def process_view(self, request, view_func, view_args, view_kwargs): if 'cancel' in request.REQUEST: #todo use session messages for the anonymous users try: msg = getattr(view_func,'CANCEL_MESSAGE') except AttributeError: msg = 'action canceled' request.user.message_set.create(message=msg) return HttpResponseRedirect(get_next_url(request)) else: return None
def signout(request): """ signout from the website. Remove openid from session and kill it. url : /signout/" """ try: del request.session['openid'] except KeyError: pass logout(request) return HttpResponseRedirect(get_next_url(request))
def signup(request): """ signup page. Create a legacy account url : /signup/" templates: authopenid/signup.html, authopenid/confirm_email.txt """ if settings.USE_EXTERNAL_LEGACY_LOGIN == True: return HttpResponseRedirect(reverse('user_external_legacy_login_issues')) next = get_next_url(request) if request.POST: form = ClassicRegisterForm(request.POST) email_feeds_form = EditUserEmailFeedsForm(request.POST) #validation outside if to remember form values form1_is_valid = form.is_valid() form2_is_valid = email_feeds_form.is_valid() if form1_is_valid and form2_is_valid: next = form.cleaned_data['next'] username = form.cleaned_data['username'] password = form.cleaned_data['password1'] email = form.cleaned_data['email'] user_ = User.objects.create_user( username,email,password ) if settings.USE_EXTERNAL_LEGACY_LOGIN == True: external_login.create_user(username,email,password) user_.backend = "django.contrib.auth.backends.ModelBackend" login(request, user_) email_feeds_form.save(user_) # send email subject = _("Welcome email subject line") message_template = loader.get_template( 'authopenid/confirm_email.txt' ) message_context = Context({ 'signup_url': settings.APP_URL + reverse('user_signin'), 'username': username, 'password': password, }) message = message_template.render(message_context) send_mail(subject, message, settings.DEFAULT_FROM_EMAIL, [user_.email]) return HttpResponseRedirect(next) else: form = ClassicRegisterForm(initial={'next':next}) email_feeds_form = EditUserEmailFeedsForm() return render('authopenid/signup.html', { 'form': form, 'email_feeds_form': email_feeds_form }, context_instance=RequestContext(request))
def changeemail(request, action='change'): """ changeemail view. requires openid with request type GET url: /email/* template : authopenid/changeemail.html """ msg = request.GET.get('msg', None) extension_args = {} user_ = request.user if request.POST: if 'cancel' in request.POST: msg = _('your email was not changed') request.user.message_set.create(message=msg) return HttpResponseRedirect(get_next_url(request)) form = ChangeEmailForm(request.POST, user=user_) if form.is_valid(): new_email = form.cleaned_data['email'] if new_email != user_.email: if settings.EMAIL_VALIDATION == 'on': action = 'validate' else: action = 'done_novalidate' set_new_email(user_, new_email,nomessage=True) else: action = 'keep' elif not request.POST and 'openid.mode' in request.GET: redirect_to = get_url_host(request) + reverse('user_changeemail') return complete(request, emailopenid_success, emailopenid_failure, redirect_to) else: form = ChangeEmailForm(initial={'email': user_.email}, user=user_) output = render('authopenid/changeemail.html', { 'form': form, 'email': user_.email, 'action_type': action, 'gravatar_faq_url': reverse('faq') + '#gravatar', 'change_email_url': reverse('user_changeemail'), 'msg': msg }, context_instance=RequestContext(request)) if action == 'validate': set_email_validation_message(user_) return output
def signin_failure(request, message): """ falure with openid signin. Go back to signin page. template : "authopenid/signin.html" """ next = get_next_url(request) form_signin = OpenidSigninForm(initial={'next': next}) form_auth = ClassicLoginForm(initial={'next': next}) return render('authopenid/signin.html', { 'msg': message, 'form1': form_auth, 'form2': form_signin, }, context_instance=RequestContext(request))
def signin_success(request, identity_url, openid_response): """ openid signin success. If the openid is already registered, the user is redirected to url set par next or in settings with OPENID_REDIRECT_NEXT variable. If none of these urls are set user is redirectd to /. if openid isn't registered user is redirected to register page. """ openid_ = from_openid_response(openid_response) #create janrain OpenID object request.session['openid'] = openid_ try: rel = UserAssociation.objects.get(openid_url__exact = str(openid_)) except: # try to register this new user return register(request) user_ = rel.user if user_.is_active: user_.backend = "django.contrib.auth.backends.ModelBackend" login(request, user_) return HttpResponseRedirect(get_next_url(request))
