def test_parallel_register(self):
'''
Adding some testing for the case when one person tries to register
multiple times in the same second
'''
graph = get_facebook_graph(access_token='short_username')
FacebookUserConverter(graph)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
self.request.user.is_authenticated = lambda: False
with patch('django_facebook.connect.authenticate') as patched:
return_sequence = [user, None]
def side(*args, **kwargs):
value = return_sequence.pop()
return value
patched.side_effect = side
with patch('django_facebook.connect._register_user'
) as patched_register:
patched_register.side_effect = facebook_exceptions.AlreadyRegistered(
'testing parallel registers')
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
def test_full_connect(self):
#going for a register, connect and login
facebook = get_facebook_graph(access_token='short_username', persistent_token=False)
action, user = connect_user(self.request, facebook_graph=facebook)
assert action == CONNECT_ACTIONS.REGISTER
action, user = connect_user(self.request, facebook_graph=facebook)
assert action == CONNECT_ACTIONS.CONNECT
self.request.user = AnonymousUser()
action, user = connect_user(self.request, facebook_graph=facebook)
assert action == CONNECT_ACTIONS.LOGIN
def test_full_connect(self):
#going for a register, connect and login
graph = get_facebook_graph(access_token='short_username')
FacebookUserConverter(graph)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.CONNECT)
self.request.user = AnonymousUser()
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
def test_full_connect(self):
#going for a register, connect and login
graph = get_facebook_graph(access_token='short_username')
FacebookUserConverter(graph)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.CONNECT)
self.request.user = AnonymousUser()
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
def test_login_with_Facebook2(self):
graph = get_facebook_graph(access_token='short_username')
action, user = connect_user(self.request, facebook_graph=graph)
user.save()
self.request.user = AnonymousUser()
graph = get_facebook_graph(access_token='same_username')
action, new_user = connect_user(self.request, facebook_graph=graph)
self.request.GET._mutable = True
self.request.GET['testing'] = 'True'
response = views.index(self.request)
print response.content
def test_double_username(self):
'''
This used to give an error with duplicate usernames with different capitalization
'''
facebook = get_facebook_graph(access_token='short_username')
action, user = connect_user(self.request, facebook_graph=facebook)
user.username = '******'
user.save()
self.request.user = AnonymousUser()
facebook = get_facebook_graph(access_token='same_username')
action, new_user = connect_user(self.request, facebook_graph=facebook)
assert user.username != new_user.username and user.id != new_user.id
def test_double_username(self):
'''
This used to give an error with duplicate usernames with different capitalization
'''
facebook = get_facebook_graph(access_token='short_username')
action, user = connect_user(self.request, facebook_graph=facebook)
user.username = '******'
user.save()
self.request.user = AnonymousUser()
facebook = get_facebook_graph(access_token='same_username')
action, new_user = connect_user(self.request, facebook_graph=facebook)
assert user.username != new_user.username and user.id != new_user.id
def test_login_with_Facebook2(self):
graph = get_facebook_graph(access_token='short_username')
action, user = connect_user(self.request, facebook_graph=graph)
user.save()
self.request.user = AnonymousUser()
graph = get_facebook_graph(access_token='same_username')
action, new_user = connect_user(self.request, facebook_graph=graph)
self.request.GET._mutable = True
self.request.GET['testing'] = 'True'
response = views.index(self.request)
print response.content
def test_double_username(self):
"""
This used to give an error with duplicate usernames
with different capitalization
"""
facebook = get_facebook_graph(access_token="short_username")
action, user = connect_user(self.request, facebook_graph=facebook)
user.username = "******"
user.save()
self.request.user = AnonymousUser()
facebook = get_facebook_graph(access_token="same_username")
action, new_user = connect_user(self.request, facebook_graph=facebook)
self.assertNotEqual(user.username, new_user.username)
self.assertNotEqual(user.id, new_user.id)
def fb_connect(request):
if request.method != 'POST':
return HttpResponseRedirect(reverse('game-login'))
if request.user and request.user.is_authenticated():
player = Player.get_player_for_user(request.user)
if player.is_guest:
# let's upgrade the guest to fb user
if not 'connect_facebook' in request.GET:
return HttpResponseRedirect('?connect_facebook=1')
else:
django_logout_method(request)
access_token = request.POST.get('access_token')
action, user = connect_user(request, access_token)
player = Player.get_player_for_user(user)
player.is_guest = False
player.save()
user.username = json.loads(player.raw_data)['username']
user.save()
return HttpResponse(
json.dumps({
'status': 'OK',
'username': user.username,
'profile': player.serialize()
}))
def test_full_connect(self):
#going for a register, connect and login
graph = get_facebook_graph(access_token='short_username')
klass = get_facebook_user_converter_class()
klass(graph)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
self.request.GET._mutable = True
self.request.GET['connect_facebook'] = 1
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.CONNECT)
self.request.user = AnonymousUser()
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
def obj_create(self, bundle, request=None, **kwargs):
bundle.obj = Obj()
bundle.obj.id = 1
code = bundle.data.get('code')
redirect_uri = bundle.data.get('redirectUri', '')
if not code:
self.create_response(
bundle.request, bundle,
response_class=BadRequest('code is required'))
logger.error('code is required')
# TODO: Add catch errors
token_response = FacebookAuthorization.convert_code(
code, redirect_uri=redirect_uri)
# TODO: Add access_token to cache
access_token = token_response['access_token']
action, user = connect_user(bundle.request, access_token=access_token)
from events.tasks import store_fb_events, refresh_fb_events
store_fb_events.delay(user)
refresh_fb_events.delay(user)
payload = jwt_payload_handler(user)
payload['access_token'] = user.access_token
bundle.obj.token = jwt_encode_handler(payload)
# TODO: clean up response
return bundle
def test_anon_user_loads_index(self):
graph = get_facebook_graph(access_token='new_user')
action, user = connect_user(self.request, facebook_graph=graph)
self.request.user = AnonymousUser()
response = views.index(self.request)
print response.cookies
def is_authenticated(self, request, **kwargs):
"""
Authenticate with facebook, and return
user upon success.
