def clean_email(self): value = self.cleaned_data["email"] if UNIQUE_EMAIL or EMAIL_AUTHENTICATION: if value and get_email_address(value): raise forms.ValidationError \ (_("A user is registered with this e-mail address.")) return value
def _process_signup(request, data, account): # If email is specified, check for duplicate and if so, no auto signup. auto_signup = app_settings.AUTO_SIGNUP email = data.get("email") if auto_signup: # Let's check if auto_signup is really possible... if email: if account_settings.UNIQUE_EMAIL: email_address = get_email_address(email) if email_address: # Oops, another user already has this address. We # cannot simply connect this social account to the # existing user. Reason is that the email adress may # not be verified, meaning, the user may be a hacker # that has added your email address to his account in # the hope that you fall in his trap. We cannot check # on 'email_address.verified' either, because # 'email_address' is not guaranteed to be verified. auto_signup = False # FIXME: We redirect to signup form -- user will # see email address conflict only after posting # whereas we detected it here already. elif account_settings.EMAIL_REQUIRED: # Nope, email is required and we don't have it yet... auto_signup = False if not auto_signup: request.session["socialaccount_signup"] = dict(data=data, account=account) ret = HttpResponseRedirect(reverse("socialaccount_signup")) else: # FIXME: There is some duplication of logic inhere # (create user, send email, in active etc..) username = generate_unique_username(data.get("username", email or "user")) u = User( username=username, email=email or "", last_name=data.get("last_name", ""), first_name=data.get("first_name", ""), ) u.set_unusable_password() u.is_active = not account_settings.EMAIL_VERIFICATION u.save() account.user = u account.save() send_email_confirmation(u, request=request) ret = complete_signup(request, u, get_login_redirect_url(request)) return ret
def _process_signup(request, data, account): # If email is specified, check for duplicate and if so, no auto signup. auto_signup = app_settings.AUTO_SIGNUP email = data.get('email') if auto_signup: # Let's check if auto_signup is really possible... if email: if account_settings.UNIQUE_EMAIL: email_address = get_email_address(email) if email_address: # Oops, another user already has this address. We # cannot simply connect this social account to the # existing user. Reason is that the email adress may # not be verified, meaning, the user may be a hacker # that has added your email address to his account in # the hope that you fall in his trap. We cannot check # on 'email_address.verified' either, because # 'email_address' is not guaranteed to be verified. auto_signup = False # FIXME: We redirect to signup form -- user will # see email address conflict only after posting # whereas we detected it here already. elif account_settings.EMAIL_REQUIRED: # Nope, email is required and we don't have it yet... auto_signup = False if not auto_signup: request.session['socialaccount_signup'] = dict(data=data, account=account) ret = HttpResponseRedirect(reverse('socialaccount_signup')) else: # FIXME: There is some duplication of logic inhere # (create user, send email, in active etc..) username = generate_unique_username \ (data.get('username', email or 'user')) u = User(username=username, email=email or '', last_name=data.get('last_name', ''), first_name=data.get('first_name', '')) u.set_unusable_password() u.is_active = not account_settings.EMAIL_VERIFICATION u.save() account.user = u account.save() send_email_confirmation(u, request=request) ret = complete_social_signup(request, u, account) return ret