def login(request):
"""
User login for view for tangleon.com
"""
if request.method == 'POST':
login_error = ''
username = request.POST.get('username', None)
password = request.POST.get('password', None)
if username and password:
# Avoding long password hash attacks
user = Credential.authenticate(
username, password) if len(password) < 50 else None
if not user:
login_error = '''Username and password didn't matched, if you forgot your password? <a href="/forgot_password/">Request new one</a>'''
elif not user.is_active:
login_error = '''Your account has been disabled. We apologize for any inconvenience! If this is a mistake please contact our <a href="mailto:[email protected]">support</a>.'''
elif user.has_activated:
FlashMessage.add_info('Welcome back, ' + user.username, user)
login_user(request, user)
url = request.GET.get('next', '/')
return HttpResponseRedirect(url)
else:
return render_response(
request, 'app/login.html', {
'username': username,
'send_activation_code': True,
'email': user.email
})
return render_response(request, 'app/login.html', {
'username': username,
'login_error': login_error
})
return render_response(request, 'app/login.html')
def login(request):
"""
User login for view for tangleon.com
"""
if request.method == 'POST':
login_error = ''
username = request.POST.get('username', None)
password = request.POST.get('password', None)
if username and password:
# Avoding long password hash attacks
user = Credential.authenticate(username, password) if len(password) < 50 else None
if not user:
login_error = '''Username and password didn't matched, if you forgot your password? <a href="/forgot_password/">Request new one</a>'''
elif not user.is_active:
login_error = '''Your account has been disabled. We apologize for any inconvenience! If this is a mistake please contact our <a href="mailto:[email protected]">support</a>.'''
elif user.has_activated:
FlashMessage.add_info('Welcome back, ' + user.username, user)
login_user(request, user)
url = request.GET.get('next', '/')
return HttpResponseRedirect(url)
else:
return render_response(request, 'app/login.html', { 'username': username, 'send_activation_code': True, 'email': user.email })
return render_response(request, 'app/login.html', { 'username': username, 'login_error': login_error })
return render_response(request, 'app/login.html')
def activation(request):
"""
Activates the new user
"""
activation_error = None
if request.method == 'GET':
email = request.GET.get('email', None)
activation_code = request.GET.get('activation_code', None)
if email and activation_code:
try:
user = User.activate(email, activation_code)
login_user(request, user)
return HttpResponseRedirect(reverse('app_index'))
except TangleOnError as error:
activation_error = error.message
else:
activation_error = 'TangleOn account activation url is not correct; please try to copy and paste complete url from email.'
else:
activation_error = 'Invalid activation request.'
return render_response(request, 'app/activation.html', {'activation_error': activation_error})
def activation(request):
"""
Activates the new user
"""
activation_error = None
if request.method == 'GET':
email = request.GET.get('email', None)
activation_code = request.GET.get('activation_code', None)
if email and activation_code:
try:
user = User.activate(email, activation_code)
login_user(request, user)
return HttpResponseRedirect(reverse('app_index'))
except TangleOnError as error:
activation_error = error.message
else:
activation_error = 'TangleOn account activation url is not correct; please try to copy and paste complete url from email.'
else:
activation_error = 'Invalid activation request.'
return render_response(request, 'app/activation.html',
{'activation_error': activation_error})
def facebook_login(request):
"""
Login user through Facebook
"""
if request.method == 'POST':
params = urllib.urlencode({
'client_id':
settings.FB_APP_ID,
'response_type':
'code',
'redirect_uri':
request.build_absolute_uri(request.path),
'state':
request.POST.get('next',
reverse('app_index')), # redirect uri for user
'scope':
'email'
})
return HttpResponseRedirect(settings.FB_AUTH_URL + '?' + params)
code = request.GET.get('code', None)
if not code:
error = request.GET.get('error', None)
error_reason = request.GET.get('error_reason', None)
if error == 'access_denied' and error_reason == 'user_denied':
return render_response(
request, 'app/facebook_login.html', {
'error':
'You must allow TangleOn to access your basic information from Facebook.'
})
logger.error('Error occurred while signing user through Facebook.\n' +
str(request))
return render_response(
request, 'app/facebook_login.html', {
'error':
'We encounter some error while logging you in through Facebook.'
})
return_url = request.GET['state']
code = request.GET['code']
params = urllib.urlencode({
'client_id':
settings.FB_APP_ID,
'client_secret':
settings.FB_APP_SECRET,
'redirect_uri':
request.build_absolute_uri(request.path),
'code':
code
})
try:
access_content = scraper.get_content(settings.FB_ACCESS_TOKEN + '?' +
params)
access_content = dict(urlparse.parse_qsl(access_content))
access_token = access_content['access_token']
access_expiry = datetime.datetime.now() + datetime.timedelta(
seconds=int(access_content['expires']))
request.session['facebook_access_token'] = access_token
params = urllib.urlencode({
'access_token': access_token,
'fields': 'id,username,email,name'
})
fb_user = scraper.get_content(settings.FB_GRAPH_ME + '?' + params)
fb_user = simplejson.loads(fb_user)
try:
if request.app_user.is_authenticated():
user = request.app_user
created = FbUser.connect_user(user, fb_user['id'],
fb_user['name'],
fb_user['username'],
fb_user.get('email', user.email),
access_token, access_expiry)
if created:
FlashMessage.add_success(
'Your Facebook account is successfully connected.',
user)
else:
if not 'email' in fb_user:
raise TangleOnError(
'You need to allow TangleOn for access of your email address on Facebook, please read our privacy <a href="%s">policy</a> for any concern.'