"""
# Make sure user supplied access token in request
try:
access_token = request.GET['access_token']
except KeyError:
return self._unauthorized()
# Authenticate with facebook
from open_facebook import OpenFacebook
from django_facebook.connect import connect_user
facebook = OpenFacebook(access_token)
try:
if not facebook or \
not facebook.is_authenticated():
return self._unauthorized()
except:
return self._unauthorized()
# Facebook authenticated, now associate
# with own internal user, Creating a new user if
# necessary.
action, user = connect_user(request, access_token, facebook)
request.user = user
return True
def connect(request):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
'''
context = RequestContext(request)
facebook_login = bool(int(request.REQUEST.get('facebook_login', 0)))
if facebook_login:
facebook = get_facebook_graph(request)
if facebook.is_authenticated():
facebook_data = facebook.facebook_profile_data()
#either, login register or connect the user
try:
action, user = connect_user(request)
except facebook_exceptions.IncompleteProfileError, e:
logger.error(unicode(e))
messages.error(request, _("Please allow the request for permission in order to log in."))
return next_redirect(request)
if action is CONNECT_ACTIONS.CONNECT:
messages.info(request, _("You have connected your account to %s's facebook profile") % facebook_data['name'])
elif action is CONNECT_ACTIONS.REGISTER:
member_overview_url = user.get_profile().url['overview']
response = HttpResponseRedirect(member_overview_url)
response.set_cookie('fresh_registration', user.id)
return response
else:
return next_redirect(request, additional_params=dict(fb_error_or_cancel=1))
return next_redirect(request)
def connect(request):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
'''
context = RequestContext(request)
assert context.get('FACEBOOK_APP_ID'), 'Please specify a facebook app id '\
'and ensure the context processor is enabled'
facebook_login = bool(int(request.REQUEST.get('facebook_login', 0)))
if facebook_login:
logger.info('trying to connect using facebook')
graph = get_persistent_graph(request)
if graph:
logger.info('found a graph object')
facebook = FacebookUserConverter(graph)
if facebook.is_authenticated():
logger.info('facebook is authenticated')
facebook_data = facebook.facebook_profile_data()
#either, login register or connect the user
try:
action, user = connect_user(request)
logger.info('Django facebook performed action: %s', action)
except facebook_exceptions.IncompleteProfileError, e:
warn_message = u'Incomplete profile data encountered '\
u'with error %s' % e
send_warning(warn_message,
e=e,
facebook_data=facebook_data)
context['facebook_mode'] = True
context['form'] = e.form
return render_to_response(
facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE,
context_instance=context,
)
if action is CONNECT_ACTIONS.CONNECT:
messages.info(
request,
_("You have connected your account "
"to %s's facebook profile") % facebook_data['name'])
elif action is CONNECT_ACTIONS.REGISTER:
return user.get_profile().post_facebook_registration(
request)
else:
if 'attempt' in request.GET:
return next_redirect(
request,
next_key=['error_next', 'next'],
additional_params=dict(fb_error_or_cancel=1))
else:
logger.info('Facebook authentication needed for connect, ' \
'raising an error')
raise OpenFacebookException('please authenticate')
return next_redirect(request)
def test_anon_user_loads_index(self):
graph = get_facebook_graph(access_token='new_user')
action, user = connect_user(self.request, facebook_graph=graph)
self.request.user = AnonymousUser()
response = views.index(self.request)
print response.cookies
def post(self, request):
serializer = self.serializer_class(data=request.DATA)
if serializer.is_valid():
action, user = connect_user(self.request, serializer.data['access_token'])
token, created = Token.objects.get_or_create(user=user)
return Response({'token': token.key})
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def _connect(request, facebook_login):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
'''
backend = get_registration_backend()
context = RequestContext(request)
if facebook_login:
logger.info('trying to connect using Facebook')
graph = require_persistent_graph(request)
authenticated = False
if graph:
logger.info('found a graph object')
facebook = FacebookUserConverter(graph)
authenticated = facebook.is_authenticated()
if authenticated:
logger.info('Facebook is authenticated')
facebook_data = facebook.facebook_profile_data()
#either, login register or connect the user
try:
action, user = connect_user(request)
logger.info('Django facebook performed action: %s', action)
except facebook_exceptions.IncompleteProfileError, e:
#show them a registration form to add additional data
warning_format = u'Incomplete profile data encountered with error %s'
warn_message = warning_format % e.message
send_warning(warn_message, e=e,
facebook_data=facebook_data)
context['facebook_mode'] = True
context['form'] = e.form
return render_to_response(
facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE,
context_instance=context,
)
except facebook_exceptions.AlreadyConnectedError, e:
user_ids = [u.id for u in e.users]
ids_string = ','.join(map(str, user_ids))
return error_next_redirect(
request,
additional_params=dict(already_connected=ids_string))
if action is CONNECT_ACTIONS.CONNECT:
#connect means an existing account was attached to facebook
messages.info(request, _("You have connected your account "
"to %s's facebook profile") % facebook_data['name'])
elif action is CONNECT_ACTIONS.REGISTER:
#hook for tying in specific post registration functionality
response = backend.post_registration_redirect(
request, user)
#compatibility for Django registration backends which return redirect tuples instead of a response
