def create_action(self, request, serializer):
client_id = request.POST.get('client_id', settings.FXA_CLIENT_ID)
secret = settings.FXA_SECRETS[client_id]
session = OAuth2Session(
client_id,
scope=u'profile',
state=serializer.data['state'])
auth_response = serializer.data['auth_response']
fxa_authorization = fxa_authorize(session, secret, auth_response)
if 'user' in fxa_authorization:
email = fxa_authorization['email']
fxa_uid = fxa_authorization['user']
profile, created = find_or_create_user(email, fxa_uid)
if created:
log_cef('New Account', 5, request, username=fxa_uid,
signature='AUTHNOTICE',
msg='User created a new account (from FxA)')
record_action('new-user', request)
auth.login(request, profile)
profile.update(last_login_ip=request.META.get('REMOTE_ADDR', ''))
auth.signals.user_logged_in.send(sender=profile.__class__,
request=request,
user=profile)
else:
raise AuthenticationFailed('No profile.')
request.user = profile
request.groups = profile.groups.all()
# Remember whether the user has logged in to highlight the register or
# sign in nav button. 31536000 == one year.
request.set_cookie('has_logged_in', '1', max_age=5 * 31536000)
# We want to return completely custom data, not the serializer's.
data = {
'error': None,
'token': commonplace_token(request.user.email),
'settings': {
'display_name': request.user.display_name,
'email': request.user.email,
'enable_recommendations': request.user.enable_recommendations,
'source': 'firefox-accounts',
}
}
# Serializers give up if they aren't passed an instance, so we
# do that here despite PermissionsSerializer not needing one
# really.
permissions = PermissionsSerializer(context={'request': request},
instance=True)
data.update(permissions.data)
# Add ids of installed/purchased/developed apps.
data['apps'] = user_relevant_apps(profile)
return data
def create_action(self, request, serializer):
with statsd.timer('auth.browserid.verify'):
profile, msg = browserid_authenticate(
request,
serializer.data['assertion'],
browserid_audience=serializer.data['audience']
or get_audience(request),
is_mobile=serializer.data['is_mobile'],
)
if profile is None:
# Authentication failure.
log.info('No profile: %s' % (msg or ''))
raise AuthenticationFailed('No profile.')
request.user = profile
request.groups = profile.groups.all()
auth.login(request, profile)
profile.log_login_attempt(True) # TODO: move this to the signal.
user_logged_in.send(sender=profile.__class__,
request=request,
user=profile)
# We want to return completely custom data, not the serializer's.
data = {
'error': None,
'token': commonplace_token(request.user.email),
'settings': {
'display_name': request.user.display_name,
'email': request.user.email,
'enable_recommendations': request.user.enable_recommendations,
}
}
# Serializers give up if they aren't passed an instance, so we
# do that here despite PermissionsSerializer not needing one
# really.
permissions = PermissionsSerializer(context={'request': request},
instance=True)
data.update(permissions.data)
# Add ids of installed/purchased/developed apps.
data['apps'] = user_relevant_apps(profile)
return data
def create_action(self, request, serializer):
session = get_fxa_session(state=serializer.data['state'])
try:
# Maybe this was a preverified login to migrate a user.
userid = Signer().unsign(serializer.data['state'])
except BadSignature:
userid = None
profile = _fxa_authorize(session, settings.FXA_CLIENT_SECRET, request,
serializer.data['auth_response'], userid)
if profile is None:
raise AuthenticationFailed('No profile.')
request.user = profile
request.groups = profile.groups.all()
# We want to return completely custom data, not the serializer's.
data = {
'error': None,
'token': commonplace_token(request.user.email),
'settings': {
'display_name': request.user.display_name,
'email': request.user.email,
'source': 'firefox-accounts',
}
}
# Serializers give up if they aren't passed an instance, so we
# do that here despite PermissionsSerializer not needing one
# really.
permissions = PermissionsSerializer(context={'request': request},
instance=True)
data.update(permissions.data)
# Add ids of installed/purchased/developed apps.
data['apps'] = user_relevant_apps(profile)
return data