def do_complete(strategy, login, user=None, redirect_name='next', *args, **kwargs): # pop redirect value before the session is trashed on login() data = strategy.request_data() redirect_value = strategy.session_get(redirect_name, '') or \ data.get(redirect_name, '') is_authenticated = user_is_authenticated(user) user = is_authenticated and user or None partial = partial_pipeline_data(strategy, user, *args, **kwargs) if partial: xargs, xkwargs = partial user = strategy.continue_pipeline(*xargs, **xkwargs) else: user = strategy.complete(user=user, request=strategy.request, *args, **kwargs) if user and not isinstance(user, strategy.storage.user.user_model()): return user if is_authenticated: if not user: url = setting_url(strategy, redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(strategy, redirect_value, 'NEW_ASSOCIATION_REDIRECT_URL', 'LOGIN_REDIRECT_URL') elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, 'is_new', False) social_user = user.social_user login(strategy, user, social_user) # store last login backend name in session strategy.session_set('social_auth_last_login_backend', social_user.provider) if is_new: url = setting_url(strategy, redirect_value, 'NEW_USER_REDIRECT_URL', 'LOGIN_REDIRECT_URL') else: url = setting_url(strategy, redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(strategy, 'INACTIVE_USER_URL', 'LOGIN_ERROR_URL', 'LOGIN_URL') else: url = setting_url(strategy, 'LOGIN_ERROR_URL', 'LOGIN_URL') if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + \ '{0}={1}'.format(redirect_name, redirect_value) if strategy.setting('SANITIZE_REDIRECTS', True): url = sanitize_redirect(strategy.request_host(), url) or \ strategy.setting('LOGIN_REDIRECT_URL') return strategy.redirect(url)
def do_complete(strategy, login, user=None, redirect_name="next", *args, **kwargs): # pop redirect value before the session is trashed on login() data = strategy.request_data() redirect_value = strategy.session_get(redirect_name, "") or data.get(redirect_name, "") is_authenticated = user_is_authenticated(user) user = is_authenticated and user or None default_redirect = strategy.setting("LOGIN_REDIRECT_URL") url = default_redirect login_error_url = strategy.setting("LOGIN_ERROR_URL") or strategy.setting("LOGIN_URL") partial = partial_pipeline_data(strategy, user, *args, **kwargs) if partial is not None: idx, backend, xargs, xkwargs = partial if backend == strategy.backend.name: user = strategy.continue_pipeline(pipeline_index=idx, *xargs, **xkwargs) else: strategy.clean_partial_pipeline() user = strategy.complete(user=user, request=strategy.request, *args, **kwargs) else: user = strategy.complete(user=user, request=strategy.request, *args, **kwargs) if user and not isinstance(user, strategy.storage.user.user_model()): return user if is_authenticated: if not user: url = redirect_value or default_redirect else: url = redirect_value or strategy.setting("NEW_ASSOCIATION_REDIRECT_URL") or default_redirect elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, "is_new", False) social_user = user.social_user login(strategy, user) # store last login backend name in session strategy.session_set("social_auth_last_login_backend", social_user.provider) # Remove possible redirect URL from session, if this is a new # account, send him to the new-users-page if defined. new_user_redirect = strategy.setting("NEW_USER_REDIRECT_URL") if new_user_redirect and is_new: url = new_user_redirect else: url = redirect_value or default_redirect else: url = strategy.setting("INACTIVE_USER_URL", login_error_url) else: url = login_error_url if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ("?" in url and "&" or "?") + "{0}={1}".format(redirect_name, redirect_value) if strategy.setting("SANITIZE_REDIRECTS", True): url = sanitize_redirect(strategy.request_host(), url) or strategy.setting("LOGIN_REDIRECT_URL") return strategy.redirect(url)
