def fxa_register(request):
if not request.is_secure():
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires SSL',
'code': errors.BASKET_SSL_REQUIRED,
}, 401)
if not has_valid_api_key(request):
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires a valid API-key',
'code': errors.BASKET_AUTH_ERROR,
}, 401)
data = request.POST.dict()
if 'email' not in data:
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires an email address',
'code': errors.BASKET_USAGE_ERROR,
}, 401)
if 'fxa_id' not in data:
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires a Firefox Account ID',
'code': errors.BASKET_USAGE_ERROR,
}, 401)
if 'accept_lang' not in data:
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires accept_lang',
'code': errors.BASKET_USAGE_ERROR,
}, 401)
lang = get_best_language(get_accept_languages(data['accept_lang']))
if lang is None:
return HttpResponseJSON({
'status': 'error',
'desc': 'invalid language',
'code': errors.BASKET_INVALID_LANGUAGE,
}, 400)
args = [data['email'], lang, data['fxa_id']]
kwargs = {}
if 'source_url' in data:
kwargs['source_url'] = data['source_url']
if data.get('skip_welcome', False):
kwargs['skip_welcome'] = True
update_fxa_info.delay(*args, **kwargs)
return HttpResponseJSON({'status': 'ok'})
def fxa_register(request):
if not request.is_secure():
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires SSL',
'code': errors.BASKET_SSL_REQUIRED,
}, 401)
if not has_valid_api_key(request):
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires a valid API-key',
'code': errors.BASKET_AUTH_ERROR,
}, 401)
data = request.POST.dict()
if 'email' not in data:
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires an email address',
'code': errors.BASKET_USAGE_ERROR,
}, 401)
email = process_email(data['email'])
if not email:
return invalid_email_response()
if 'fxa_id' not in data:
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires a Firefox Account ID',
'code': errors.BASKET_USAGE_ERROR,
}, 401)
if 'accept_lang' not in data:
return HttpResponseJSON({
'status': 'error',
'desc': 'fxa-register requires accept_lang',
'code': errors.BASKET_USAGE_ERROR,
}, 401)
lang = get_best_language(get_accept_languages(data['accept_lang']))
if lang is None:
return HttpResponseJSON({
'status': 'error',
'desc': 'invalid language',
'code': errors.BASKET_INVALID_LANGUAGE,
}, 400)
update_fxa_info.delay(email, lang, data['fxa_id'])
return HttpResponseJSON({'status': 'ok'})
def update_user_task(request, api_call_type, data=None, optin=True, sync=False):
"""Call the update_user task async with the right parameters.
If sync==True, be sure to include the token in the response.
Otherwise, basket can just do everything in the background.
"""
data = data or request.POST.dict()
newsletters = data.get('newsletters', None)
if newsletters:
newsletters = [x.strip() for x in newsletters.split(',')]
if api_call_type == SUBSCRIBE:
all_newsletters = newsletter_and_group_slugs()
else:
all_newsletters = newsletter_slugs()
private_newsletters = newsletter_private_slugs()
for nl in newsletters:
if nl not in all_newsletters:
return HttpResponseJSON({
'status': 'error',
'desc': 'invalid newsletter',
'code': errors.BASKET_INVALID_NEWSLETTER,
}, 400)
if api_call_type != UNSUBSCRIBE and nl in private_newsletters:
if not request.is_secure():
return HttpResponseJSON({
'status': 'error',
'desc': 'private newsletter subscription requires SSL',
'code': errors.BASKET_SSL_REQUIRED,
}, 401)
if not has_valid_api_key(request):
return HttpResponseJSON({
'status': 'error',
'desc': 'private newsletter subscription requires a valid API key',
'code': errors.BASKET_AUTH_ERROR,
}, 401)
if 'lang' in data:
if not language_code_is_valid(data['lang']):
return HttpResponseJSON({
'status': 'error',
'desc': 'invalid language',
'code': errors.BASKET_INVALID_LANGUAGE,
}, 400)
elif 'accept_lang' in data:
lang = get_best_language(get_accept_languages(data['accept_lang']))
if lang:
data['lang'] = lang
del data['accept_lang']
else:
return HttpResponseJSON({
'status': 'error',
'desc': 'invalid language',
'code': errors.BASKET_INVALID_LANGUAGE,
}, 400)
email = data.get('email')
token = data.get('token')
if not (email or token):
return HttpResponseJSON({
'status': 'error',
'desc': MSG_EMAIL_OR_TOKEN_REQUIRED,
'code': errors.BASKET_USAGE_ERROR,
}, 400)
if sync:
try:
user_data, created = get_or_create_user_data(email=email, token=token)
except NewsletterException as e:
return newsletter_exception_response(e)
update_user.delay(data, user_data['email'], user_data['token'], api_call_type, optin,
start_time=time())
return HttpResponseJSON({
'status': 'ok',
'token': user_data['token'],
'created': created,
})
else:
update_user.delay(data, email, token, api_call_type, optin,
start_time=time())
return HttpResponseJSON({
'status': 'ok',
})
def _test(self, langs_list, expected_lang):
self.assertEqual(get_best_language(langs_list), expected_lang)
def _test(self, langs_list, expected_lang):
self.assertEqual(get_best_language(langs_list), expected_lang)
def update_user_task(request, api_call_type, data=None, optin=False, sync=False):
"""Call the update_user task async with the right parameters.
