def auth_process(request, backend):
"""Authenticate using social backend"""
# Save any defined next value into session
data = (request.POST if request.method == 'POST' else request.GET).dict()
if REDIRECT_FIELD_NAME in data:
# Check and sanitize a user-defined GET/POST next field value
redirect = data[REDIRECT_FIELD_NAME]
if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True):
redirect = sanitize_redirect(request.get_host(), redirect)
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
# Clean any partial pipeline info before starting the process
clean_partial_pipeline(request)
if backend.uses_redirect:
query = urlencode(data)
auth_url = backend.auth_url(data.get('extra_scope', ''))
if query:
auth_url += "&" + query
return HttpResponseRedirect(auth_url)
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend):
"""Authenticate using social backend"""
print(backend)
data = request.POST if request.method == 'POST' else request.GET
# Save extra data into session.
for field_name in setting('SOCIAL_AUTH_FIELDS_STORED_IN_SESSION', []):
if field_name in data:
request.session[field_name] = data[field_name]
# Save any defined next value into session
if REDIRECT_FIELD_NAME in data:
# Check and sanitize a user-defined GET/POST next field value
redirect = data[REDIRECT_FIELD_NAME]
if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True):
redirect = sanitize_redirect(request.get_host(), redirect)
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
# Clean any partial pipeline info before starting the process
clean_partial_pipeline(request)
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend):
"""Authenticate using social backend"""
data = request.POST if request.method == 'POST' else request.GET
# Save extra data into session.
for field_name in setting('SOCIAL_AUTH_FIELDS_STORED_IN_SESSION', []):
if field_name in data:
request.session[field_name] = data[field_name]
# Save any defined next value into session
if REDIRECT_FIELD_NAME in data:
# Check and sanitize a user-defined GET/POST next field value
redirect = data[REDIRECT_FIELD_NAME]
if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True):
redirect = sanitize_redirect(request.get_host(), redirect)
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
# Clean any partial pipeline info before starting the process
clean_partial_pipeline(request)
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend):
"""Authenticate using social backend"""
# Added by Mike:
# Save any query parameters into session.
data = request.POST if request.method == 'POST' else request.GET
for key, value in data.items():
request.session[key] = value
# Save any defined next value into session
data = request.POST if request.method == 'POST' else request.GET
if REDIRECT_FIELD_NAME in data:
# Check and sanitize a user-defined GET/POST next field value
redirect = data[REDIRECT_FIELD_NAME]
if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True):
redirect = sanitize_redirect(request.get_host(), redirect)
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
# Clean any partial pipeline info before starting the process
clean_partial_pipeline(request)
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend, complete_url_name):
"""Authenticate using social backend"""
redirect = reverse(complete_url_name, args=(backend,))
backend = get_backend(backend, request, redirect)
if not backend:
return HttpResponseServerError('Incorrect authentication service')
# Check and sanitize a user-defined GET/POST redirect_to field value.
redirect = sanitize_redirect(request.get_host(),
request.REQUEST.get(REDIRECT_FIELD_NAME))
error_redirect = sanitize_redirect(request.get_host(),
request.REQUEST.get(ERROR_REDIRECT_FIELD_NAME))
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
request.session[ERROR_REDIRECT_FIELD_NAME] = error_redirect or ERROR_DEFAULT_REDIRECT
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend):
"""Authenticate using social backend"""
# Save any defined redirect_to value into session
if REDIRECT_FIELD_NAME in request.REQUEST:
data = request.POST if request.method == "POST" else request.GET
if REDIRECT_FIELD_NAME in data:
# Check and sanitize a user-defined GET/POST redirect_to field value.
redirect = sanitize_redirect(request.get_host(), data[REDIRECT_FIELD_NAME])
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(), content_type="text/html;charset=UTF-8")
def complete_process(request, backend, *args, **kwargs):
"""Authentication complete process"""
user = auth_complete(request, backend, *args, **kwargs)
redirect_value = request.session.pop(REDIRECT_FIELD_NAME, '')
# this is added for FB client-side auth which POSTs to this view directly with an access_token
if REDIRECT_FIELD_NAME in request.REQUEST:
data = request.POST if request.method == 'POST' else request.GET
if REDIRECT_FIELD_NAME in data:
redirect = data[REDIRECT_FIELD_NAME]
if SANITIZE_REDIRECTS:
redirect = sanitize_redirect(request.get_host(), redirect)
if redirect:
redirect_value = redirect
if isinstance(user, HttpResponse):
return user
if user:
if getattr(user, 'is_active', True):
login(request, user)
messages.success(request, 'Awesome, you are now logged in!')