def finish_complete(backend, login, user, is_authenticated, data, redirect_name='next', *args, **kwargs): # pop redirect value before the session is trashed on login(), but after # the pipeline so that the pipeline can change the redirect if needed redirect_value = backend.strategy.session_get(redirect_name, '') or \ data.get(redirect_name, '') user_model = backend.strategy.storage.user.user_model() if user and not isinstance(user, user_model): return user if is_authenticated: if not user: url = setting_url(backend, redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, redirect_value, 'NEW_ASSOCIATION_REDIRECT_URL', 'LOGIN_REDIRECT_URL') elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, 'is_new', False) social_user = user.social_user login(backend, user, social_user) # store last login backend name in session backend.strategy.session_set('social_auth_last_login_backend', social_user.provider) if is_new: url = setting_url(backend, 'NEW_USER_REDIRECT_URL', redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, redirect_value, 'LOGIN_REDIRECT_URL') else: if backend.setting('INACTIVE_USER_LOGIN', False): social_user = user.social_user login(backend, user, social_user) url = setting_url(backend, 'INACTIVE_USER_URL', 'LOGIN_ERROR_URL', 'LOGIN_URL') else: url = setting_url(backend, 'LOGIN_ERROR_URL', 'LOGIN_URL') if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + \ '{0}={1}'.format(redirect_name, redirect_value) if backend.setting('SANITIZE_REDIRECTS', True): allowed_hosts = backend.setting('ALLOWED_REDIRECT_HOSTS', []) + \ [backend.strategy.request_host()] url = sanitize_redirect(allowed_hosts, url) or \ backend.setting('LOGIN_REDIRECT_URL') return backend.strategy.redirect(url)
def do_complete(backend, login, user=None, redirect_name="next", *args, **kwargs): # pop redirect value before the session is trashed on login() data = backend.strategy.request_data() redirect_value = backend.strategy.session_get(redirect_name, "") or data.get(redirect_name, "") is_authenticated = user_is_authenticated(user) user = is_authenticated and user or None partial = partial_pipeline_data(backend, user, *args, **kwargs) if partial: xargs, xkwargs = partial user = backend.continue_pipeline(*xargs, **xkwargs) else: user = backend.complete(user=user, *args, **kwargs) user_model = backend.strategy.storage.user.user_model() if user and not isinstance(user, user_model): return user if is_authenticated: if not user: url = setting_url(backend, redirect_value, "LOGIN_REDIRECT_URL") else: url = setting_url(backend, redirect_value, "NEW_ASSOCIATION_REDIRECT_URL", "LOGIN_REDIRECT_URL") elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, "is_new", False) social_user = user.social_user login(backend, user, social_user) # store last login backend name in session backend.strategy.session_set("social_auth_last_login_backend", social_user.provider) if is_new: url = setting_url(backend, "NEW_USER_REDIRECT_URL", redirect_value, "LOGIN_REDIRECT_URL") else: url = setting_url(backend, redirect_value, "LOGIN_REDIRECT_URL") else: url = setting_url(backend, "INACTIVE_USER_URL", "LOGIN_ERROR_URL", "LOGIN_URL") else: url = setting_url(backend, "LOGIN_ERROR_URL", "LOGIN_URL") if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ("?" in url and "&" or "?") + "{0}={1}".format(redirect_name, redirect_value) if backend.setting("SANITIZE_REDIRECTS", True): url = sanitize_redirect(backend.strategy.request_host(), url) or backend.setting("LOGIN_REDIRECT_URL") return backend.strategy.redirect(url)
def test_user_has_is_active_callable(self): class User(object): def is_active(self): return True expect(user_is_active(User())).to.equal(True)
def test_user_is_not_none(self): expect(user_is_active(object())).to.equal(True)
def test_user_has_is_active(self): class User(object): is_active = True self.assertEqual(user_is_active(User()), True)
def test_user_is_none(self): self.assertEqual(user_is_active(None), False)
