def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: request.session['auth_error'] = _( "You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account." ) else: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create(message=_( 'The new credentials are now associated with your account' )) return HttpResponseRedirect( reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except AuthKeyUserAssociation.DoesNotExist: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider return HttpResponseRedirect(reverse('auth_external_register'))
def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session["auth_error"] = e.message return HttpResponseRedirect(reverse("auth_signin")) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session["auth_error"] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: request.session["auth_error"] = _("You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session["auth_error"] = _( "These login credentials are already associated with your account." ) else: request.session["auth_error"] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create( message=_("The new credentials are now associated with your account") ) return HttpResponseRedirect(reverse("user_authsettings", args=[request.user.id])) return HttpResponseRedirect(reverse("auth_signin")) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except AuthKeyUserAssociation.DoesNotExist: request.session["assoc_key"] = assoc_key request.session["auth_provider"] = provider return HttpResponseRedirect(reverse("auth_external_register"))
def create_user(request): if request.method == 'POST' and request.POST['access_token'] == djsettings.BZ_QA_TOKEN: assoc_key = request.POST['url'] username = request.POST['name'] real_name = request.POST['name'] email = request.POST['email'] auth_provider = 'openidurl' user_ = User(username=username, email=email, real_name=real_name) user_.set_unusable_password() user_.email_isvalid = True user_.save() UserJoinsAction(user=user_, ip=request.META['REMOTE_ADDR']).save() uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() return HttpResponse('OK') else: raise Http404()
def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: request.session['auth_error'] = _("You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account.") else: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create( message=_('The new credentials are now associated with your account')) return HttpResponseRedirect(reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider from forum.authentication.drupal_auth_backend import DrupalAuthBackend open_id_user = DrupalAuthBackend.get_openid_user(assoc_key) if open_id_user: uassoc = AuthKeyUserAssociation(user=open_id_user, key=assoc_key, provider=provider) uassoc.save() return login_and_forward(request, open_id_user) else: # Cann't allow users to authenticate with openid credentials not used at p2pu.org. request.session['auth_error'] = _("Sorry, these openid login credentials were not found at p2pu.org. (%s)" % assoc_key)
def external_register(request): if request.method == 'POST' and 'bnewaccount' in request.POST: form1 = SimpleRegistrationForm(request.POST) if form1.is_valid(): user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email']) user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email'] user_.set_unusable_password() if User.objects.all().count() == 0: user_.is_superuser = True user_.is_staff = True user_.save() UserJoinsAction(user=user_, ip=request.META['REMOTE_ADDR']).save() try: assoc_key = request.session['assoc_key'] auth_provider = request.session['auth_provider'] except: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again. Note that you need to have cookies enabled for the authentication to work." ) logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() del request.session['assoc_key'] del request.session['auth_provider'] return login_and_forward(request, user_, message=_("A welcome email has been sent to your email address. ")) else: auth_provider = request.session.get('auth_provider', None) if not auth_provider: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again.") logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) provider_class = AUTH_PROVIDERS[auth_provider].consumer # Hack: Facebook auth expects an access token, not the assoc_key. identifier = request.session['assoc_key'] if auth_provider == 'facebook': identifier = request.session['access_token'] user_data = provider_class.get_user_data(identifier) if not user_data: user_data = request.session.get('auth_consumer_data', {}) username = user_data.get('username', '') email = user_data.get('email', '') if email: request.session['auth_validated_email'] = email form1 = SimpleRegistrationForm(initial={ 'next': '/', 'username': username, 'email': email, }) provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context return render_to_response('auth/complete.html', { 'form1': form1, 'provider':provider_context and mark_safe(provider_context.human_name) or _('unknown'), 'login_type':provider_context.id, 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request))
def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to another user. Please terminate your current session and try again." ) else: request.session['auth_error'] = _("You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account.") else: request.session['auth_error'] = _( "Sorry, these login credentials belong to another user. Please terminate your current session and try again." ) except: if provider_class.__class__.__name__ == 'FacebookAuthConsumer': user_data = provider_class.get_user_data(request.session['access_token'], 'username, email') else: user_data = provider_class.get_user_data(assoc_key) if not user_data: user_data = request.session.get('auth_consumer_data', {}) meta_data = user_data.get('username', '') uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider, meta=meta_data) uassoc.save() if request.user.email_isvalid == False: if 'email' in user_data: if user_data.get('email', '') == request.user.email: request.user.email_isvalid = True request.user.save() messages.add_message(request, messages.SUCCESS, _('The new credentials are now associated with your account')) return HttpResponseRedirect(reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except AuthKeyUserAssociation.DoesNotExist: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider return HttpResponseRedirect(reverse('auth_external_register'))