if not isinstance(response, HttpResponse):
to, args, kwargs = response
response = redirect(to, *args, **kwargs)
return response
def test_fb_update_required(self):
def pre_update(sender, profile, facebook_data, **kwargs):
profile.pre_update_signal = True
Profile = get_profile_class()
signals.facebook_pre_update.connect(pre_update, sender=Profile)
facebook = get_facebook_graph(access_token='tschellenbach')
facebook_settings.FACEBOOK_FORCE_PROFILE_UPDATE_ON_LOGIN = True
action, user = connect_user(self.request, facebook_graph=facebook)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
self.assertTrue(hasattr(user.get_profile(), 'pre_update_signal'))
facebook_settings.FACEBOOK_FORCE_PROFILE_UPDATE_ON_LOGIN = False
action, user = connect_user(self.request, facebook_graph=facebook)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
self.assertFalse(hasattr(user.get_profile(), 'pre_update_signal'))
def test_fb_update_required(self):
def pre_update(sender, profile, facebook_data, **kwargs):
profile.pre_update_signal = True
Profile = get_profile_class()
signals.facebook_pre_update.connect(pre_update, sender=Profile)
facebook = get_facebook_graph(access_token='tschellenbach')
facebook_settings.FACEBOOK_FORCE_PROFILE_UPDATE_ON_LOGIN = True
action, user = connect_user(self.request, facebook_graph=facebook)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
self.assertTrue(hasattr(user.get_profile(), 'pre_update_signal'))
facebook_settings.FACEBOOK_FORCE_PROFILE_UPDATE_ON_LOGIN = False
action, user = connect_user(self.request, facebook_graph=facebook)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
self.assertFalse(hasattr(user.get_profile(), 'pre_update_signal'))
def connect(request):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
'''
backend = get_registration_backend()
context = RequestContext(request)
assert context.get('FACEBOOK_APP_ID'), 'Please specify a facebook app id '\
'and ensure the context processor is enabled'
facebook_login = bool(int(request.REQUEST.get('facebook_login', 0)))
if facebook_login:
require_persistent_graph(request)
logger.info('trying to connect using facebook')
graph = get_persistent_graph(request)
if graph:
logger.info('found a graph object')
facebook = FacebookUserConverter(graph)
if facebook.is_authenticated():
logger.info('facebook is authenticated')
facebook_data = facebook.facebook_profile_data()
#either, login register or connect the user
try:
action, user = connect_user(request)
logger.info('Django facebook performed action: %s', action)
except facebook_exceptions.IncompleteProfileError, e:
warn_message = u'Incomplete profile data encountered '\
u'with error %s' % e.message.decode('utf-8', 'replace')
send_warning(warn_message, e=e,
facebook_data=facebook_data)
context['facebook_mode'] = True
context['form'] = e.form
return render_to_response(
facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE,
context_instance=context,
)
if action is CONNECT_ACTIONS.CONNECT:
messages.info(request, _("You have connected your account "
"to %s's facebook profile") % facebook_data['name'])
elif action is CONNECT_ACTIONS.REGISTER:
response = backend.post_registration_redirect(request, user)
return response
else:
if 'attempt' in request.GET:
return next_redirect(request, next_key=['error_next', 'next'],
additional_params=dict(fb_error_or_cancel=1))
else:
logger.info('Facebook authentication needed for connect, ' \
'raising an error')
raise OpenFacebookException('please authenticate')
return next_redirect(request)
def connect(request):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
'''
backend = get_registration_backend()
context = RequestContext(request)
assert context.get('FACEBOOK_APP_ID'), 'Please specify a facebook app id '\
'and ensure the context processor is enabled'
facebook_login = bool(int(request.REQUEST.get('facebook_login', 0)))
if facebook_login:
logger.info('trying to connect using facebook')
graph = require_persistent_graph(request)
if graph:
logger.info('found a graph object')
facebook = FacebookUserConverter(graph)
if facebook.is_authenticated():
logger.info('facebook is authenticated')
facebook_data = facebook.facebook_profile_data()
#either, login register or connect the user
try:
action, user = connect_user(request)
logger.info('Django facebook performed action: %s', action)
except facebook_exceptions.IncompleteProfileError, e:
#show them a registration form to add additional data
warning_format = u'Incomplete profile data encountered with error %s'
warn_message = warning_format % e.message
send_warning(warn_message, e=e,
facebook_data=facebook_data)
context['facebook_mode'] = True
context['form'] = e.form
return render_to_response(
facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE,
context_instance=context,
)
except facebook_exceptions.AlreadyConnectedError, e:
user_ids = [u.id for u in e.users]
ids_string = ','.join(map(str, user_ids))
return next_redirect(request, next_key=['error_next', 'next'],
additional_params=dict(already_connected=ids_string))
if action is CONNECT_ACTIONS.CONNECT:
#connect means an existing account was attached to facebook
messages.info(request, _("You have connected your account "
"to %s's facebook profile") % facebook_data['name'])
elif action is CONNECT_ACTIONS.REGISTER:
#hook for tying in specific post registration functionality
response = backend.post_registration_redirect(request, user)
#compatability for django registration backends which return tuples instead of a response
#alternatively we could wrap django registration backends, but that would be hard to understand
response = response if isinstance(response, HttpResponse) else redirect(response)
return response
def test_full_connect(self):
# going for a register, connect and login
graph = get_facebook_graph(request=self.request, access_token='short_username')