% reverse('app_policy'))
created, user = FbUser.get_user_or_create(
fb_user['id'], fb_user['name'], fb_user['username'],
fb_user['email'], access_token, access_expiry)
if not user.is_active:
raise TangleOnError(
'Your account has been disabled. We apologize for any inconvenience! If this is a mistake please contact our <a href="mailto:[email protected]">support</a>.'
)
login_user(request, user)
if created:
FlashMessage.add_success(
'You have successfully signed up with Facebook account.',
user)
else:
FlashMessage.add_info('Welcome back, ' + user.username,
user)
if created:
return HttpResponseRedirect(
reverse('app_user_friends', args=[user.username]) + '?' +
urllib.urlencode({'next': return_url}))
return HttpResponseRedirect(return_url)
except TangleOnError as e:
return render_response(request, 'app/facebook_login.html',
{'error': e.message})
except Exception as e:
logger.exception(e)
return render_response(
request, 'app/facebook_login.html', {
'error':
'We encounter some error while logging you in through Facebook.'
})
return HttpResponseRedirect(reverse('app_index'))
def facebook_login(request):
"""
Login user through Facebook
"""
if request.method == 'POST':
params = urllib.urlencode({'client_id': settings.FB_APP_ID,
'response_type': 'code',
'redirect_uri': request.build_absolute_uri(request.path),
'state': request.POST.get('next', reverse('app_index')), # redirect uri for user
'scope': 'email'
})
return HttpResponseRedirect(settings.FB_AUTH_URL + '?' + params)
code = request.GET.get('code', None)
if not code:
error = request.GET.get('error', None)
error_reason = request.GET.get('error_reason', None)
if error == 'access_denied' and error_reason == 'user_denied':
return render_response(request, 'app/facebook_login.html', {'error': 'You must allow TangleOn to access your basic information from Facebook.'})
logger.error('Error occurred while signing user through Facebook.\n' + str(request))
return render_response(request, 'app/facebook_login.html', {'error': 'We encounter some error while logging you in through Facebook.'})
return_url = request.GET['state']
code = request.GET['code']
params = urllib.urlencode({'client_id': settings.FB_APP_ID,
'client_secret': settings.FB_APP_SECRET,
'redirect_uri': request.build_absolute_uri(request.path),
'code': code })
try:
access_content = scraper.get_content(settings.FB_ACCESS_TOKEN + '?' + params)
access_content = dict(urlparse.parse_qsl(access_content))
access_token = access_content['access_token']
access_expiry = datetime.datetime.now() + datetime.timedelta(seconds=int(access_content['expires']))
request.session['facebook_access_token'] = access_token
params = urllib.urlencode({'access_token': access_token,
'fields': 'id,username,email,name'})
fb_user = scraper.get_content(settings.FB_GRAPH_ME + '?' + params)
fb_user = simplejson.loads(fb_user)
try:
if request.app_user.is_authenticated():
user = request.app_user
created = FbUser.connect_user(user, fb_user['id'], fb_user['name'], fb_user['username'], fb_user.get('email', user.email), access_token, access_expiry)
if created:
FlashMessage.add_success('Your Facebook account is successfully connected.', user)
else:
if not 'email' in fb_user:
raise TangleOnError('You need to allow TangleOn for access of your email address on Facebook, please read our privacy <a href="%s">policy</a> for any concern.' % reverse('app_policy'))
created, user = FbUser.get_user_or_create(fb_user['id'], fb_user['name'], fb_user['username'], fb_user['email'], access_token, access_expiry)
if not user.is_active:
raise TangleOnError('Your account has been disabled. We apologize for any inconvenience! If this is a mistake please contact our <a href="mailto:[email protected]">support</a>.')
login_user(request, user)
if created:
FlashMessage.add_success('You have successfully signed up with Facebook account.', user)
else:
FlashMessage.add_info('Welcome back, ' + user.username, user)
if created:
return HttpResponseRedirect(reverse('app_user_friends', args=[user.username]) + '?' + urllib.urlencode({ 'next': return_url}))
return HttpResponseRedirect(return_url)
except TangleOnError as e:
return render_response(request, 'app/facebook_login.html', {'error': e.message })
except Exception as e:
logger.exception(e)
return render_response(request, 'app/facebook_login.html', {'error': 'We encounter some error while logging you in through Facebook.' })
return HttpResponseRedirect(reverse('app_index'))
