def login(request): """ User login for view for tangleon.com """ if request.method == 'POST': login_error = '' username = request.POST.get('username', None) password = request.POST.get('password', None) if username and password: # Avoding long password hash attacks user = Credential.authenticate( username, password) if len(password) < 50 else None if not user: login_error = '''Username and password didn't matched, if you forgot your password? <a href="/forgot_password/">Request new one</a>''' elif not user.is_active: login_error = '''Your account has been disabled. We apologize for any inconvenience! If this is a mistake please contact our <a href="mailto:[email protected]">support</a>.''' elif user.has_activated: FlashMessage.add_info('Welcome back, ' + user.username, user) login_user(request, user) url = request.GET.get('next', '/') return HttpResponseRedirect(url) else: return render_response( request, 'app/login.html', { 'username': username, 'send_activation_code': True, 'email': user.email }) return render_response(request, 'app/login.html', { 'username': username, 'login_error': login_error }) return render_response(request, 'app/login.html')
def login(request): """ User login for view for tangleon.com """ if request.method == 'POST': login_error = '' username = request.POST.get('username', None) password = request.POST.get('password', None) if username and password: # Avoding long password hash attacks user = Credential.authenticate(username, password) if len(password) < 50 else None if not user: login_error = '''Username and password didn't matched, if you forgot your password? <a href="/forgot_password/">Request new one</a>''' elif not user.is_active: login_error = '''Your account has been disabled. We apologize for any inconvenience! If this is a mistake please contact our <a href="mailto:[email protected]">support</a>.''' elif user.has_activated: FlashMessage.add_info('Welcome back, ' + user.username, user) login_user(request, user) url = request.GET.get('next', '/') return HttpResponseRedirect(url) else: return render_response(request, 'app/login.html', { 'username': username, 'send_activation_code': True, 'email': user.email }) return render_response(request, 'app/login.html', { 'username': username, 'login_error': login_error }) return render_response(request, 'app/login.html')
def activation(request): """ Activates the new user """ activation_error = None if request.method == 'GET': email = request.GET.get('email', None) activation_code = request.GET.get('activation_code', None) if email and activation_code: try: user = User.activate(email, activation_code) login_user(request, user) return HttpResponseRedirect(reverse('app_index')) except TangleOnError as error: activation_error = error.message else: activation_error = 'TangleOn account activation url is not correct; please try to copy and paste complete url from email.' else: activation_error = 'Invalid activation request.' return render_response(request, 'app/activation.html', {'activation_error': activation_error})
def facebook_login(request): """ Login user through Facebook """ if request.method == 'POST': params = urllib.urlencode({ 'client_id': settings.FB_APP_ID, 'response_type': 'code', 'redirect_uri': request.build_absolute_uri(request.path), 'state': request.POST.get('next', reverse('app_index')), # redirect uri for user 'scope': 'email' }) return HttpResponseRedirect(settings.FB_AUTH_URL + '?' + params) code = request.GET.get('code', None) if not code: error = request.GET.get('error', None) error_reason = request.GET.get('error_reason', None) if error == 'access_denied' and error_reason == 'user_denied': return render_response( request, 'app/facebook_login.html', { 'error': 'You must allow TangleOn to access your basic information from Facebook.' }) logger.error('Error occurred while signing user through Facebook.\n' + str(request)) return render_response( request, 'app/facebook_login.html', { 'error': 'We encounter some error while logging you in through Facebook.' }) return_url = request.GET['state'] code = request.GET['code'] params = urllib.urlencode({ 'client_id': settings.FB_APP_ID, 'client_secret': settings.FB_APP_SECRET, 'redirect_uri': request.build_absolute_uri(request.path), 'code': code }) try: access_content = scraper.get_content(settings.FB_ACCESS_TOKEN + '?' + params) access_content = dict(urlparse.parse_qsl(access_content)) access_token = access_content['access_token'] access_expiry = datetime.datetime.now() + datetime.timedelta( seconds=int(access_content['expires'])) request.session['facebook_access_token'] = access_token params = urllib.urlencode({ 'access_token': access_token, 'fields': 'id,username,email,name' }) fb_user = scraper.get_content(settings.FB_GRAPH_ME + '?' + params) fb_user = simplejson.loads(fb_user) try: if request.app_user.is_authenticated(): user = request.app_user