def do_complete(strategy, login, user=None, redirect_name='next', *args, **kwargs): # pop redirect value before the session is trashed on login() data = strategy.request_data() redirect_value = strategy.session_get(redirect_name, '') or \ data.get(redirect_name, '') is_authenticated = user_is_authenticated(user) user = is_authenticated and user or None default_redirect = strategy.setting('LOGIN_REDIRECT_URL') url = default_redirect login_error_url = strategy.setting('LOGIN_ERROR_URL') or \ strategy.setting('LOGIN_URL') partial = strategy.session_get('partial_pipeline', None) if partial is not None: idx, backend, xargs, xkwargs = strategy.from_session(partial) if backend == strategy.backend_name: kwargs = kwargs.copy() kwargs.setdefault('user', user) kwargs.update(xkwargs) user = strategy.continue_pipeline(pipeline_index=idx, *xargs, **xkwargs) else: strategy.clean_partial_pipeline() user = strategy.complete(user=user, request=strategy.request, *args, **kwargs) else: user = strategy.complete(user=user, request=strategy.request, *args, **kwargs) if user and not isinstance(user, strategy.storage.user.user_model()): return user if is_authenticated: if not user: url = redirect_value or default_redirect else: url = redirect_value or \ strategy.setting('NEW_ASSOCIATION_REDIRECT_URL') or \ default_redirect elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, 'is_new', False) social_user = user.social_user login(strategy, user) # store last login backend name in session strategy.session_set('social_auth_last_login_backend', social_user.provider) # Remove possible redirect URL from session, if this is a new # account, send him to the new-users-page if defined. new_user_redirect = strategy.setting('NEW_USER_REDIRECT_URL') if new_user_redirect and is_new: url = new_user_redirect else: url = redirect_value or default_redirect else: url = strategy.setting('INACTIVE_USER_URL', login_error_url) else: url = login_error_url if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + \ '{0}={1}'.format(redirect_name, redirect_value) return strategy.redirect(url)
def test_user_is_none(self): expect(user_is_active(None)).to.equal(False)
def _complete(self, backend, *args, **kwargs): strategy = self.strategy # pop redirect value before the session is trashed on login() redirect_value = self.session.get('next', '') or \ self.data.get('next', '') url = strategy.setting('LOGIN_REDIRECT_URL') user = self.get_current_user() is_authenticated = user_is_authenticated(user) if not is_authenticated: user = None if self.session.get('partial_pipeline'): data = self.session.pop('partial_pipeline') kwargs = kwargs.copy() kwargs.setdefault('user', user) idx, xargs, xkwargs = strategy.from_session(data, request=web.ctx, *args, **kwargs) if xkwargs.get('backend', '') == backend: user = strategy.continue_pipeline(pipeline_index=idx, *xargs, **xkwargs) else: strategy.clean_partial_pipeline() user = strategy.complete(user=user, request=web.ctx, *args, **kwargs) else: user = strategy.complete(user=user, request=web.ctx, *args, **kwargs) if isinstance(user, web.Storage): return user if is_authenticated: if not user: url = redirect_value or strategy.setting('LOGIN_REDIRECT_URL') else: url = redirect_value or \ strategy.setting('NEW_ASSOCIATION_REDIRECT_URL') or \ strategy.setting('LOGIN_REDIRECT_URL') elif user: if user_is_active(user): # catch is_new flag before login() resets the instance is_new = getattr(user, 'is_new', False) self.login_user(user) # user.social_user is the used UserSocialAuth instance defined # in authenticate process social_user = user.social_user # store last login backend name in session self.session['social_auth_last_login_backend'] = \ social_user.provider # Remove possible redirect URL from session, if this is a new # account, send him to the new-users-page if defined. new_user_redirect = strategy.setting('NEW_USER_REDIRECT_URL') if new_user_redirect and is_new: url = new_user_redirect else: url = redirect_value or \ strategy.setting('LOGIN_REDIRECT_URL') else: url = strategy.setting('INACTIVE_USER_URL') or \ strategy.setting('LOGIN_ERROR_URL') or \ strategy.setting('LOGIN_URL') else: url = strategy.setting('LOGIN_ERROR_URL') or \ strategy.setting('LOGIN_URL') if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + \ '%s=%s' % ('next', redirect_value) return web.seeother(url)
