameters given") # proceed to create the user username = request.GET['name'] # Create the user # need to find alternate data for these fields user = User(username=username, email=request.GET["email"], first_name=request.GET['given_name'], last_name=request.GET['family_name']) user.save() google_user = GoogleUser( google_id=user_id, app_user=user, ) user.backend = 'django.contrib.auth.backends.ModelBackend' google_user.save() login(request, user) if next_value: return HttpResponse("success_next", content_type="text/plain") else: return HttpResponse("success_home", content_type="text/plain")
def test_keep_next_redirect(self): next_uri = '/test/' _, next_returned = do_authenticate(next_uri=next_uri) self.assertEqual( next_returned, next_uri, 'Redirect using next parameter has not been retained.') new_user = User(username='******') new_user.backend = 'django.contrib.auth.backends.ModelBackend' new_user.save() request = RequestFactory().get('/') request.session = Client().session login(request, new_user) _, next_returned = do_authenticate(new_user, next_uri=next_uri) self.assertEqual( next_returned, next_uri, 'Redirect using next parameter has not been retained.')
def process_oauth_redirect(request, post_auth_redirect='/', client_secrets_filename=None, redirect_uri=None): # if not xsrfutil.validate_token(settings.SECRET_KEY, request.REQUEST['state'], request.user): # return HttpResponseBadRequest("State did not validate.") flow = _get_flow(client_secrets_filename=client_secrets_filename, redirect_uri=redirect_uri) cred = flow.step2_exchange(request.REQUEST) if not request.user.is_authenticated(): # Create a new user automagically. user = User() user.username = '******' % random.randrange(16**30) # password = '******' % random.randrange(16**30) user.set_unusable_password() user.save() # authenticate(username=user.username) user.backend='django.contrib.auth.backends.ModelBackend' login(request, user) else: user = request.user credential = GoogleCredential.from_json(cred.to_json(), request.user) return HttpResponseRedirect(post_auth_redirect)
def signin(request): data = json.loads(request.POST['data']) response = json_response({ 'errors': { 'email': 'Failed to verify email' } }) verification_data = verify(request, data['assertion']) if verification_data: email = verification_data['email'] username = data.get('username') qs = User.objects.filter(email__iexact=email) if qs.count() == 0: if not username: response = json_response({ 'errors': { 'username': '******' } }) return response user = User() user.email = email user.username = username user.save() else: user = qs[0] if user.is_active: request.session['ui'] = '{}' #fixme. use custom backend instead? user.backend = 'django.contrib.auth.backends.ModelBackend' auth.login(request, user) user_json = models.init_user(user, request) response = json_response({ 'user': user_json }) else: response = json_response({ 'errors': { 'email': 'User Disabled' } }) return response
def login_user(self, userid): """ Login as specified user, does not depend on auth backend (hopefully) This is based on Client.login() with a small hack that does not require the call to authenticate() """ if not 'django.contrib.sessions' in settings.INSTALLED_APPS: raise AssertionError( "Unable to login without django.contrib.sessions in INSTALLED_APPS" ) try: user = User.objects.get(username=userid) except User.DoesNotExist: user = User(username=userid, password='') user.save() user.backend = "%s.%s" % ("django.contrib.auth.backends", "ModelBackend") engine = import_module(settings.SESSION_ENGINE) # Create a fake request to store login details. request = HttpRequest() #if self.session: # request.session = self.session #else: request.session = engine.SessionStore() login(request, user) # Set the cookie to represent the session. session_cookie = settings.SESSION_COOKIE_NAME self.cookies[session_cookie] = request.session.session_key cookie_data = { 'max-age': None, 'path': '/', 'domain': settings.SESSION_COOKIE_DOMAIN, 'secure': settings.SESSION_COOKIE_SECURE or None, 'expires': None, } self.cookies[session_cookie].update(cookie_data) # Save the session values. request.session.save()
def process_request(self, request): if request.path.startswith( '/logout') and "HTTP_X_LOGOUT_URL" in request.META: logout(request) return http.HttpResponseRedirect(request.META["HTTP_X_LOGOUT_URL"]) if not request.user.is_authenticated( ) and "HTTP_REMOTE_USER" in request.META: attributemap = { "username": "******", "last_name": "HTTP_X_LAST_NAME", "first_name": "HTTP_X_FIRST_NAME", "email": "HTTP_X_EMAIL", } for key, value in attributemap.iteritems(): attributemap[key] = request.META[value] if hasattr(settings, "ALLOWED_EMAIL_SUFFIXES" ) and settings.ALLOWED_EMAIL_SUFFIXES: allowed = settings.ALLOWED_EMAIL_SUFFIXES if isinstance(settings.ALLOWED_EMAIL_SUFFIXES, basestring): allowed = [settings.ALLOWED_EMAIL_SUFFIXES] if not any([ attributemap["email"].lower().endswith(x) for x in allowed ]): return http.HttpResponseForbidden() if attributemap["email"] and User.objects.filter( email__istartswith=attributemap["email"]).exists(): user = User.objects.get( email__istartswith=attributemap["email"]) elif User.objects.filter( username__iexact=attributemap["username"]).exists(): user = User.objects.get( username__iexact=attributemap["username"]) else: user = User() user.__dict__.update(attributemap) user.save() user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user)
def authenticate(access_token, refresh_token): #import ipdb; ipdb.set_trace() email = get_email(access_token) user_info = get_user_info(access_token) google_id = user_info['id'] try: profile = GoogleProfile.objects.get(google_id=google_id) profile.user.backend='google.backends.GoogleAuthBackend' return profile.user except GoogleProfile.DoesNotExist: display_name = user_info['displayName'] username = generate_username(display_name) user = User(username=username, email=email) user.first_name, user.last_name = parse_name(display_name) user.save() image_url = None if user_info.has_key('image'): image_url = user_info['image'].get('url', None) about = user_info['aboutMe'] location = None if user_info.has_key('placesLived'): for places in user_info['placesLived']: if places.get('primary', False): location = places['value'] break profile = GoogleProfile(user=user, google_id=google_id, access_token=access_token, refresh_token=refresh_token) profile.image_url = image_url profile.location = location profile.about = about profile.save() user.backend='google.backends.GoogleAuthBackend' return user
def _save_user(request, credentials, new=False): error = _check_credentials(credentials, new) if error is not None: return error else: user = request.user if new: user = User() user.backend = 'django.contrib.auth.backends.ModelBackend' user.username = credentials['username'] user.email = credentials['email'] if credentials.get('password'): user.set_password(credentials['password']) if credentials.get('first_name'): user.first_name = credentials['first_name'] if credentials.get('last_name'): user.last_name = credentials['last_name'] user.save() request.user = user return None
def save(self): """ gets returns the social user with the form data. creates one if it does not already exists. """ data = self.cleaned_data user = None # make call to graphAPI to get long-lived access token user_access_token, token_expiry_time = get_credentials( data['accessToken']) try: # get associated user if it exists: social_id = data['id'] social_profile = SocialProfile.objects.get( provider=SocialProfile.FACEBOOK, social_id=social_id, ) user = social_profile.user except SocialProfile.DoesNotExist: # Create the user: user = User(username=data['id'], first_name=data['first_name'], last_name=data['last_name']) user.save() # Create the user's social_profile: social_profile = SocialProfile( provider=SocialProfile.FACEBOOK, social_id=data['id'], photo=data['photo'], user_access_token=user_access_token, user=user, ) social_profile.save() user.backend = 'django.contrib.auth.backends.ModelBackend' return (user, token_expiry_time)