FacebookUserConverter(graph)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
# and now we do a login, not a connect
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
self.request.GET._mutable = True
self.request.GET['connect_facebook'] = 1
action, user = connect_user(
self.request, facebook_graph=graph, connect_facebook=True)
self.assertEqual(action, CONNECT_ACTIONS.CONNECT)
self.request.user = AnonymousUser()
action, user = connect_user(
self.request, facebook_graph=graph, connect_facebook=True)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
def test_registration_form(self):
'''
Django_facebook should use user supplied registration form if given
'''
facebook_settings.FACEBOOK_REGISTRATION_FORM = 'django_facebook.tests_utils.forms.SignupForm'
facebook = get_facebook_graph(access_token='short_username')
action, user = connect_user(self.request, facebook_graph=facebook)
# The test form always sets username to test form
self.assertEqual(user.username, 'Test form')
def test_full_connect(self):
# going for a register, connect and login
graph = get_facebook_graph(request=self.request, access_token='short_username')
FacebookUserConverter(graph)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
# and now we do a login, not a connect
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
self.request.GET._mutable = True
self.request.GET['connect_facebook'] = 1
action, user = connect_user(
self.request, facebook_graph=graph, connect_facebook=True)
self.assertEqual(action, CONNECT_ACTIONS.CONNECT)
self.request.user = AnonymousUser()
action, user = connect_user(
self.request, facebook_graph=graph, connect_facebook=True)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
def test_persistent_graph(self):
request = RequestMock().get('/')
request.session = {}
request.user = AnonymousUser()
graph = get_facebook_graph(access_token='short_username')
FacebookUserConverter(graph)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
def test_persistent_graph(self):
request = RequestMock().get('/')
request.session = {}
request.user = AnonymousUser()
graph = get_facebook_graph(access_token='short_username')
FacebookUserConverter(graph)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
def connect(request):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
'''
#test code time to remove
uri = 'http://%s%s?facebook_login=1' % (request.META['HTTP_HOST'],
request.path)
if request.GET.get('redirect'):
return facebook_login_required(uri, scope='read_stream')
context = RequestContext(request)
assert context.get('FACEBOOK_APP_ID'), 'Please specify a facebook app id '\
'and ensure the context processor is enabled'
facebook_login = bool(int(request.REQUEST.get('facebook_login', 0)))
if facebook_login:
graph = get_facebook_graph(request)
if graph:
facebook = FacebookUserConverter(graph)
if facebook.is_authenticated():
facebook_data = facebook.facebook_profile_data()
#either, login register or connect the user
try:
action, user = connect_user(request)
except facebook_exceptions.IncompleteProfileError, e:
warn_message = u'Incomplete profile data encountered '\
'with error %s' % e
logger.warn(warn_message,
exc_info=sys.exc_info(), extra={
'request': request,
'data': {
'username': request.user.username,
'facebook_data': facebook.facebook_profile_data(),
'body': unicode(e),
}
})
context['facebook_mode'] = True
context['form'] = e.form
return render_to_response(
'registration/registration_form.html',
context_instance=context,
)
if action is CONNECT_ACTIONS.CONNECT:
messages.info(request, _("You have connected your account "
"to %s's facebook profile") % facebook_data['name'])
elif action is CONNECT_ACTIONS.REGISTER:
return user.get_profile().post_facebook_registration(request)
else:
return next_redirect(request, next_key=['error_next', 'next'],
additional_params=dict(fb_error_or_cancel=1))
return next_redirect(request)
def test_registration_form(self):
'''
Django_facebook should use user supplied registration form if given
'''
facebook_settings.FACEBOOK_REGISTRATION_FORM = 'django_facebook.test_utils.forms.SignupForm'
facebook = get_facebook_graph(access_token='short_username')
action, user = connect_user(self.request, facebook_graph=facebook)
# The test form always sets username to test form
self.assertEqual(user.username, 'Test form')
def connect(request):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
'''
context = RequestContext(request)
assert context.get(
'FACEBOOK_APP_ID'
), 'Please specify a facebook app id and ensure the context processor is enabled'
facebook_login = bool(int(request.REQUEST.get('facebook_login', 0)))
if facebook_login:
facebook = get_facebook_graph(request)
if facebook.is_authenticated():
facebook_data = facebook.facebook_profile_data()
#either, login register or connect the user
try:
action, user = connect_user(request)
except facebook_exceptions.IncompleteProfileError, e:
logger.error(unicode(e),
exc_info=sys.exc_info(),
extra={
'request': request,
'data': {
'username':
request.user.username,
'facebook_data':
facebook.facebook_profile_data(),
'body':
unicode(e),
}
})
context['facebook_mode'] = True
context['form'] = e.form
return render_to_response(
'registration/registration_form.html', context)
if action is CONNECT_ACTIONS.CONNECT:
messages.info(
request,
_("You have connected your account to %s's facebook profile"
) % facebook_data['name'])
elif action is CONNECT_ACTIONS.REGISTER:
response = user.get_profile().post_facebook_registration()
return response
else:
return next_redirect(request,
additional_params=dict(fb_error_or_cancel=1),
next_key=['error_next', 'next'])
return next_redirect(request)
def connect(request):
"""
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
"""
context = RequestContext(request)
assert context.get("FACEBOOK_APP_ID"), (