def post(self, request, *args, **kwargs): # request.POST bodge # The backend tries to get data from either request.POST # or request.GET. These are empty though as DRF uses # request.DATA. We need to assing request.POST. request.POST = request.DATA serializer = self.get_serializer(data=request.DATA) if not serializer.is_valid(): return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) backend = serializer.data['backend'] uri = reverse('auth:complete', args=(backend, )) strategy = load_strategy(request=request) try: backend = load_backend(strategy, backend, uri) except MissingBackend: raise Http404('Backend not found') data = backend.strategy.request_data() user = request.user is_authenticated = user_is_authenticated(user) user = is_authenticated and user or None partial = partial_pipeline_data(backend, user, *args, **kwargs) if partial: xargs, xkwargs = partial user = backend.continue_pipeline(*xargs, **xkwargs) else: user = backend.complete(user=user, *args, **kwargs) # pop redirect value before the session is trashed on login(), but after # the pipeline so that the pipeline can change the redirect if needed redirect_value = backend.strategy.session_get( REDIRECT_FIELD_NAME, '') or data.get(REDIRECT_FIELD_NAME, '') user_model = backend.strategy.storage.user.user_model() if user and not isinstance(user, user_model): return user if is_authenticated: if not user: url = setting_url(backend, redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, redirect_value, 'NEW_ASSOCIATION_REDIRECT_URL', 'LOGIN_REDIRECT_URL') elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, 'is_new', False) if is_new: url = setting_url(backend, 'NEW_USER_REDIRECT_URL', redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, 'INACTIVE_USER_URL', 'LOGIN_ERROR_URL', 'LOGIN_URL') return Response( { 'status': 'Unauthorized', 'message': 'The user account is disabled.', 'redirect_url': url }, status=status.HTTP_401_UNAUTHORIZED) else: url = setting_url(backend, 'LOGIN_ERROR_URL', 'LOGIN_URL') if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + '{0}={1}'.format( REDIRECT_FIELD_NAME, redirect_value) if backend.setting('SANITIZE_REDIRECTS', True): url = sanitize_redirect( backend.strategy.request_host(), url) or backend.setting('LOGIN_REDIRECT_URL') # Get the JWT payload for the user. payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) return Response({'token': token, 'redirect_url': url})
def post(self, request, *args, **kwargs): # request.POST bodge # The backend tries to get data from either request.POST # or request.GET. These are empty though as DRF uses # request.DATA. We need to assing request.POST. request._request.POST = request._request.POST.copy() for key, value in request.data.items(): request._request.POST[key] = value serializer = self.get_serializer(data=request.data) if not serializer.is_valid(): return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) backend = serializer.data['backend'] uri = reverse('auth:complete', args=(backend,)) strategy = load_strategy(request=request._request) try: backend = load_backend(strategy, backend, uri) except MissingBackend: raise Http404('Backend not found') data = backend.strategy.request_data() user = request.user is_authenticated = user_is_authenticated(user) user = is_authenticated and user or None partial = partial_pipeline_data(backend, user, *args, **kwargs) if partial: xargs, xkwargs = partial user = backend.continue_pipeline(*xargs, **xkwargs) else: user = backend.complete(user=user, *args, **kwargs) # pop redirect value before the session is trashed on login(), but after # the pipeline so that the pipeline can change the redirect if needed redirect_value = backend.strategy.session_get(REDIRECT_FIELD_NAME, '') or data.get(REDIRECT_FIELD_NAME, '') user_model = backend.strategy.storage.user.user_model() if user and not isinstance(user, user_model): return user if is_authenticated: if not user: url = setting_url(backend, redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, redirect_value, 'NEW_ASSOCIATION_REDIRECT_URL', 'LOGIN_REDIRECT_URL') elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, 'is_new', False) if is_new: url = setting_url(backend, 'NEW_USER_REDIRECT_URL', redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, 'INACTIVE_USER_URL', 'LOGIN_ERROR_URL', 'LOGIN_URL') return Response({ 'status': 'Unauthorized', 'message': 'The user account is disabled.', 'redirect_url': url }, status=status.HTTP_401_UNAUTHORIZED) else: url = setting_url(backend, 'LOGIN_ERROR_URL', 'LOGIN_URL') if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + '{0}={1}'.format(REDIRECT_FIELD_NAME, redirect_value) if backend.setting('SANITIZE_REDIRECTS', True): url = sanitize_redirect(backend.strategy.request_host(), url) or backend.setting('LOGIN_REDIRECT_URL') # Get the JWT payload for the user. payload = jwt_payload_handler(user) token = jwt_encode_handler(payload) return Response({ 'token': token, 'redirect_url': url })
