def login(request, template):
"""Try to log the user in."""
if request.method == 'GET' and not request.MOBILE:
url = reverse('users.auth') + '?' + request.GET.urlencode()
return HttpResponsePermanentRedirect(url)
next_url = get_next_url(request) or reverse('home')
form = handle_login(request)
if request.user.is_authenticated():
# Add a parameter so we know the user just logged in.
# fpa = "first page authed" or something.
next_url = urlparams(next_url, fpa=1)
res = HttpResponseRedirect(next_url)
max_age = (None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE else
settings.SESSION_COOKIE_AGE)
res.set_cookie(settings.SESSION_EXISTS_COOKIE,
'1',
secure=False,
max_age=max_age)
return res
if request.MOBILE:
return render(request, template, {'form': form})
return user_auth(request, login_form=form)
def login(request, template):
"""Try to log the user in."""
if request.method == 'GET' and not request.MOBILE:
url = reverse('users.auth') + '?' + request.GET.urlencode()
return HttpResponsePermanentRedirect(url)
next_url = get_next_url(request) or reverse('home')
form = handle_login(request)
if request.user.is_authenticated():
# Add a parameter so we know the user just logged in.
# fpa = "first page authed" or something.
next_url = urlparams(next_url, fpa=1)
res = HttpResponseRedirect(next_url)
max_age = (None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE
else settings.SESSION_COOKIE_AGE)
res.set_cookie(settings.SESSION_EXISTS_COOKIE,
'1',
secure=False,
max_age=max_age)
return res
if request.MOBILE:
return jingo.render(request, template, {
'form': form,
})
return user_auth(request, login_form=form)
def join_contributors(request):
"""Join the Contributors group."""
next = get_next_url(request) or reverse('home')
group = Group.objects.get(name='Contributors')
request.user.groups.add(group)
messages.add_message(request, messages.SUCCESS,
_('You are now part of the Contributors group!'))
return HttpResponseRedirect(next)
def logout(request):
"""Log the user out."""
auth.logout(request)
statsd.incr('user.logout')
res = HttpResponseRedirect(get_next_url(request) or reverse('home'))
res.delete_cookie(settings.SESSION_EXISTS_COOKIE)
return res
def logout(request):
"""Log the user out."""
auth.logout(request)
statsd.incr('user.logout')
res = HttpResponseRedirect(get_next_url(request) or reverse('home'))
res.delete_cookie(settings.SESSION_EXISTS_COOKIE)
return res
def logout(request):
"""Log the user out."""
auth.logout(request)
next_url = get_next_url(request) if 'next' in request.GET else ''
res = HttpResponseRedirect(next_url or reverse('home'))
res.delete_cookie(settings.SESSION_EXISTS_COOKIE)
return res
def join_contributors(request):
"""Join the Contributors group."""
next = get_next_url(request) or reverse('home')
group = Group.objects.get(name='Contributors')
request.user.groups.add(group)
messages.add_message(request, messages.SUCCESS,
_('You are now part of the Contributors group!'))
return HttpResponseRedirect(next)
def login(request):
"""Try to log the user in."""
next_url = get_next_url(request) or reverse('home')
form = handle_login(request)
if request.user.is_authenticated():
return HttpResponseRedirect(next_url)
return jingo.render(request, 'users/login.html',
{'form': form, 'next_url': next_url})
def watch_locale(request):
"""Watch/unwatch a locale."""
locale = request.locale
if request.POST.get('watch') == 'yes':
NewPostInLocaleEvent.notify(request.user, locale=locale)
NewThreadInLocaleEvent.notify(request.user, locale=locale)
else:
NewPostInLocaleEvent.stop_notifying(request.user, locale=locale)
NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale)
return HttpResponseRedirect(get_next_url(request))
def watch_locale(request):
"""Watch/unwatch a locale."""
locale = request.locale
if request.POST.get('watch') == 'yes':
NewPostInLocaleEvent.notify(request.user, locale=locale)
NewThreadInLocaleEvent.notify(request.user, locale=locale)
else:
NewPostInLocaleEvent.stop_notifying(request.user, locale=locale)
NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale)
return HttpResponseRedirect(get_next_url(request))
def login(request):
"""Try to log the user in."""
next_url = get_next_url(request) or reverse('home')
form = handle_login(request)
if request.user.is_authenticated():
return HttpResponseRedirect(next_url)
return jingo.render(request, 'users/login.html', {
'form': form,
'next_url': next_url
})
def login(request):
"""Try to log the user in."""
next_url = get_next_url(request) or reverse('home')
form = handle_login(request)
if request.user.is_authenticated():
res = HttpResponseRedirect(next_url)
res.set_cookie(settings.SESSION_EXISTS_COOKIE, '1', secure=False)
return res
return jingo.render(request, 'users/login.html',
{'form': form, 'next_url': next_url})
def watch_locale(request):
"""Watch/unwatch a locale."""
locale = request.locale
if request.POST.get("watch") == "yes":
NewPostInLocaleEvent.notify(request.user, locale=locale)
NewThreadInLocaleEvent.notify(request.user, locale=locale)
statsd.incr("kbforums.watches.locale")
else:
NewPostInLocaleEvent.stop_notifying(request.user, locale=locale)
NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale)
# If there is no next url, send the user to the home page.
return HttpResponseRedirect(get_next_url(request) or reverse("home"))
def watch_locale(request):
"""Watch/unwatch a locale."""