# user.social_user is the used UserSocialAuth instance defined
# in authenticate process
social_user = user.social_user
if SESSION_EXPIRATION :
# Set session expiration date if present and not disabled by
# setting. Use last social-auth instance for current provider,
# users can associate several accounts with a same provider.
if social_user.expiration_delta():
request.session.set_expiry(social_user.expiration_delta())
# store last login backend name in session
request.session[SOCIAL_AUTH_LAST_LOGIN] = social_user.provider
# Remove possible redirect URL from session, if this is a new
# account, send him to the new-users-page if defined.
url = NEW_USER_REDIRECT if NEW_USER_REDIRECT and \
getattr(user, 'is_new', False) else \
redirect_value or \
DEFAULT_REDIRECT
else:
url = INACTIVE_USER_URL or LOGIN_ERROR_URL
else:
if ERROR_MESSAGE:
messages.error(request, ERROR_MESSAGE)
url = LOGIN_ERROR_URL
return HttpResponseRedirect(url)
def auth_process(request, backend, complete_url_name):
"""Authenticate using social backend"""
redirect = reverse(complete_url_name, args=(backend,))
backend = get_backend(backend, request, redirect)
if not backend:
return HttpResponseServerError('Incorrect authentication service')
# Check and sanitize a user-defined GET/POST redirect_to field value.
redirect = sanitize_redirect(request.get_host(),
request.REQUEST.get(REDIRECT_FIELD_NAME))
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend):
"""Authenticate using social backend"""
# Save any defined next value into session
data = request.POST if request.method == 'POST' else request.GET
if REDIRECT_FIELD_NAME in data:
# Check and sanitize a user-defined GET/POST next field value
redirect = data[REDIRECT_FIELD_NAME]
if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True):
redirect = sanitize_redirect(request.get_host(), redirect)
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend):
"""Authenticate using social backend"""
# Save any defined redirect_to value into session
if REDIRECT_FIELD_NAME in request.REQUEST:
data = request.POST if request.method == 'POST' else request.GET
if REDIRECT_FIELD_NAME in data:
# Check and sanitize a user-defined GET/POST redirect_to field value.
redirect = data[REDIRECT_FIELD_NAME]
if SANITIZE_REDIRECTS:
redirect = sanitize_redirect(request.get_host(), redirect)
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend, complete_url_name):
"""Authenticate using social backend"""
redirect = reverse(complete_url_name, args=(backend,))
backend = get_backend(backend, request, redirect)
if not backend:
return HttpResponseServerError('Incorrect authentication service')
# Save any defined redirect_to value into session
if REDIRECT_FIELD_NAME in request.REQUEST:
data = request.POST if request.method == 'POST' else request.GET
if REDIRECT_FIELD_NAME in data:
# Check and sanitize a user-defined GET/POST redirect_to field value.
redirect = sanitize_redirect(request.get_host(),
data[REDIRECT_FIELD_NAME])
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend):
"""Authenticate using social backend"""
# Save any defined next value into session
data = request.POST if request.method == "POST" else request.GET
for field in data:
if field == REDIRECT_FIELD_NAME:
# Check and sanitize a user-defined GET/POST next field value
redirect = data[REDIRECT_FIELD_NAME]
if setting("SOCIAL_AUTH_SANITIZE_REDIRECTS", True):
redirect = sanitize_redirect(request.get_host(), redirect)
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
else:
request.session[field] = data[field]
# Clean any partial pipeline info before starting the process
clean_partial_pipeline(request)
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(), content_type="text/html;charset=UTF-8")
def auth_process(request, backend):
"""Authenticate using social backend"""
# Save any defined redirect_to value into session
if REDIRECT_FIELD_NAME in request.REQUEST:
data = request.POST if request.method == 'POST' else request.GET
if REDIRECT_FIELD_NAME in data:
# Check and sanitize a user-defined GET/POST redirect_to field value.
redirect = data[REDIRECT_FIELD_NAME]
if SANITIZE_REDIRECTS:
redirect = sanitize_redirect(request.get_host(), redirect)
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
backend_obj = getattr(backend, 'AUTH_BACKEND', backend)
args = ()
if backend_obj.name == 'twitter' and request.GET.get('write_access') == '1':
args = ({'x_auth_access_type': 'write'},)
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url(*args))
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
def auth_process(request, backend, complete_url_name):
"""Authenticate using social backend"""
redirect = reverse(complete_url_name, args=(backend,))
backend = get_backend(backend, request, redirect)
if not backend:
return HttpResponseServerError('Incorrect authentication service')
data = request.REQUEST
# Check and sanitize a user-defined GET/POST redirect_to field value.
redirect = sanitize_redirect(request.get_host(), data.get(REDIRECT_FIELD_NAME))
try:
request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
except ValueError, e:
error_key = getattr(settings, 'SOCIAL_AUTH_ERROR_KEY', None)
if error_key: # store error in session
request.session[error_key] = str(e)
url = getattr(settings, 'LOGIN_ERROR_URL', settings.LOGIN_URL)
return HttpResponseRedirect(url)
def auth_process(request, backend, complete_url_name):
"""Authenticate using social backend"""
redirect = reverse(complete_url_name, args=(backend,))
backend = get_backend(backend, request, redirect)
if not backend:
return HttpResponseServerError('Incorrect authentication service')
# Check and sanitize a user-defined GET/POST redirect_to field value.
redirect = sanitize_redirect(request.get_host(),
request.REQUEST.get(REDIRECT_FIELD_NAME))
request.session[REDIRECT_FIELD_NAME] = redirect
# Store query parameters (if any). These will be tacked on to the end of
# the login redirect url in complete_process().
all_params = dict(parse_qsl(request.META['QUERY_STRING']))
params = [(k, v) for k, v in all_params.items() if not k == REDIRECT_FIELD_NAME]
request.session[REDIRECT_QUERY_STRING] = urlencode(params)
if backend.uses_redirect:
return HttpResponseRedirect(backend.auth_url())
else:
return HttpResponse(backend.auth_html(),
content_type='text/html;charset=UTF-8')