def do_complete(backend, login, user=None, redirect_name='next', *args, **kwargs): data = backend.strategy.request_data() is_authenticated = user_is_authenticated(user) user = is_authenticated and user or None partial = partial_pipeline_data(backend, user, *args, **kwargs) if partial: xargs, xkwargs = partial user = backend.continue_pipeline(*xargs, **xkwargs) else: user = backend.complete(user=user, *args, **kwargs) # pop redirect value before the session is trashed on login(), but after # the pipeline so that the pipeline can change the redirect if needed redirect_value = backend.strategy.session_get(redirect_name, '') or \ data.get(redirect_name, '') user_model = backend.strategy.storage.user.user_model() if user and not isinstance(user, user_model): return user if is_authenticated: if not user: url = setting_url(backend, redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, redirect_value, 'NEW_ASSOCIATION_REDIRECT_URL', 'LOGIN_REDIRECT_URL') elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, 'is_new', False) social_user = user.social_user login(backend, user, social_user) # store last login backend name in session backend.strategy.session_set('social_auth_last_login_backend', social_user.provider) if is_new: url = setting_url(backend, 'NEW_USER_REDIRECT_URL', redirect_value, 'LOGIN_REDIRECT_URL') else: url = setting_url(backend, redirect_value, 'LOGIN_REDIRECT_URL') else: if backend.setting('INACTIVE_USER_LOGIN', False): social_user = user.social_user login(backend, user, social_user) url = setting_url(backend, 'INACTIVE_USER_URL', 'LOGIN_ERROR_URL', 'LOGIN_URL') else: url = setting_url(backend, 'LOGIN_ERROR_URL', 'LOGIN_URL') if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + \ '{0}={1}'.format(redirect_name, redirect_value) if backend.setting('SANITIZE_REDIRECTS', True): allowed_hosts = backend.setting('ALLOWED_REDIRECT_HOSTS', []) + \ [backend.strategy.request_host()] url = sanitize_redirect(allowed_hosts, url) or \ backend.setting('LOGIN_REDIRECT_URL') return backend.strategy.redirect(url)
def do_complete(strategy, login, user=None, redirect_name='next', *args, **kwargs): # pop redirect value before the session is trashed on login() data = strategy.request_data() redirect_value = strategy.session_get(redirect_name, '') or \ data.get(redirect_name, '') is_authenticated = user_is_authenticated(user) user = is_authenticated and user or None default_redirect = strategy.setting('LOGIN_REDIRECT_URL') url = default_redirect login_error_url = strategy.setting('LOGIN_ERROR_URL') or \ strategy.setting('LOGIN_URL') partial = strategy.session_get('partial_pipeline', None) if partial is not None: idx, backend, xargs, xkwargs = strategy.from_session(partial) if backend == strategy.backend_name: kwargs = kwargs.copy() kwargs.setdefault('user', user) kwargs.update(xkwargs) user = strategy.continue_pipeline(pipeline_index=idx, *xargs, **xkwargs) else: strategy.clean_partial_pipeline() user = strategy.complete(user=user, request=strategy.request, *args, **kwargs) else: user = strategy.complete(user=user, request=strategy.request, *args, **kwargs) if user and not isinstance(user, strategy.storage.user.user_model()): return user if is_authenticated: if not user: url = redirect_value or default_redirect else: url = redirect_value or \ strategy.setting('NEW_ASSOCIATION_REDIRECT_URL') or \ default_redirect elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, 'is_new', False) social_user = user.social_user login(strategy, user) # store last login backend name in session strategy.session_set('social_auth_last_login_backend', social_user.provider) # Remove possible redirect URL from session, if this is a new # account, send him to the new-users-page if defined. new_user_redirect = strategy.setting('NEW_USER_REDIRECT_URL') if new_user_redirect and is_new: url = new_user_redirect else: url = redirect_value or default_redirect else: url = strategy.setting('INACTIVE_USER_URL', login_error_url) else: url = login_error_url if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + \ '%s=%s' % (redirect_name, redirect_value) return strategy.redirect(url)