"Please specify a facebook app id " "and ensure the context processor is enabled"
)
facebook_login = bool(int(request.REQUEST.get("facebook_login", 0)))
if facebook_login:
# code to redirect if we don't have adequate permissions
from django_facebook.utils import test_permissions
scope_list = facebook_settings.FACEBOOK_DEFAULT_SCOPE
# standardizing the url to prevent things like attempt from being included
redirect_uri = request.build_absolute_uri(request.path) + "?facebook_login=1"
oauth_url, redirect_uri = get_oauth_url(request, scope_list, redirect_uri=redirect_uri)
if not test_permissions(request, scope_list, redirect_uri):
return HttpResponseRedirect(oauth_url)
graph = get_persistent_graph(request)
if graph:
facebook = FacebookUserConverter(graph)
if facebook.is_authenticated():
facebook_data = facebook.facebook_profile_data()
# either, login register or connect the user
try:
action, user = connect_user(request)
logger.info("Django facebook, action was %s", action)
except facebook_exceptions.IncompleteProfileError, e:
warn_message = u"Incomplete profile data encountered " u"with error %s" % e
send_warning(warn_message, e=e, facebook_data=facebook.facebook_profile_data())
context["facebook_mode"] = True
context["form"] = e.form
return render_to_response(
facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE, context_instance=context
)
if action is CONNECT_ACTIONS.CONNECT:
messages.info(
request,
_("You have connected your account " "to %s's facebook profile") % facebook_data["name"],
)
elif action is CONNECT_ACTIONS.REGISTER:
return user.get_profile().post_facebook_registration(request)
else:
return next_redirect(request, next_key=["error_next", "next"], additional_params=dict(fb_error_or_cancel=1))
return next_redirect(request)
def _connect(request, graph):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
We are already covered by the facebook_required_lazy decorator
So we know we either have a graph and permissions, or the user denied
the oAuth dialog
'''
backend = get_registration_backend()
context = RequestContext(request)
connect_facebook = to_bool(request.REQUEST.get('connect_facebook'))
logger.info('trying to connect using Facebook')
if graph:
logger.info('found a graph object')
converter = get_instance_for('user_conversion', graph)
authenticated = converter.is_authenticated()
# Defensive programming :)
if not authenticated:
raise ValueError('didnt expect this flow')
logger.info('Facebook is authenticated')
facebook_data = converter.facebook_profile_data()
# either, login register or connect the user
try:
action, user = connect_user(
request, connect_facebook=connect_facebook)
logger.info('Django facebook performed action: %s', action)
except facebook_exceptions.IncompleteProfileError, e:
# show them a registration form to add additional data
warning_format = u'Incomplete profile data encountered with error %s'
warn_message = warning_format % unicode(e)
send_warning(warn_message, e=e,
facebook_data=facebook_data)
context['facebook_mode'] = True
context['form'] = e.form
#MJA modification to auto-register
#backend.register(request, None, username='******', eamil='*****@*****.**', password1='Blahblah3')
#return next_redirect(request)
return render_to_response(
facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE,
context_instance=context,
)
except facebook_exceptions.AlreadyConnectedError, e:
user_ids = [u.get_user_id() for u in e.users]
ids_string = ','.join(map(str, user_ids))
additional_params = dict(already_connected=ids_string)
return backend.post_error(request, additional_params)
def test_gender_matching(self):
request = RequestMock().get('/')
request.session = {}
request.user = AnonymousUser()
graph = get_persistent_graph(request, access_token='paul')
converter = FacebookUserConverter(graph)
base_data = converter.facebook_profile_data()
self.assertEqual(base_data['gender'], 'male')
data = converter.facebook_registration_data()
self.assertEqual(data['gender'], 'm')
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(user.get_profile().gender, 'm')
def test_long_username(self):
request = RequestMock().get('/')
request.session = {}
request.user = AnonymousUser()
graph = get_persistent_graph(request, access_token='long_username')
converter = FacebookUserConverter(graph)
base_data = converter.facebook_registration_data()
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(len(base_data['username']), 30)
self.assertEqual(len(user.username), 30)
self.assertEqual(len(user.first_name), 30)
self.assertEqual(len(user.last_name), 30)
def test_gender_matching(self):
request = RequestMock().get('/')
request.session = {}
request.user = AnonymousUser()
graph = get_persistent_graph(request, access_token='paul')
converter = FacebookUserConverter(graph)
base_data = converter.facebook_profile_data()
self.assertEqual(base_data['gender'], 'male')
data = converter.facebook_registration_data()
self.assertEqual(data['gender'], 'm')
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(user.get_profile().gender, 'm')
def test_long_username(self):
request = RequestMock().get('/')
request.session = {}
request.user = AnonymousUser()
graph = get_persistent_graph(request, access_token='long_username')
converter = FacebookUserConverter(graph)
base_data = converter.facebook_registration_data()
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(len(base_data['username']), 30)
self.assertEqual(len(user.username), 30)
self.assertEqual(len(user.first_name), 30)
self.assertEqual(len(user.last_name), 30)
def is_authenticated(self, request, **kwargs):
auth_params = request.META.get("HTTP_AUTHORIZATION", '')
if auth_params:
parts = auth_params.split()
if len(parts) == 2:
if parts[0] == 'Facebook':
access_token = parts[1]
try:
action, user = connect_user(request, access_token=access_token)
return True
except Exception, err:
