def post(self, *args, **kwargs):
self.add_email = False
if not self.request.user.is_authenticated():
return super(BrowserIDVerify, self).post(*args, **kwargs)
self.add_email = True
assertion = self.request.POST.get('assertion')
if not assertion:
return self.login_failure()
verifier = RemoteVerifier()
audience = get_audience(self.request)
result = verifier.verify(assertion, audience)
if not result:
messages.error(self.request, _('Authentication failed.'))
return self.login_failure()
email = result.email
kwargs = {
'type': ExternalAccount.TYPE_EMAIL,
'user': self.request.user.userprofile,
'identifier': email
}
email_exists = User.objects.filter(email=email).exists()
alternate_email_exists = ExternalAccount.objects.filter(**kwargs).exists()
if email_exists or alternate_email_exists:
error_msg = "Email '{0}' already exists in the database.".format(email)
messages.error(self.request, _(error_msg))
return self.login_failure()
ExternalAccount.objects.create(**kwargs)
return self.login_success()
def get_verifier(self):
"""
Create a verifier for verifying assertions. Uses a
:class:`django_browserid.base.RemoteVerifier` by default.
"""
return RemoteVerifier()