def test_user_has_is_active(self): class User(object): is_active = True expect(user_is_active(User())).to.equal(True)
def do_complete(strategy, login, user=None, redirect_name="next", *args, **kwargs): # pop redirect value before the session is trashed on login() data = strategy.request_data() redirect_value = strategy.session_get(redirect_name, "") or data.get(redirect_name, "") is_authenticated = user_is_authenticated(user) user = is_authenticated and user or None partial = partial_pipeline_data(strategy, user, *args, **kwargs) if partial: xargs, xkwargs = partial user = strategy.continue_pipeline(*xargs, **xkwargs) else: user = strategy.complete(user=user, request=strategy.request, *args, **kwargs) try: is_api_call = strategy.request.COOKIES.get("is_api_call") except: try: is_api_call = strategy.session_get("is_api_call") except: is_api_call = None if user and not isinstance(user, strategy.storage.user.user_model()): return user if is_authenticated: if not user: url = setting_url(strategy, redirect_value, "LOGIN_REDIRECT_URL") else: url = setting_url(strategy, redirect_value, "NEW_ASSOCIATION_REDIRECT_URL", "LOGIN_REDIRECT_URL") if is_api_call is not None: url = "/api/login/social/success/" elif user: if user_is_active(user): # catch is_new/social_user in case login() resets the instance is_new = getattr(user, "is_new", False) social_user = user.social_user login(strategy, user) # store last login backend name in session strategy.session_set("social_auth_last_login_backend", social_user.provider) if is_new: url = setting_url(strategy, redirect_value, "NEW_USER_REDIRECT_URL", "LOGIN_REDIRECT_URL") else: url = setting_url(strategy, redirect_value, "LOGIN_REDIRECT_URL") if is_api_call is not None: url = "/api/login/social/success/" else: url = setting_url(strategy, "INACTIVE_USER_URL", "LOGIN_ERROR_URL", "LOGIN_URL") if strategy.setting("INACTIVE_USER_REDIRECT_WITH_ID") is True: url += "?user_id=" + str(user.id) if is_api_call is not None: url = "/api/login/social/fail/" url += "?user_id=" + str(user.id) + "&reason=user_already_exist" else: url = setting_url(strategy, "LOGIN_ERROR_URL", "LOGIN_URL") if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ("?" in url and "&" or "?") + "{0}={1}".format(redirect_name, redirect_value) if strategy.setting("SANITIZE_REDIRECTS", True): url = sanitize_redirect(strategy.request_host(), url) or strategy.setting("LOGIN_REDIRECT_URL") return strategy.redirect(url)
def test_user_is_not_none(self): self.assertEqual(user_is_active(object()), True)
def test_user_has_is_active_callable(self): class User(object): def is_active(self): return True self.assertEqual(user_is_active(User()), True)
def complete(backend, *args, **kwargs): """Authentication complete view, override this view if transaction management doesn't suit your needs.""" strategy = g.strategy # pop redirect value before the session is trashed on login() redirect_value = session.get("next", "") or request.form.get("next", "") or request.args.get("next", "") is_authenticated = user_is_authenticated(g.user) user = is_authenticated and g.user or None url = strategy.setting("LOGIN_REDIRECT_URL") if session.get("partial_pipeline"): data = session.pop("partial_pipeline") kwargs = kwargs.copy() kwargs.setdefault("user", user) idx, xargs, xkwargs = strategy.from_session(data, request=request, *args, **kwargs) if xkwargs.get("backend", "") == backend: user = strategy.continue_pipeline(pipeline_index=idx, *xargs, **xkwargs) else: strategy.clean_partial_pipeline() user = strategy.complete(user=user, request=request, *args, **kwargs) else: user = strategy.complete(user=user, request=request, *args, **kwargs) if isinstance(user, Response): return user if is_authenticated: if not user: url = redirect_value or strategy.setting("LOGIN_REDIRECT_URL") else: