def test_is_tmp_user_unauthenticated(self):
"""
Ensure unauthenticated users return False
"""
user1 = User.objects.create(username="")
user2 = AnonymousUser()
users = [user1, user2]
with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=True):
for user in users:
self.assertFalse(is_tmp_user(user))
with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=False):
for user in users:
self.assertFalse(is_tmp_user(user))
def test_is_tmp_user_temporary_user(self):
"""
Ensure users with temporary usernames return True
"""
user1 = User.objects.create(username="******")
user2 = User.objects.create(username="******")
users = [user1, user2]
with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=True):
for user in users:
self.assertTrue(is_tmp_user(user))
with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=False):
for user in users:
self.assertTrue(is_tmp_user(user))
def test_is_tmp_user_profile(self):
"""
Ensure users with verified Uniauth profiles return False
"""
user1 = User.objects.create(username="******")
user2 = User.objects.create(username="******")
users = [user1, user2]
with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=True):
for user in users:
self.assertFalse(is_tmp_user(user))
with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=False):
for user in users:
self.assertFalse(is_tmp_user(user))
def test_is_tmp_user_institution_account(self):
"""
Ensure users logged in via an Insitution Account return
True if standalone accounts aren't allowed, False otherwise
"""
user1 = User.objects.create(username="******")
user2 = User.objects.create(username="******")
users = [user1, user2]
with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=True):
for user in users:
self.assertFalse(is_tmp_user(user))
with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=False):
for user in users:
self.assertTrue(is_tmp_user(user))
def signup(request):
"""
Creates a new Uniauth profile with the provided
primary email address and password.
Prompts user to verify the email address before
profile is fully created.
"""
next_url = request.GET.get('next')
context = _get_global_context(request)
if not next_url:
next_url = get_redirect_url(request)
# If the user is already authenticated + has a Uniauth
# profile, proceed to next page
if request.user.is_authenticated and not is_tmp_user(request.user) \
and not is_unlinked_account(request.user):
return HttpResponseRedirect(next_url)
# If it's a POST request, attempt to validate the form
if request.method == "POST":
form = SignupForm(request.POST)
# Validation successful: setup temporary user
if form.is_valid():
form_email = form.cleaned_data['email']
user = request.user
# If the user is not already authenticated, create a User
if not user or not user.is_authenticated:
tmp_username = get_random_username()
user_model = get_user_model()
user = user_model.objects.create(username=tmp_username)
# Set user's password + create linked email
user.set_password(form.cleaned_data["password1"])
user.save()
email, _ = LinkedEmail.objects.get_or_create(
profile=user.uniauth_profile,
address=form_email,
is_verified=False)
# Send verification email + render waiting template
_send_verification_email(request, email.address, email)
return render(request, 'uniauth/verification-waiting.html', {
'email': email.address,
'is_signup': True
})
# Validation failed: render form errors
else:
context['form'] = form
return render(request, 'uniauth/signup.html', context)
# Otherwise, render a blank Signup form
else:
form = SignupForm()
context['form'] = form
return render(request, 'uniauth/signup.html', context)
def link_to_profile(request):
"""
If the user is a temporary one who was logged in via
an institution (not through a Uniauth profile), offers
them the choice between logging to an existing Uniauth
account or creating a new one.
The institution account is (eventually) linked to the
Uniauth profile the user logged into / created.
"""
next_url = request.GET.get('next')
context = _get_global_context(request)
if not next_url:
next_url = get_redirect_url(request)
params = urlencode({'next': next_url})
context['next_url'] = next_url
# If the user is not authenticated at all, redirect to login page
if not request.user.is_authenticated:
return HttpResponseRedirect(reverse('uniauth:login') + '?' + params)
# If the user is already authenticated + verified, proceed to next page
if not is_tmp_user(request.user) and not is_unlinked_account(request.user):
return HttpResponseRedirect(next_url)
# If the user is temporary, but was not logged in via an institution
# (e.g. created through Uniauth, but not verified), redirect to signup
if not is_unlinked_account(request.user):
return HttpResponseRedirect(reverse('uniauth:signup') + '?' + params)
# At this point, we've ensured the user is temporary and was
# logged in via an institution. We just need to handle the
# Login Form, if the user chooses to link to an existing account.
# If it's a POST request, attempt to validate the form
if request.method == "POST":
form = LoginForm(request, request.POST)
# Authentication successful
if form.is_valid():
unlinked_user = request.user
username_split = get_account_username_split(request.user.username)
# Log in as the authenticated Uniauth user
user = form.get_user()
auth_login(request, user)
# Merge the unlinked account into the logged in profile,
# then add the institution account described by the username
merge_model_instances(user, [unlinked_user])
_add_institution_account(user.profile, username_split[1],
username_split[2])
slug = username_split[1]
context['institution'] = Institution.objects.get(slug=slug)
return render(request, 'uniauth/link-success.html', context)
# Authentication failed: render form errors
else:
context['form'] = form
return render(request, 'uniauth/link-to-profile.html', context)
# Otherwise, render a blank Login form
else:
form = LoginForm(request)
context['form'] = form
return render(request, 'uniauth/link-to-profile.html', context)