logger.error('ERROR {0}: {1}'.format(self.__class__.__name__, str(err)))
def test_update_access_token(self):
request = RequestMock().get('/')
request.session = {}
request.user = AnonymousUser()
graph = get_persistent_graph(request, access_token='paul')
action, user = connect_user(self.request, facebook_graph=graph)
first_user_id = user.id
# new token required should start out as False
profile = try_get_profile(user)
new_token_required = get_user_attribute(user, profile,
'new_token_required')
self.assertEqual(new_token_required, False)
# we manually set it to true
update_user_attributes(user,
profile,
dict(new_token_required=True),
save=True)
if profile:
profile = get_profile_model().objects.get(id=profile.id)
user = get_user_model().objects.get(id=user.id)
new_token_required = get_user_attribute(user, profile,
'new_token_required')
self.assertEqual(new_token_required, True)
# another update should however set it back to False
request.facebook = None
graph = get_facebook_graph(request, access_token='paul2')
logger.info('and the token is %s', graph.access_token)
action, user = connect_user(self.request, facebook_graph=graph)
user = get_user_model().objects.get(id=user.id)
self.assertEqual(user.id, first_user_id)
if profile:
profile = get_profile_model().objects.get(id=profile.id)
user = get_user_model().objects.get(id=user.id)
new_token_required = get_user_attribute(user, profile,
'new_token_required')
self.assertEqual(new_token_required, False)
def test_parallel_register(self):
'''
Adding some testing for the case when one person tries to register
multiple times in the same second
'''
graph = get_facebook_graph(access_token='short_username')
FacebookUserConverter(graph)
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
self.request.user.is_authenticated = lambda: False
with patch('django_facebook.connect.authenticate') as patched:
return_sequence = [user, None]
def side(*args, **kwargs):
value = return_sequence.pop()
return value
patched.side_effect = side
with patch('django_facebook.connect._register_user') as patched_register:
patched_register.side_effect = facebook_exceptions.AlreadyRegistered('testing parallel registers')
action, user = connect_user(self.request, facebook_graph=graph)
self.assertEqual(action, CONNECT_ACTIONS.LOGIN)
def is_authenticated(self, request, **kwargs):
auth_params = request.META.get("HTTP_AUTHORIZATION", '')
if auth_params:
parts = auth_params.split()
if len(parts) == 2:
if parts[0] == 'Facebook':
access_token = parts[1]
try:
action, user = connect_user(request,
access_token=access_token)
return True
except Exception, err:
logger.error('ERROR {0}: {1}'.format(
self.__class__.__name__, str(err)))
def post(self, request):
serializer = self.serializer_class(data=request.DATA)
if serializer.is_valid():
action, user = connect_user(self.request, serializer.data['access_token'])
token, created = Token.objects.get_or_create(user=user)
if created:
create_default_categories(user=user)
else:
t = threading.Thread(target=update_user_profile,
args=[user])
t.setDaemon(True)
t.start()
return Response({'token': token.key})
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def test_update_access_token(self):
request = RequestMock().get('/')
request.session = {}
request.user = AnonymousUser()
graph = get_persistent_graph(request, access_token='paul')
action, user = connect_user(self.request, facebook_graph=graph)
first_user_id = user.id
# new token required should start out as False
profile = try_get_profile(user)
new_token_required = get_user_attribute(
user, profile, 'new_token_required')
self.assertEqual(new_token_required, False)
# we manually set it to true
update_user_attributes(
user, profile, dict(new_token_required=True), save=True)
if profile:
profile = get_profile_model().objects.get(id=profile.id)
user = get_user_model().objects.get(id=user.id)
new_token_required = get_user_attribute(
user, profile, 'new_token_required')
self.assertEqual(new_token_required, True)
# another update should however set it back to False
request.facebook = None
graph = get_facebook_graph(request, access_token='paul2')
logger.info('and the token is %s', graph.access_token)
action, user = connect_user(self.request, facebook_graph=graph)
user = get_user_model().objects.get(id=user.id)
self.assertEqual(user.id, first_user_id)
if profile:
profile = get_profile_model().objects.get(id=profile.id)
user = get_user_model().objects.get(id=user.id)
new_token_required = get_user_attribute(
user, profile, 'new_token_required')
self.assertEqual(new_token_required, False)
def fb_home(request):
logging.debug('GM: fb_home request %s' % (request))
#assumes they have been through enhanced fb auth and granted permissions, so just connect them
from django_facebook.connect import connect_user
#either, login register or connect the user
action, user = connect_user(request)
logging.debug('GM: fb_home user returned %s with action %s' % (user, action))
if user:
#TODO: could check for the request ID and check everything is legit but at the moment assume it is
#fb_request_ids = request.GET.get('request_ids', None)
#we have AUTO_ACCEPT set true so no need to accept the invite here just go through
return welcome(request)
#somthing has gone wrong authenticating them go to homepage
return render_to_response('home.html', context_instance=RequestContext(request))
def test_auth_backend(self):
backend = FacebookBackend()
facebook = get_facebook_graph(access_token='new_user')
action, user = connect_user(self.request, facebook_graph=facebook)
facebook_email = user.email
facebook_id = user.get_profile().facebook_id
auth_user = backend.authenticate(facebook_email=facebook_email)
assert auth_user == user
auth_user = backend.authenticate(facebook_id=facebook_id)
assert auth_user == user
auth_user = backend.authenticate(facebook_id=facebook_id, facebook_email=facebook_email)