url = ( redirect_value or strategy.setting("NEW_ASSOCIATION_REDIRECT_URL") or strategy.setting("LOGIN_REDIRECT_URL") ) elif user: if user_is_active(user): # catch is_new flag before login() resets the instance is_new = getattr(user, "is_new", False) login_user(user) # user.social_user is the used UserSocialAuth instance defined # in authenticate process social_user = user.social_user # store last login backend name in session session["social_auth_last_login_backend"] = social_user.provider # Remove possible redirect URL from session, if this is a new # account, send him to the new-users-page if defined. new_user_redirect = strategy.setting("NEW_USER_REDIRECT_URL") if new_user_redirect and is_new: url = new_user_redirect else: url = redirect_value or strategy.setting("LOGIN_REDIRECT_URL") else: url = ( strategy.setting("INACTIVE_USER_URL") or strategy.setting("LOGIN_ERROR_URL") or strategy.setting("LOGIN_URL") ) else: url = strategy.setting("LOGIN_ERROR_URL") or strategy.setting("LOGIN_URL") if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ("?" in url and "&" or "?") + "%s=%s" % ("next", redirect_value) return redirect(url)
def complete(request, backend, *args, **kwargs): """Authentication complete view, override this view if transaction management doesn't suit your needs.""" strategy = request.strategy # pop redirect value before the session is trashed on login() redirect_value = request.session.get(REDIRECT_FIELD_NAME, '') or \ request.REQUEST.get(REDIRECT_FIELD_NAME, '') is_authenticated = user_is_authenticated(request.user) user = is_authenticated and request.user or None url = DEFAULT_REDIRECT if request.session.get('partial_pipeline'): data = request.session.pop('partial_pipeline') kwargs = kwargs.copy() kwargs.setdefault('user', user) idx, xargs, xkwargs = strategy.from_session(data, request=request, *args, **kwargs) if xkwargs.get('backend', '') == backend: user = strategy.continue_pipeline(pipeline_index=idx, *xargs, **xkwargs) else: strategy.clean_partial_pipeline() user = strategy.complete(user=user, request=request, *args, **kwargs) else: user = strategy.complete(user=user, request=request, *args, **kwargs) if isinstance(user, HttpResponse): return user if is_authenticated: if not user: url = redirect_value or DEFAULT_REDIRECT else: url = redirect_value or \ strategy.setting('NEW_ASSOCIATION_REDIRECT_URL') or \ DEFAULT_REDIRECT elif user: if user_is_active(user): # catch is_new flag before login() resets the instance is_new = getattr(user, 'is_new', False) login(request, user) # Hack django.auth backend loading since they create an instance # that won't know about the strategy/storage layout being used request.session['original_' + BACKEND_SESSION_KEY] = \ request.session[BACKEND_SESSION_KEY] request.session[BACKEND_SESSION_KEY] = '%s.%s' % ( BackendWrapper.__module__, BackendWrapper.__name__ ) # user.social_user is the used UserSocialAuth instance defined # in authenticate process social_user = user.social_user if setting('SESSION_EXPIRATION', True): # Set session expiration date if present and not disabled # by setting. Use last social-auth instance for current # provider, users can associate several accounts with # a same provider. expiration = social_user.expiration_datetime() if expiration: try: request.session.set_expiry(expiration) except OverflowError: # Handle django time zone overflow request.session.set_expiry(None) # store last login backend name in session request.session['social_auth_last_login_backend'] = \ social_user.provider # Remove possible redirect URL from session, if this is a new # account, send him to the new-users-page if defined. new_user_redirect = strategy.setting('NEW_USER_REDIRECT_URL') if new_user_redirect and is_new: url = new_user_redirect else: url = redirect_value or strategy.setting('LOGIN_REDIRECT_URL') else: url = strategy.setting('INACTIVE_USER_URL', LOGIN_ERROR_URL) else: url = strategy.setting('LOGIN_ERROR_URL', LOGIN_ERROR_URL) if redirect_value and redirect_value != url: redirect_value = quote(redirect_value) url += ('?' in url and '&' or '?') + \ '%s=%s' % (REDIRECT_FIELD_NAME, redirect_value) return HttpResponseRedirect(url)