def external_register(request): if request.method == 'POST' and 'bnewaccount' in request.POST: form1 = SimpleRegistrationForm(request.POST) if form1.is_valid(): user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email']) user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email'] user_.set_unusable_password() if User.objects.all().count() == 0: user_.is_superuser = True user_.is_staff = True user_.save() UserJoinsAction(user=user_, ip=request.META['REMOTE_ADDR']).save() try: assoc_key = request.session['assoc_key'] auth_provider = request.session['auth_provider'] except: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again. Note that you need to have cookies enabled for the authentication to work." ) logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() del request.session['assoc_key'] del request.session['auth_provider'] return login_and_forward(request, user_, message=_("A welcome email has been sent to your email address. ")) else: auth_provider = request.session.get('auth_provider', None) if not auth_provider: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again.") logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) provider_class = AUTH_PROVIDERS[auth_provider].consumer user_data = provider_class.get_user_data(request.session['assoc_key']) if not user_data: user_data = request.session.get('auth_consumer_data', {}) username = user_data.get('username', '') email = user_data.get('email', '') if email: request.session['auth_validated_email'] = email form1 = SimpleRegistrationForm(initial={ 'next': '/', 'username': username, 'email': email, }) provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context return render_to_response('auth/complete.html', { 'form1': form1, 'provider':provider_context and mark_safe(provider_context.human_name) or _('unknown'), 'login_type':provider_context.id, 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request))
def external_register(request): if request.method == 'POST' and 'bnewaccount' in request.POST: form1 = SimpleRegistrationForm(request.POST) email_feeds_form = SimpleEmailSubscribeForm(request.POST) if (form1.is_valid() and email_feeds_form.is_valid()): user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email']) user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email'] user_.set_unusable_password() if User.objects.all().count() == 0: user_.is_superuser = True user_.save() if not user_.email_isvalid: send_validation_email(user_) try: assoc_key = request.session['assoc_key'] auth_provider = request.session['auth_provider'] except: request.session['auth_error'] = _("Oops, something went wrong in the middle of this process. Please try again.") return HttpResponseRedirect(request.session.get('on_signin_url', reverse('auth_signin'))) uassoc = AuthKeyUserAssociation(user=user_, key=request.session['assoc_key'], provider=request.session['auth_provider']) uassoc.save() if email_feeds_form.cleaned_data['subscribe'] == 'n': user_.subscription_settings.enable_notifications = False user_.subscription_settings.save() del request.session['assoc_key'] del request.session['auth_provider'] if user_.email_isvalid: return login_and_forward(request, user_) else: return HttpResponseRedirect(reverse('index')) else: provider_class = AUTH_PROVIDERS[request.session['auth_provider']].consumer user_data = provider_class.get_user_data(request.session['assoc_key']) username = user_data.get('username', '') email = user_data.get('email', '') if not email: email = request.session.get('auth_email_request', '') if email: request.session['auth_validated_email'] = email form1 = SimpleRegistrationForm(initial={ 'next': '/', 'username': username, 'email': email, }) email_feeds_form = SimpleEmailSubscribeForm() provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context return render_to_response('auth/complete.html', { 'form1': form1, 'email_feeds_form': email_feeds_form, 'provider':mark_safe(provider_context.human_name), 'login_type':provider_context.id, 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request))
def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: request.session['auth_error'] = _( "You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account." ) else: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create(message=_( 'The new credentials are now associated with your account' )) return HttpResponseRedirect( reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider try: # update the key of AuthKeyUserAssociation if the user(email) already # exists user_data = provider_class.get_user_data(assoc_key) if not user_data: user_data = request.session.get('auth_consumer_data', {}) email = user_data.get('email', '') if email: user_ = User.objects.get(email=email) if user_: assoc = AuthKeyUserAssociation.objects.get( user=user_.id) if assoc: # update the key of AuthKeyUserAssociation # old assoc does not work when domain or secret key changed assoc.key = assoc_key assoc.save() return login_and_forward(request, user_) except: pass return HttpResponseRedirect(reverse('auth_external_register'))