assert auth_user == user
auth_user = backend.authenticate()
assert not auth_user
def test_auth_backend(self):
backend = FacebookBackend()
facebook = get_facebook_graph(access_token="new_user")
action, user = connect_user(self.request, facebook_graph=facebook)
facebook_email = user.email
facebook_id = user.get_profile().facebook_id
auth_user = backend.authenticate(facebook_email=facebook_email)
self.assertEqual(auth_user, user)
auth_user = backend.authenticate(facebook_id=facebook_id)
self.assertEqual(auth_user, user)
auth_user = backend.authenticate(facebook_id=facebook_id, facebook_email=facebook_email)
self.assertEqual(auth_user, user)
auth_user = backend.authenticate()
self.assertIsNone(auth_user)
def is_authenticated(self, request, **kwargs):
auth_params = request.META.get('HTTP_X_FACEBOOK_AUTHENTICATION')
if auth_params:
parts = auth_params.split()
if len(parts) == 2:
if parts[0] == 'OAuth':
access_token = parts[1]
facebook = OpenFacebook(access_token)
try:
if facebook == None or not facebook.is_authenticated():
return self._unauthorized()
action, user = connect_user(request, access_token, facebook)
request.user = user
return True
except Exception, err:
logger.error('ERROR %s: %s' % (self.__class__.__name__, unicode(err)))
def test_auth_backend(self):
backend = FacebookBackend()
facebook = get_facebook_graph(access_token='new_user')
action, user = connect_user(self.request, facebook_graph=facebook)
facebook_email = user.email
facebook_id = user.get_profile().facebook_id
auth_user = backend.authenticate(facebook_email=facebook_email)
assert auth_user == user
auth_user = backend.authenticate(facebook_id=facebook_id)
assert auth_user == user
auth_user = backend.authenticate(facebook_id=facebook_id, facebook_email=facebook_email)
assert auth_user == user
auth_user = backend.authenticate()
assert not auth_user
def test_registration_form(self):
'''
Django_facebook should use user supplied registration form if given
'''
from django.conf import settings
if settings.MODE == 'userena':
return
test_form = 'django_facebook.test_utils.forms.SignupForm'
old_setting = facebook_settings.FACEBOOK_REGISTRATION_FORM
facebook_settings.FACEBOOK_REGISTRATION_FORM = test_form
try:
facebook = get_facebook_graph(access_token='short_username')
action, user = connect_user(self.request, facebook_graph=facebook)
# The test form always sets username to test form
self.assertEqual(user.username, 'Test form')
finally:
facebook_settings.FACEBOOK_REGISTRATION_FORM = old_setting
def connect(request):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
'''
context = RequestContext(request)
facebook_login = bool(int(request.REQUEST.get('facebook_login', 0)))
if facebook_login:
facebook = get_facebook_graph(request)
if facebook.is_authenticated():
facebook_data = facebook.facebook_profile_data()
#either, login register or connect the user
try:
action, user = connect_user(request)
except facebook_exceptions.IncompleteProfileError, e:
logger.error(unicode(e))
messages.error(
request,
_("Please allow the request for permission in order to log in."
))
return next_redirect(request)
if action is CONNECT_ACTIONS.CONNECT:
messages.info(
request,
_("You have connected your account to %s's facebook profile"
) % facebook_data['name'])
elif action is CONNECT_ACTIONS.REGISTER:
member_overview_url = user.get_profile().url['overview']
response = HttpResponseRedirect(member_overview_url)
response.set_cookie('fresh_registration', user.id)
return response
else:
return next_redirect(request,
additional_params=dict(fb_error_or_cancel=1))
return next_redirect(request)
def test_auth_backend(self):
# the auth backend
backend = FacebookBackend()
facebook = get_facebook_graph(access_token='new_user')
action, user = connect_user(self.request, facebook_graph=facebook)
facebook_email = user.email
profile = try_get_profile(user)
user_or_profile = get_instance_for_attribute(user, profile,
'facebook_id')
facebook_id = user_or_profile.facebook_id
auth_user = backend.authenticate(facebook_email=facebook_email)
logger.info('%s %s %s', auth_user.email, user.email, facebook_email)
self.assertEqual(auth_user, user)
auth_user = backend.authenticate(facebook_id=facebook_id)
self.assertEqual(auth_user, user)
auth_user = backend.authenticate(facebook_id=facebook_id,
facebook_email=facebook_email)
self.assertEqual(auth_user, user)
auth_user = backend.authenticate()
self.assertIsNone(auth_user)
def fblogin(request):
# we store the place to redirct to in state
graph = get_facebook_graph(request,
redirect_uri=settings.FACEBOOOK_REDIRECT_URI)
action, user = connect_user(request, facebook_graph=graph)
user.save()
LinkedInProfile.objects.get_or_create(user=user)
graph = get_facebook_graph(access_token=user.get_profile().access_token)
graph_data = graph.get('/me')
t = loader.get_template("profile.html")
liApi = linkedin.LinkedIn('d4sg4uq23heb', 'CECqmTcwYr9GZod5',
'http://creeply.dev:8000/linkedin/login')
result = liApi.request_token()
if result:
graph_data['liUrl'] = liApi.get_authorize_url()
user.liProfile.request_token = liApi._request_token
user.liProfile.request_token_secret = liApi._request_token_secret
user.liProfile.save()
graph_data[
'img'] = 'https://graph.facebook.com/%s/picture?type=large' % user.get_profile(
).facebook_id
c = Context(graph_data)
return HttpResponse(t.render(c))
def test_auth_backend(self):
# the auth backend
backend = FacebookBackend()
facebook = get_facebook_graph(access_token='new_user')
action, user = connect_user(self.request, facebook_graph=facebook)
facebook_email = user.email
profile = try_get_profile(user)
user_or_profile = get_instance_for_attribute(user, profile,
'facebook_id')
facebook_id = user_or_profile.facebook_id
auth_user = backend.authenticate(facebook_email=facebook_email)
#I GOT IT WORKING!!!!!!!!!!