def register(request): """ register an openid. If user is already a member he can associate its openid with its account. A new account could also be created and automaticaly associated to the openid. url : /complete/ template : authopenid/complete.html """ openid_ = request.session.get('openid', None) next = get_next_url(request) if not openid_: return HttpResponseRedirect(reverse('user_signin') + '?next=%s' % next) nickname = openid_.sreg.get('nickname', '') email = openid_.sreg.get('email', '') form1 = OpenidRegisterForm(initial={ 'next': next, 'username': nickname, 'email': email, }) form2 = OpenidVerifyForm(initial={ 'next': next, 'username': nickname, }) email_feeds_form = EditUserEmailFeedsForm() user_ = None is_redirect = False if request.POST: if 'bnewaccount' in request.POST.keys(): form1 = OpenidRegisterForm(request.POST) email_feeds_form = EditUserEmailFeedsForm(request.POST) if form1.is_valid() and email_feeds_form.is_valid(): next = form1.cleaned_data['next'] is_redirect = True tmp_pwd = User.objects.make_random_password() user_ = User.objects.create_user(form1.cleaned_data['username'], form1.cleaned_data['email'], tmp_pwd) user_.set_unusable_password() # make association with openid uassoc = UserAssociation(openid_url=str(openid_), user_id=user_.id) uassoc.save() # login user_.backend = "django.contrib.auth.backends.ModelBackend" login(request, user_) email_feeds_form.save(user_) elif 'bverify' in request.POST.keys(): form2 = OpenidVerifyForm(request.POST) if form2.is_valid(): is_redirect = True next = form2.cleaned_data['next'] user_ = form2.get_user() uassoc = UserAssociation(openid_url=str(openid_), user_id=user_.id) uassoc.save() login(request, user_) #check if we need to post a question that was added anonymously #this needs to be a function call becase this is also done #if user just logged in and did not need to create the new account if user_ != None: if settings.EMAIL_VALIDATION == 'on': send_new_email_key(user_,nomessage=True) output = validation_email_sent(request) set_email_validation_message(user_) #message set after generating view return output if user_.is_authenticated(): return HttpResponseRedirect(reverse('index')) else: raise Exception('openid login failed')#should not ever get here openid_str = str(openid_) bits = openid_str.split('/') base_url = bits[2] #assume this is base url url_bits = base_url.split('.') provider_name = url_bits[-2].lower() providers = {'yahoo':'<font color="purple">Yahoo!</font>', 'flickr':'<font color="#0063dc">flick</font><font color="#ff0084">r</font>™', 'google':'Google™', 'aol':'<font color="#31658e">AOL</font>', 'myopenid':'MyOpenID', } if provider_name not in providers: provider_logo = provider_name else: provider_logo = providers[provider_name] return render('authopenid/complete.html', { 'form1': form1, 'form2': form2, 'email_feeds_form': email_feeds_form, 'provider':mark_safe(provider_logo), 'username': nickname, 'email': email, 'login_type':'openid', 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request))
def signin(request,newquestion=False,newanswer=False): """ signin page. It manages the legacy authentification (user/password) and openid authentification url: /signin/ template : authopenid/signin.htm """ request.encoding = 'UTF-8' on_failure = signin_failure email_feeds_form = EditUserEmailFeedsForm() next = get_next_url(request) form_signin = OpenidSigninForm(initial={'next':next}) form_auth = ClassicLoginForm(initial={'next':next}) if request.POST: #'blogin' - password login if 'blogin' in request.POST.keys(): form_auth = ClassicLoginForm(request.POST) if form_auth.is_valid(): #have login and password and need to login through external website if settings.USE_EXTERNAL_LEGACY_LOGIN == True: username = form_auth.cleaned_data['username'] password = form_auth.cleaned_data['password'] next = form_auth.cleaned_data['next'] if form_auth.get_user() == None: #need to create internal user #1) save login and password temporarily in session request.session['external_username'] = username request.session['external_password'] = password #2) see if username clashes with some existing user #if so, we have to prompt the user to pick a different