locale = request.LANGUAGE_CODE
if request.POST.get('watch') == 'yes':
NewPostInLocaleEvent.notify(request.user, locale=locale)
NewThreadInLocaleEvent.notify(request.user, locale=locale)
statsd.incr('kbforums.watches.locale')
else:
NewPostInLocaleEvent.stop_notifying(request.user, locale=locale)
NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale)
# If there is no next url, send the user to the home page.
return HttpResponseRedirect(get_next_url(request) or reverse('home'))
def watch_locale(request):
"""Watch/unwatch a locale."""
locale = request.LANGUAGE_CODE
if request.POST.get('watch') == 'yes':
NewPostInLocaleEvent.notify(request.user, locale=locale)
NewThreadInLocaleEvent.notify(request.user, locale=locale)
statsd.incr('kbforums.watches.locale')
else:
NewPostInLocaleEvent.stop_notifying(request.user, locale=locale)
NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale)
# If there is no next url, send the user to the home page.
return HttpResponseRedirect(get_next_url(request) or reverse('home'))
def login(request):
"""Try to log the user in."""
next_url = get_next_url(request) or reverse('home')
form = handle_login(request)
if request.user.is_authenticated():
res = HttpResponseRedirect(next_url)
max_age = (None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE else
settings.SESSION_COOKIE_AGE)
res.set_cookie(settings.SESSION_EXISTS_COOKIE,
'1',
secure=False,
max_age=max_age)
return res
return jingo.render(request, 'users/login.html', {
'form': form,
'next_url': next_url
})
def user_auth(request, contributor=False, register_form=None,
login_form=None):
"""Try to log the user in, or register a user.
POSTs from these forms do not come back to this view, but instead go to the
login and register views, which may redirect back to this in case of error.
"""
next_url = get_next_url(request) or reverse('home')
if login_form is None:
login_form = AuthenticationForm()
if register_form is None:
register_form = RegisterForm()
return render(request, 'users/auth.html', {
'login_form': login_form,
'register_form': register_form,
'contributor': contributor,
'next_url': next_url})
def user_auth(request, contributor=False, register_form=None, login_form=None):
"""Try to log the user in, or register a user.
POSTs from these forms do not come back to this view, but instead go to the
login and register views, which may redirect back to this in case of error.
"""
next_url = get_next_url(request) or reverse('home')
if login_form is None:
login_form = AuthenticationForm()
if register_form is None:
register_form = RegisterForm()
return render(
request, 'users/auth.html', {
'login_form': login_form,
'register_form': register_form,
'contributor': contributor,
'next_url': next_url
})
def login(request, template):
"""Try to log the user in."""
if request.method == 'GET' and not request.MOBILE:
url = reverse('users.auth') + '?' + request.GET.urlencode()
return HttpResponsePermanentRedirect(url)
next_url = get_next_url(request) or reverse('home')
form = handle_login(request)
if request.user.is_authenticated():
res = HttpResponseRedirect(next_url)
max_age = (None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE
else settings.SESSION_COOKIE_AGE)
res.set_cookie(settings.SESSION_EXISTS_COOKIE,
'1',
secure=False,
max_age=max_age)
return res
return user_auth(request, login_form=form)
def test_post(self):
"""'next' in POST overrides GET."""
r = self.r.post('/?next=/foo', {'next': '/bar'})
eq_('/bar', get_next_url(r))
def locales(request, template):
"""The locale switcher page."""
return render(request, template,
dict(next_url=get_next_url(request) or reverse('home')))
def logout(request):
"""Log the user out."""
auth.logout(request)
next_url = get_next_url(request) if 'next' in request.GET else ''
return HttpResponseRedirect(next_url or reverse('home'))
def _get_next_url_fallback_localization(request):
return get_next_url(request) or reverse('dashboards.localization')
def _get_next_url_fallback_localization(request):
return get_next_url(request) or reverse('dashboards.localization')
def test_http(self):
"""Verify that protocol and domain get removed for http."""
r = self.r.post('/users/login',
{'next': 'http://su.mo.com/kb/new'})
eq_('/kb/new', get_next_url(r))
def test_query_string(self):
"""Query-strings remain intact."""
r = self.r.get('/', {'next': '/new?f=b'})
eq_('/new?f=b', get_next_url(r))
def test_good_host_https(self):
"""Full URLs work with valid hosts."""
r = self.r.post('/users/login',
{'next': 'https://su.mo.com/kb/new'})
eq_('https://su.mo.com/kb/new', get_next_url(r))
def logout(request):
"""Log the user out."""
auth.logout(request)
next_url = get_next_url(request) if 'next' in request.GET else ''
return HttpResponseRedirect(next_url or reverse('home'))
def locales(request, template):
"""The locale switcher page."""
return jingo.render(request, template, dict(
next_url=get_next_url(request) or reverse('home')))
def test_get(self):
"""'next' can be a query-string parameter."""
r = self.r.get('/users/login', {'next': '/kb/new'})
eq_('/kb/new', get_next_url(r))
def test_referer(self):
"""Use HTTP referer if nothing else."""
r = self.r.get('/')
r.META['HTTP_REFERER'] = 'http://su.mo.com/new'
eq_('http://su.mo.com/new', get_next_url(r))
def test_bad_host_https(self):
r = self.r.get('/', {'next': 'https://example.com'})
eq_(None, get_next_url(r))
def locales(request):
"""The locale switcher page."""
return jingo.render(request, 'sumo/locales.html', dict(
next_url=get_next_url(request) or reverse('home')))
def test_http(self):
"""Verify that protocol and domain get removed for http."""
r = self.r.post('/users/login', {'next': 'http://su.mo.com/kb/new'})
eq_('/kb/new', get_next_url(r))
def test_bad_host_protocol_relative(self):
"""Protocol-relative URLs do not let bad hosts through."""
r = self.r.get('/', {'next': '//example.com'})
eq_(None, get_next_url(r))