def external_register(request): if request.method == "POST" and "bnewaccount" in request.POST: form1 = SimpleRegistrationForm(request.POST) if form1.is_valid(): user_ = User( username=form1.cleaned_data["username"], email=form1.cleaned_data["email"], real_name=form1.cleaned_data["real_name"], ) user_.email_isvalid = request.session.get("auth_validated_email", "") == form1.cleaned_data["email"] user_.set_unusable_password() if User.objects.all().count() == 0: user_.is_superuser = True user_.is_staff = True user_.save() UserJoinsAction(user=user_, ip=request.META["REMOTE_ADDR"]).save() try: assoc_key = request.session["assoc_key"] auth_provider = request.session["auth_provider"] except: request.session["auth_error"] = _( "Oops, something went wrong in the middle of this process. Please try again. Note that you need to have cookies enabled for the authentication to work." ) logging.error( "Missing session data when trying to complete user registration: %s" % ", ".join(["%s: %s" % (k, v) for k, v in request.META.items()]) ) return HttpResponseRedirect(reverse("auth_signin")) uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() del request.session["assoc_key"] del request.session["auth_provider"] return login_and_forward(request, user_, message=_("A welcome email has been sent to your email address. ")) else: auth_provider = request.session.get("auth_provider", None) if not auth_provider: request.session["auth_error"] = _( "Oops, something went wrong in the middle of this process. Please try again." ) logging.error( "Missing session data when trying to complete user registration: %s" % ", ".join(["%s: %s" % (k, v) for k, v in request.META.items()]) ) return HttpResponseRedirect(reverse("auth_signin")) provider_class = AUTH_PROVIDERS[auth_provider].consumer if provider_class.__class__.__name__ == "FacebookAuthConsumer": user_data = provider_class.get_user_data(request.session["access_token"]) else: user_data = provider_class.get_user_data(request.session["assoc_key"]) if not user_data: user_data = request.session.get("auth_consumer_data", {}) username = user_data.get("username", "") email = user_data.get("email", "") real_name = user_data.get("real_name", "") if email: request.session["auth_validated_email"] = email form1 = SimpleRegistrationForm( initial={"next": "/", "username": username, "email": email, "real_name": real_name} ) provider_context = AUTH_PROVIDERS[request.session["auth_provider"]].context return render_to_response( "auth/complete.html", { "form1": form1, "provider": provider_context and mark_safe(provider_context.human_name) or _("unknown"), "login_type": provider_context.id, "gravatar_faq_url": reverse("faq") + "#gravatar", }, context_instance=RequestContext(request), )
def external_register(request): if request.method == 'POST' and 'bnewaccount' in request.POST: form1 = SimpleRegistrationForm(request.POST) if form1.is_valid(): message= u'' try: user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email'], real_name=form1.cleaned_data.get('real_name', '')) user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email'] user_.set_unusable_password() if User.objects.all().count() == 0: user_.is_superuser = True user_.is_staff = True assoc_key = request.session['assoc_key'] auth_provider = request.session['auth_provider'] user_.save() UserJoinsAction(user=user_, ip=request.META['REMOTE_ADDR']).save() if user_.email_isvalid: EmailValidationAction(user=user_, ip=request.META['REMOTE_ADDR']).save() message += _(u"A welcome email has been sent to Your email address.") else: message += _(u"A welcome email has been sent to You.<br />Remember to validate Your email address to be able to fully participate in %s community." % settings.APP_TITLE) uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() logging.info(u"User %s joined via %s" % (user_.username, auth_provider)) except: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again. Note that you need to have cookies enabled for the authentication to work." ) logging.exception("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) _cleanup_after_external_signin(request) return login_and_forward(request, user_, message=message) else: logging.info("Form not validated in external_register %s", str(form1.errors)) else: auth_provider = request.session.get('auth_provider', None) if not auth_provider: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again.") logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) provider_class = AUTH_PROVIDERS[auth_provider].consumer if provider_class.__class__.__name__ == 'FacebookAuthConsumer' or provider_class.__class__.__name__ == 'GoogleAuthConsumer': user_data = provider_class.get_user_data(request.session['access_token']) else: user_data = provider_class.get_user_data(request.session['assoc_key']) if not user_data: user_data = request.session.get('auth_consumer_data', {}) username = user_data.get('username', '') email = user_data.get('email', '') real_name = user_data.get('real_name', '') if email: try: old_user = User.objects.get(email=email) message=_("Welcome back %s! You can now login via %s.") % (old_user.username, auth_provider.capitalize()) if not old_user.email_isvalid: message += _("<br />Since this email was not previously validated we cleared your password.<br />Set new one to be able to login with it") old_user.set_unusable_password() old_user.email_isvalid = True old_user.save() logging.warning("Clearing password for user %s with unvalidated email after signing with %s" % (old_user.username, auth_provider)) EmailValidationAction(user=old_user, ip=request.META['REMOTE_ADDR']).save() uassoc = AuthKeyUserAssociation(user=old_user, key=request.session['assoc_key'], provider=auth_provider) uassoc.save() logging.info(u"User %s added %s sign in provider" % (old_user.username, auth_provider)) _cleanup_after_external_signin(request) return login_and_forward(request, old_user, message=mark_safe(message)) except: pass request.session['auth_validated_email'] = email form1 = SimpleRegistrationForm(initial={ 'next': '/', 'username': username, 'email': email, 'real_name': real_name, }) provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context return render_to_response('auth/complete.html', { 'form1': form1, 'provider':provider_context and mark_safe(provider_context.human_name) or _('unknown'), 'login_type':provider_context.id, 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request))