self.client.login(facebook_email=facebook_email)
# response = self.client.get('/login/?testing=True')
response = self.client.get('/login/')
self.assertTemplateUsed(response, )
template_names = []
for template in response.templates:
template_names.append(template.name)
print template_names
# logger.info('%s %s %s', auth_user.email, user.email, facebook_email)
self.assertEqual(auth_user, user)
auth_user = backend.authenticate(facebook_id=facebook_id)
self.assertEqual(auth_user, user)
auth_user = backend.authenticate(facebook_id=facebook_id,
facebook_email=facebook_email)
self.assertEqual(auth_user, user)
auth_user = backend.authenticate()
self.assertIsNone(auth_user)
def process_request(self, request):
"""
This middleware authenticates the facebook user when
he/she is accessing the app from facebook (not an internal page)
The flow is show below:
if referer is facebook:
it's a canvas app and the first hit on the app
If error:
attempt to reauthenticate using authorization dialog
if signed_request not sent or does not have the user_id and the access_token:
user has not authorized app
redirect to authorization dialog
else:
check permissions
if user is authenticated (in django):
check if current facebook user is the same that is authenticated
if not: logout authenticated user
if user is not authenticated:
connect_user (django_facebook.connect module)
changed method to GET. Facebook always sends a POST first.
else:
It's an internal page.
No signed_request is sent.
Return
"""
# This call cannot be global'ized or Django will return an empty response
# after the first one
redirect_login_oauth = ScriptRedirect(redirect_to=generate_oauth_url(),
show_body=False)
# check referer to see if this is the first access
# or it's part of navigation in app
# facebook always sends a POST reuqest
referer = request.META.get('HTTP_REFERER', None)
if referer:
urlparsed = urlparse(referer)
if not urlparsed.netloc.endswith('facebook.com'):
return
# when there is an error, we attempt to allow user to
# reauthenticate
if 'error' in request.GET:
return redirect_login_oauth
else:
return
# get signed_request
signed_request = request.POST.get('signed_request', None)
try:
# get signed_request
parsed_signed_request = FacebookAuthorization.parse_signed_data(
signed_request)
access_token = parsed_signed_request['oauth_token']
facebook_id = int(parsed_signed_request['user_id'])
except:
# redirect to authorization dialog
# if app not authorized by user
return redirect_login_oauth
# check for permissions
try:
graph = self.check_permissions(access_token)
except MissingPermissionsError:
return redirect_login_oauth
# check if user authenticated and if it's the same
if request.user.is_authenticated():
self.check_django_facebook_user(request, facebook_id, access_token)
request.facebook = graph
if not request.user.is_authenticated():
_action, _user = connect_user(request, access_token, graph)
# override http method, since this actually is a GET
if request.method == 'POST':
request.method = 'GET'
return
def _connect(request, facebook_login):
'''
Handles the view logic around connect user
- (if authenticated) connect the user
- login
- register
'''
backend = get_registration_backend()
context = RequestContext(request)
if True:
logger.info('trying to connect using Facebook')
graph = require_persistent_graph(request)
authenticated = False
if graph:
logger.info('found a graph object')
facebook = FacebookUserConverter(graph)
authenticated = facebook.is_authenticated()
if authenticated:
logger.info('Facebook is authenticated')
facebook_data = facebook.facebook_profile_data()
#either, login register or connect the user : This is where it interfaces with Django
try:
action, user = connect_user(request)
logger.info('Django facebook performed action: %s', action)
print user
print request.user
except facebook_exceptions.IncompleteProfileError, e:
#show them a registration form to add additional data
warning_format = u'Incomplete profile data encountered with error %s'
warn_message = warning_format % e.message
send_warning(warn_message, e=e,
facebook_data=facebook_data)
context['facebook_mode'] = True
context['form'] = e.form
return render_to_response(
facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE,
context_instance=context,
)
except facebook_exceptions.AlreadyConnectedError, e:
user_ids = [u.user_id for u in e.users]
ids_string = ','.join(map(str, user_ids))
return error_next_redirect(
request,
additional_params=dict(already_connected=ids_string))
if action is CONNECT_ACTIONS.CONNECT:
#connect means an existing account was attached to facebook
messages.info(request, _("You have connected your account "
"to %s's facebook profile") % facebook_data['name'])
elif action is CONNECT_ACTIONS.REGISTER:
#hook for tying in specific post registration functionality
#response = backend.post_registration_redirect(
# request, user)
return HttpResponseRedirect(reverse('home_logged_home'))
#compatibility for Django registration backends which return redirect tuples instead of a response
if not isinstance(response, HttpResponse):
to, args, kwargs = response
response = redirect(to, *args, **kwargs)
return response
def test_short_username(self):
facebook = get_facebook_graph(access_token='short_username')
action, user = connect_user(self.request, facebook_graph=facebook)
self.assertTrue(len(user.username) > 4)
self.assertEqual(action, CONNECT_ACTIONS.REGISTER)
