def _save_new_user(request, form):
"""
form - must be a valid form
We persist account to LDAP. If all goes well, we
log the user in and persist their BID assertion to the
session.
"""
# Email in the form is the "username" we'll use.
email = request.session['verified_email']
username = email
registrar = RegistrarSession.connect(request)
code = request.session.get('invite-code')
d = form.cleaned_data
d['email'] = email
uniq_id = registrar.create_person(d)
voucher = None
if code:
try:
invite = get_invite(code)
voucher = invite.inviter
except Invite.DoesNotExist:
msg = 'Bad code in form [%s], skipping pre-vouch' % d['code']
log.warning(msg)
# we need to authenticate them... with their assertion
assertion_hash, assertion = get_assertion(request)
for i in range(1, 10):
try:
user = auth.authenticate(request=request, assertion=assertion)
# Should never happen
if not user or not user.is_authenticated():
msg = 'Authentication for new user (%s) failed' % username
# TODO: make this a unique exception.
raise Exception(msg)
statsd.incr('user.successful_registration')
statsd.incr('user.successful_registration_attempt_%s' % i)
break
except Exception, e:
statsd.incr('user.errors.registration_failed')
statsd.incr('user.errors.registration_failed_attempt_%s' % i)
log.warning(e)
# All hope is lost.
if i == 10:
statsd.incr('user.errors.user_record_never_created')
raise Exception(e)
def _save_new_user(request, form):
"""
form - must be a valid form
We persist account to LDAP. If all goes well, we
log the user in and persist their BID assertion to the
session.
"""
# Email in the form is the "username" we'll use.
email = request.session['verified_email']
username = email
registrar = RegistrarSession.connect(request)
code = request.session.get('invite-code')
d = form.cleaned_data
d['email'] = email
uniq_id = registrar.create_person(d)
voucher = None
if code:
try:
invite = get_invite(code)
voucher = invite.inviter
except Invite.DoesNotExist:
msg = 'Bad code in form [%s], skipping pre-vouch' % d['code']
log.warning(msg)
# we need to authenticate them... with their assertion
assertion_hash, assertion = get_assertion(request)
for i in range(1, 10):
try:
user = auth.authenticate(request=request, assertion=assertion)
# Should never happen
if not user or not user.is_authenticated():
msg = 'Authentication for new user (%s) failed' % username
# TODO: make this a unique exception.
raise Exception(msg)
statsd.incr('user.successful_registration')
statsd.incr('user.successful_registration_attempt_%s' % i)
break
except Exception, e:
statsd.incr('user.errors.registration_failed')
statsd.incr('user.errors.registration_failed_attempt_%s' % i)
log.warning(e)
# All hope is lost.
if i == 10:
statsd.incr('user.errors.user_record_never_created')
raise Exception(e)
def _view(request, *args, **kwargs):
(asst_hsh, assertion) = get_assertion(request)
if not asst_hsh or not assertion:
log.info("No assertion in session")
return _redirect(request, login_url, redirect_field_name)
try:
directory = UserSession(request)
(registered, unique_id) = directory.registered_user()
except ldap.OTHER:
statsd.incr('browserid.session_timedout')
log.info("Backend session timed out, clearing session assertion")
return _redirect(request, login_url, redirect_field_name)
return view_func(request, *args, **kwargs)
def _view(request, *args, **kwargs):
(asst_hsh, assertion) = get_assertion(request)
if not asst_hsh or not assertion:
log.info("No assertion in session")
return _redirect(request, login_url, redirect_field_name)
try:
directory = UserSession(request)
(registered, unique_id) = directory.registered_user()
except ldap.OTHER:
statsd.incr('browserid.session_timedout')
log.info(
"Backend session timed out, clearing session assertion")
return _redirect(request, login_url, redirect_field_name)
return view_func(request, *args, **kwargs)