def success_openid_login(request, openid_response, redirect_field_name=REDIRECT_FIELD_NAME): """ A view-helper to handle a successful OpenID authentication response. Note that this doesn't mean we've found a matching user yet. That's what this method does. This view-helper requires adding ``openid_auth.models.OpenIDBackend`` to the ``settings.AUTHENTICATION_BACKENDS`` list. """ #Get the OpenID URL openid_url = openid_response.identity_url sreg = SRegResponse.fromSuccessResponse(openid_response) nickname = None if sreg and sreg.has_key('nickname'): nickname = sreg.get('nickname') #Call the built in django auth function #(NOTE: this call won't work without adding 'openid_auth.models.OpenIDBackend' to the settings.AUTHENTICATION_BACKENDS list) user = authenticate(openid_url=openid_url, sreg=nickname) if user: #Log in the user with the built-in django function auth_login(request, user) #Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://" + request.get_host(), user) #Do we not yet have any openids in the session? if OPENIDS_SESSION_NAME not in request.session.keys(): request.session[OPENIDS_SESSION_NAME] = [] #Eliminate any duplicate openids in the session request.session[OPENIDS_SESSION_NAME] = [ o for o in request.session[OPENIDS_SESSION_NAME] if o.openid != openid_url ] #Add this new openid to the list request.session[OPENIDS_SESSION_NAME].append( from_openid_response(openid_response)) #Get the page to redirect to redirect = request.REQUEST.get(redirect_field_name, None) if not redirect or not is_valid_redirect_url(redirect): redirect = settings.LOGIN_REDIRECT_URL return HttpResponseRedirect(redirect) else: #TODO: This should start the registration process return failure_openid_login( request, openid_url, _("The OpenID doesn't match any registered user."))
def twitter_return(request): request_token = request.session.get('request_token', None) # If there is no request_token for session, # means we didn't redirect user to twitter if not request_token: # Redirect the user to the login page, # So the user can click on the sign-in with twitter button return HttpResponse("We didn't redirect you to twitter...") token = OAuthToken.from_string(request_token) # If the token from session and token from twitter does not match # means something bad happened to tokens if token.key != request.GET.get('oauth_token', 'no-token'): del request.session['request_token'] # Redirect the user to the login page return HttpResponse("Something wrong! Tokens do not match...") twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, token) access_token = twitter.getAccessToken() request.session['access_token'] = access_token.to_string() auth_user = authenticate(access_token=access_token) # if user is authenticated then login user if auth_user: login(request, auth_user) else: # We were not able to authenticate user # Redirect to login page del request.session['access_token'] del request.session['request_token'] return HttpResponse("Unable to authenticate you!") #Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://" + request.get_host(), auth_user) # authentication was successful, use is now logged in #redirect to a proper page try: next = request.GET.__getitem__('next') except: next = getattr(settings, "LOGIN_REDIRECT_URL", "/") return HttpResponseRedirect(next)
def twitter_return(request): request_token = request.session.get('request_token', None) # If there is no request_token for session, # means we didn't redirect user to twitter if not request_token: # Redirect the user to the login page, # So the user can click on the sign-in with twitter button return HttpResponse("We didn't redirect you to twitter...") token = OAuthToken.from_string(request_token) # If the token from session and token from twitter does not match # means something bad happened to tokens if token.key != request.GET.get('oauth_token', 'no-token'): del request.session['request_token'] # Redirect the user to the login page return HttpResponse("Something wrong! Tokens do not match...") twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, token) access_token = twitter.getAccessToken() request.session['access_token'] = access_token.to_string() auth_user = authenticate(access_token=access_token) # if user is authenticated then login user if auth_user: login(request, auth_user) else: # We were not able to authenticate user # Redirect to login page del request.session['access_token'] del request.session['request_token'] return HttpResponse("Unable to authenticate you!") #Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://"+request.get_host(), auth_user) # authentication was successful, use is now logged in #redirect to a proper page try: next = request.GET.__getitem__('next') except: next = getattr(settings, "LOGIN_REDIRECT_URL", "/") return HttpResponseRedirect(next)
def success_openid_login(request, openid_response, redirect_field_name=REDIRECT_FIELD_NAME): """ A view-helper to handle a successful OpenID authentication response. Note that this doesn't mean we've found a matching user yet. That's what this method does. This view-helper requires adding ``openid_auth.models.OpenIDBackend`` to the ``settings.AUTHENTICATION_BACKENDS`` list. """ #Get the OpenID URL openid_url = openid_response.identity_url sreg = SRegResponse.fromSuccessResponse(openid_response) nickname = None if sreg and sreg.has_key('nickname'): nickname = sreg.get('nickname') #Call the built in django auth function #(NOTE: this call won't work without adding 'openid_auth.models.OpenIDBackend' to the settings.AUTHENTICATION_BACKENDS list) user = authenticate(openid_url=openid_url, sreg=nickname) if user: #Log in the user with the built-in django function auth_login(request, user) #Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://"+request.get_host(), user) #Do we not yet have any openids in the session? if OPENIDS_SESSION_NAME not in request.session.keys(): request.session[OPENIDS_SESSION_NAME] = [] #Eliminate any duplicate openids in the session request.session[OPENIDS_SESSION_NAME] = [o for o in request.session[OPENIDS_SESSION_NAME] if o.openid != openid_url] #Add this new openid to the list request.session[OPENIDS_SESSION_NAME].append(from_openid_response(openid_response)) #Get the page to redirect to redirect = request.REQUEST.get(redirect_field_name, None) if not redirect or not is_valid_redirect_url(redirect): redirect = settings.LOGIN_REDIRECT_URL return HttpResponseRedirect(redirect) else: #TODO: This should start the registration process return failure_openid_login(request, openid_url, _("The OpenID doesn't match any registered user."))
#facebook to login. if request.POST.get('facebook_only', False): log.debug('Facebook Only') profile = FacebookProfile(facebook_id=request.facebook.uid) user = User(username=request.facebook.uid, email=profile.email) user.set_unusable_password() user.save() profile.user = user profile.save() log.info("Added user and profile for %s!" % request.facebook.uid) user = authenticate(request=request) login(request, user) # Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://" + request.get_host(), user) return HttpResponseRedirect(redirect_url) # user setup his/her own local account in addition to their facebook # account. The user will have to login with facebook unless they # reset their password. elif request.POST.get('register', False): log.debug('Register a new account') profile = FacebookProfile(facebook_id=request.facebook.uid) if profile.first_name != "(Private)": fname = profile.first_name if profile.last_name != "(Private)": lname = profile.last_name user = User(first_name=fname, last_name=lname) registration_form = registration_form_class(data=request.POST,
if request.POST.get('facebook_only',False): log.debug('Facebook Only') profile = FacebookProfile(facebook_id=request.facebook.uid) user = User(username=request.facebook.uid, email=profile.email) user.set_unusable_password() user.save() profile.user = user profile.save() log.info("Added user and profile for %s!" % request.facebook.uid) user = authenticate(request=request) login(request, user) # Add the user to EzSteroids if it is enabled add_user_to_EzSteroids("http://"+request.get_host(), user) return HttpResponseRedirect(redirect_url) # user setup his/her own local account in addition to their facebook # account. The user will have to login with facebook unless they # reset their password. elif request.POST.get('register',False): log.debug('Register a new account') profile = FacebookProfile(facebook_id=request.facebook.uid) if profile.first_name != "(Private)": fname = profile.first_name if profile.last_name != "(Private)": lname = profile.last_name user = User(first_name=fname, last_name=lname) registration_form = registration_form_class(