If sync==True, be sure to include the token in the response.
Otherwise, basket can just do everything in the background.
"""
data = data or request.POST.dict()
newsletters = parse_newsletters_csv(data.get('newsletters'))
if newsletters:
if api_call_type == SUBSCRIBE:
all_newsletters = newsletter_and_group_slugs() + get_transactional_message_ids()
else:
all_newsletters = newsletter_slugs()
private_newsletters = newsletter_private_slugs()
for nl in newsletters:
if nl not in all_newsletters:
return HttpResponseJSON({
'status': 'error',
'desc': 'invalid newsletter',
'code': errors.BASKET_INVALID_NEWSLETTER,
}, 400)
if api_call_type != UNSUBSCRIBE and nl in private_newsletters:
if not request.is_secure():
return HttpResponseJSON({
'status': 'error',
'desc': 'private newsletter subscription requires SSL',
'code': errors.BASKET_SSL_REQUIRED,
}, 401)
if not has_valid_api_key(request):
return HttpResponseJSON({
'status': 'error',
'desc': 'private newsletter subscription requires a valid API key',
'code': errors.BASKET_AUTH_ERROR,
}, 401)
if 'lang' in data:
if not language_code_is_valid(data['lang']):
data['lang'] = 'en'
elif 'accept_lang' in data:
lang = get_best_language(get_accept_languages(data['accept_lang']))
if lang:
data['lang'] = lang
del data['accept_lang']
else:
data['lang'] = 'en'
email = data.get('email')
token = data.get('token')
if not (email or token):
return HttpResponseJSON({
'status': 'error',
'desc': MSG_EMAIL_OR_TOKEN_REQUIRED,
'code': errors.BASKET_USAGE_ERROR,
}, 400)
if optin:
data['optin'] = True
if api_call_type == SUBSCRIBE and email and data.get('newsletters'):
# only rate limit here so we don't rate limit errors.
if is_ratelimited(request, group='news.views.update_user_task.subscribe',
key=lambda x, y: '%s-%s' % (data['newsletters'], email),
rate=EMAIL_SUBSCRIBE_RATE_LIMIT, increment=True):
raise Ratelimited()
if api_call_type == SET and token and data.get('newsletters'):
# only rate limit here so we don't rate limit errors.
if is_ratelimited(request, group='news.views.update_user_task.set',
key=lambda x, y: '%s-%s' % (data['newsletters'], token),
rate=EMAIL_SUBSCRIBE_RATE_LIMIT, increment=True):
raise Ratelimited()
if sync:
statsd.incr('news.views.subscribe.sync')
if settings.MAINTENANCE_MODE and not settings.MAINTENANCE_READ_ONLY:
# save what we can
upsert_user.delay(api_call_type, data, start_time=time())
# have to error since we can't return a token
return HttpResponseJSON({
'status': 'error',
'desc': 'sync is not available in maintenance mode',
'code': errors.BASKET_NETWORK_FAILURE,
}, 400)
try:
user_data = get_user_data(email=email, token=token)
except NewsletterException as e:
return newsletter_exception_response(e)
if not user_data:
if not email:
# must have email to create a user
return HttpResponseJSON({
'status': 'error',
'desc': MSG_EMAIL_OR_TOKEN_REQUIRED,
'code': errors.BASKET_USAGE_ERROR,
}, 400)
token, created = upsert_contact(api_call_type, data, user_data)
return HttpResponseJSON({
'status': 'ok',
'token': token,
'created': created,
})
else:
upsert_user.delay(api_call_type, data, start_time=time())
return HttpResponseJSON({
'status': 'ok',
})