created = FbUser.connect_user(user, fb_user['id'], fb_user['name'], fb_user['username'], fb_user.get('email', user.email), access_token, access_expiry) if created: FlashMessage.add_success( 'Your Facebook account is successfully connected.', user) else: if not 'email' in fb_user: raise TangleOnError( 'You need to allow TangleOn for access of your email address on Facebook, please read our privacy <a href="%s">policy</a> for any concern.' % reverse('app_policy')) created, user = FbUser.get_user_or_create( fb_user['id'], fb_user['name'], fb_user['username'], fb_user['email'], access_token, access_expiry) if not user.is_active: raise TangleOnError( 'Your account has been disabled. We apologize for any inconvenience! If this is a mistake please contact our <a href="mailto:[email protected]">support</a>.' ) login_user(request, user) if created: FlashMessage.add_success( 'You have successfully signed up with Facebook account.', user) else: FlashMessage.add_info('Welcome back, ' + user.username, user) if created: return HttpResponseRedirect( reverse('app_user_friends', args=[user.username]) + '?' + urllib.urlencode({'next': return_url})) return HttpResponseRedirect(return_url) except TangleOnError as e: return render_response(request, 'app/facebook_login.html', {'error': e.message}) except Exception as e: logger.exception(e) return render_response( request, 'app/facebook_login.html', { 'error': 'We encounter some error while logging you in through Facebook.' }) return HttpResponseRedirect(reverse('app_index'))
def facebook_login(request): """ Login user through Facebook """ if request.method == 'POST': params = urllib.urlencode({'client_id': settings.FB_APP_ID, 'response_type': 'code', 'redirect_uri': request.build_absolute_uri(request.path), 'state': request.POST.get('next', reverse('app_index')), # redirect uri for user 'scope': 'email' }) return HttpResponseRedirect(settings.FB_AUTH_URL + '?' + params) code = request.GET.get('code', None) if not code: error = request.GET.get('error', None) error_reason = request.GET.get('error_reason', None) if error == 'access_denied' and error_reason == 'user_denied': return render_response(request, 'app/facebook_login.html', {'error': 'You must allow TangleOn to access your basic information from Facebook.'}) logger.error('Error occurred while signing user through Facebook.\n' + str(request)) return render_response(request, 'app/facebook_login.html', {'error': 'We encounter some error while logging you in through Facebook.'}) return_url = request.GET['state'] code = request.GET['code'] params = urllib.urlencode({'client_id': settings.FB_APP_ID, 'client_secret': settings.FB_APP_SECRET, 'redirect_uri': request.build_absolute_uri(request.path), 'code': code }) try: access_content = scraper.get_content(settings.FB_ACCESS_TOKEN + '?' + params) access_content = dict(urlparse.parse_qsl(access_content)) access_token = access_content['access_token'] access_expiry = datetime.datetime.now() + datetime.timedelta(seconds=int(access_content['expires'])) request.session['facebook_access_token'] = access_token params = urllib.urlencode({'access_token': access_token, 'fields': 'id,username,email,name'}) fb_user = scraper.get_content(settings.FB_GRAPH_ME + '?' + params) fb_user = simplejson.loads(fb_user) try: if request.app_user.is_authenticated(): user = request.app_user created = FbUser.connect_user(user, fb_user['id'], fb_user['name'], fb_user['username'], fb_user.get('email', user.email), access_token, access_expiry) if created: FlashMessage.add_success('Your Facebook account is successfully connected.', user) else: if not 'email' in fb_user: raise TangleOnError('You need to allow TangleOn for access of your email address on Facebook, please read our privacy <a href="%s">policy</a> for any concern.' % reverse('app_policy')) created, user = FbUser.get_user_or_create(fb_user['id'], fb_user['name'], fb_user['username'], fb_user['email'], access_token, access_expiry) if not user.is_active: raise TangleOnError('Your account has been disabled. We apologize for any inconvenience! If this is a mistake please contact our <a href="mailto:[email protected]">support</a>.') login_user(request, user) if created: FlashMessage.add_success('You have successfully signed up with Facebook account.', user) else: FlashMessage.add_info('Welcome back, ' + user.username, user) if created: return HttpResponseRedirect(reverse('app_user_friends', args=[user.username]) + '?' + urllib.urlencode({ 'next': return_url})) return HttpResponseRedirect(return_url) except TangleOnError as e: return render_response(request, 'app/facebook_login.html', {'error': e.message }) except Exception as e: logger.exception(e) return render_response(request, 'app/facebook_login.html', {'error': 'We encounter some error while logging you in through Facebook.' }) return HttpResponseRedirect(reverse('app_index'))