name username_taken = User.is_username_taken(username) #try: # User.objects.get(username=username) # username_taken = True #except User.DoesNotExist: # username_taken = False #3) try to extract user email from external service email = external_login.get_email(username,password) email_feeds_form = EditUserEmailFeedsForm() form_data = {'username':username,'email':email,'next':next} form = OpenidRegisterForm(initial=form_data) template_data = {'form1':form,'username':username,\ 'email_feeds_form':email_feeds_form,\ 'provider':mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME),\ 'login_type':'legacy',\ 'gravatar_faq_url':reverse('faq') + '#gravatar',\ 'external_login_name_is_taken':username_taken} return render('authopenid/complete.html',template_data,\ context_instance=RequestContext(request)) else: #user existed, external password is ok user = form_auth.get_user() login(request,user) response = HttpResponseRedirect(get_next_url(request)) external_login.set_login_cookies(response,user) return response else: #regular password authentication user = form_auth.get_user() login(request, user) return HttpResponseRedirect(get_next_url(request)) elif 'bnewaccount' in request.POST.keys(): #register externally logged in password user with a new local account if settings.USE_EXTERNAL_LEGACY_LOGIN == True: form = OpenidRegisterForm(request.POST) email_feeds_form = EditUserEmailFeedsForm(request.POST) form1_is_valid = form.is_valid() form2_is_valid = email_feeds_form.is_valid() if form1_is_valid and form2_is_valid: #create the user username = form.cleaned_data['username'] password = request.session.get('external_password',None) email = form.cleaned_data['email'] print 'got email addr %s' % email if password and username: User.objects.create_user(username,email,password) user = authenticate(username=username,password=password) external_username = request.session['external_username'] eld = ExternalLoginData.objects.get(external_username=external_username) eld.user = user eld.save() login(request,user) email_feeds_form.save(user) del request.session['external_username'] del request.session['external_password'] return HttpResponseRedirect(reverse('index')) else: if password: del request.session['external_username'] if username: del request.session['external_password'] return HttpResponseServerError() else: username = request.POST.get('username',None) provider = mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME) username_taken = User.is_username_taken(username) data = {'login_type':'legacy','form1':form,'username':username,\ 'email_feeds_form':email_feeds_form,'provider':provider,\ 'gravatar_faq_url':reverse('faq') + '#gravatar',\ 'external_login_name_is_taken':username_taken} return render('authopenid/complete.html',data, context_instance=RequestContext(request)) else: raise Http404 elif 'bsignin' in request.POST.keys() or 'openid_username' in request.POST.keys(): form_signin = OpenidSigninForm(request.POST) if form_signin.is_valid(): next = form_signin.cleaned_data['next'] sreg_req = sreg.SRegRequest(optional=['nickname', 'email']) redirect_to = "%s%s?%s" % ( get_url_host(request), reverse('user_complete_signin'), urllib.urlencode({'next':next}) ) return ask_openid(request, form_signin.cleaned_data['openid_url'], redirect_to, on_failure=signin_failure, sreg_request=sreg_req) #if request is GET question = None if newquestion == True: from forum.models import AnonymousQuestion as AQ session_key = request.session.session_key qlist = AQ.objects.filter(session_key=session_key).order_by('-added_at') if len(qlist) > 0: question = qlist[0] answer = None if newanswer == True: from forum.models import AnonymousAnswer as AA session_key = request.session.session_key alist = AA.objects.filter(session_key=session_key).order_by('-added_at') if len(alist) > 0: answer = alist[0] return render('authopenid/signin.html', { 'question':question, 'answer':answer, 'form1': form_auth, 'form2': form_signin, 'msg': request.GET.get('msg',''), 'sendpw_url': reverse('user_sendpw'), }, context_instance=RequestContext(request))
def decorated(request, *args, **kwargs): if request.user.is_authenticated(): return HttpResponseRedirect(get_next_url(request)) return func(request, *args, **kwargs)
def default_on_success(request, identity_url, openid_response): """ default action on openid signin success """ request.session['openid'] = from_openid_response(openid_response) return HttpResponseRedirect(get_next_url(request))