def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: request.session['auth_error'] = _( "You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account." ) else: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create(message=_( 'The new credentials are now associated with your account' )) return HttpResponseRedirect( reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider from forum.authentication.drupal_auth_backend import DrupalAuthBackend open_id_user = DrupalAuthBackend.get_openid_user(assoc_key) if open_id_user: uassoc = AuthKeyUserAssociation(user=open_id_user, key=assoc_key, provider=provider) uassoc.save() return login_and_forward(request, open_id_user) else: # Cann't allow users to authenticate with openid credentials not used at p2pu.org. request.session['auth_error'] = _( "Sorry, these openid login credentials were not found at p2pu.org. (%s)" % assoc_key)
def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: request.session['auth_error'] = _("You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account.") else: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create( message=_('The new credentials are now associated with your account')) return HttpResponseRedirect(reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider try: # update the key of AuthKeyUserAssociation if the user(email) already # exists user_data = provider_class.get_user_data(assoc_key) if not user_data: user_data = request.session.get('auth_consumer_data', {}) email = user_data.get('email', '') if email: user_ = User.objects.get(email=email) if user_: assoc = AuthKeyUserAssociation.objects.get(user=user_.id) if assoc: # update the key of AuthKeyUserAssociation # old assoc does not work when domain or secret key changed assoc.key = assoc_key assoc.save() return login_and_forward(request, user_) except: pass return HttpResponseRedirect(reverse('auth_external_register'))
def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: nonce = request.REQUEST.get('nonce', '') path = request.REQUEST.get('path', '') if nonce != '': # Got sent nonce from redirect, check it assoc_key = User.objects.get(redirect_nonce=nonce) else: assoc_key = provider_class.process_authentication_request(request) # Clear nonce if isinstance(assoc_key, (type, User)) and assoc_key.redirect_nonce != '': assoc_key.redirect_nonce = '' assoc_key.save() except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: if nonce != '': if path == '' or path == '/account/signin/' or re.match('/account/.*/signin/', path): # /account/signin/ to prevent redirect loop return HttpResponseRedirect(reverse('index')) else: return HttpResponseRedirect(path) request.session['auth_error'] = _("You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account.") else: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create( message=_('The new credentials are now associated with your account')) return HttpResponseRedirect(reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin') + '?' + urlencode({'path': full_path})) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except AuthKeyUserAssociation.DoesNotExist: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider return HttpResponseRedirect(reverse('auth_external_register'))
def external_register(request): if request.method == 'POST' and 'bnewaccount' in request.POST: form1 = SimpleRegistrationForm(request.POST) if form1.is_valid(): user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email']) user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email'] user_.set_unusable_password() if User.objects.all().count() == 0: user_.is_superuser = True user_.is_staff = True user_.save() try: assoc_key = request.session['assoc_key'] auth_provider = request.session['auth_provider'] if auth_provider == "weibo": token = ast.literal_eval(assoc_key) assoc_key = token["access_token"] weibo_uid = token["uid"] weibo_remind_in = token["remind_in"] weibo_expires_at = token["expires_at"] except: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again. Note that you need to have cookies enabled for the authentication to work." ) logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) if auth_provider == "weibo": uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider,weibo_uid=weibo_uid,weibo_remind_in=weibo_remind_in,weibo_expires_at=weibo_expires_at) else: uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() UserJoinsAction(user=user_, ip=request.META['REMOTE_ADDR']).save() del request.session['assoc_key'] del request.session['auth_provider'] return login_and_forward(request, user_, message=_("A welcome email has been sent to your email address. ")) else: auth_provider = request.session.get('auth_provider', None) if not auth_provider: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again.") logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) if auth_provider == 'weibo': assoc_key = request.session['assoc_key'] token = ast.literal_eval(assoc_key) client = weibo_client(str(settings.WEIBO_API_KEY), str(settings.WEIBO_API_SECRET),urlparse.urljoin(settings.APP_URL,'/weibo/signin/check'),token) user=client.get('users/show', uid=token["uid"]) username = user["name"] email = None provider_context = None else: # weibo user register provider_class = AUTH_PROVIDERS[auth_provider].consumer user_data = provider_class.get_user_data(request.session['assoc_key']) if not user_data: user_data = request.session.get('auth_consumer_data', {}) username = user_data.get('username', '') email = user_data.get('email', '') provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context if email: request.session['auth_validated_email'] = email form1 = SimpleRegistrationForm(initial={ 'next': '/', 'username': username, 'email': email, }) return render_to_response('auth/complete.html', { 'form1': form1, #'provider':provider_context and mark_safe(provider_context.human_name) or _('unknown'), #'login_type':provider_context.id, 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request))