def test_is_tmp_user_unauthenticated(self): """ Ensure unauthenticated users return False """ user1 = User.objects.create(username="") user2 = AnonymousUser() users = [user1, user2] with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=True): for user in users: self.assertFalse(is_tmp_user(user)) with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=False): for user in users: self.assertFalse(is_tmp_user(user))
def test_is_tmp_user_temporary_user(self): """ Ensure users with temporary usernames return True """ user1 = User.objects.create(username="******") user2 = User.objects.create(username="******") users = [user1, user2] with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=True): for user in users: self.assertTrue(is_tmp_user(user)) with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=False): for user in users: self.assertTrue(is_tmp_user(user))
def test_is_tmp_user_profile(self): """ Ensure users with verified Uniauth profiles return False """ user1 = User.objects.create(username="******") user2 = User.objects.create(username="******") users = [user1, user2] with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=True): for user in users: self.assertFalse(is_tmp_user(user)) with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=False): for user in users: self.assertFalse(is_tmp_user(user))
def test_is_tmp_user_institution_account(self): """ Ensure users logged in via an Insitution Account return True if standalone accounts aren't allowed, False otherwise """ user1 = User.objects.create(username="******") user2 = User.objects.create(username="******") users = [user1, user2] with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=True): for user in users: self.assertFalse(is_tmp_user(user)) with self.settings(UNIAUTH_ALLOW_STANDALONE_ACCOUNTS=False): for user in users: self.assertTrue(is_tmp_user(user))
def signup(request): """ Creates a new Uniauth profile with the provided primary email address and password. Prompts user to verify the email address before profile is fully created. """ next_url = request.GET.get('next') context = _get_global_context(request) if not next_url: next_url = get_redirect_url(request) # If the user is already authenticated + has a Uniauth # profile, proceed to next page if request.user.is_authenticated and not is_tmp_user(request.user) \ and not is_unlinked_account(request.user): return HttpResponseRedirect(next_url) # If it's a POST request, attempt to validate the form if request.method == "POST": form = SignupForm(request.POST) # Validation successful: setup temporary user if form.is_valid(): form_email = form.cleaned_data['email'] user = request.user # If the user is not already authenticated, create a User if not user or not user.is_authenticated: tmp_username = get_random_username() user_model = get_user_model() user = user_model.objects.create(username=tmp_username) # Set user's password + create linked email user.set_password(form.cleaned_data["password1"]) user.save() email, _ = LinkedEmail.objects.get_or_create( profile=user.uniauth_profile, address=form_email, is_verified=False) # Send verification email + render waiting template _send_verification_email(request, email.address, email) return render(request, 'uniauth/verification-waiting.html', { 'email': email.address, 'is_signup': True }) # Validation failed: render form errors else: context['form'] = form return render(request, 'uniauth/signup.html', context) # Otherwise, render a blank Signup form else: form = SignupForm() context['form'] = form return render(request, 'uniauth/signup.html', context)
def link_to_profile(request): """ If the user is a temporary one who was logged in via an institution (not through a Uniauth profile), offers them the choice between logging to an existing Uniauth account or creating a new one. The institution account is (eventually) linked to the Uniauth profile the user logged into / created. """ next_url = request.GET.get('next') context = _get_global_context(request) if not next_url: next_url = get_redirect_url(request) params = urlencode({'next': next_url}) context['next_url'] = next_url # If the user is not authenticated at all, redirect to login page if not request.user.is_authenticated: return HttpResponseRedirect(reverse('uniauth:login') + '?' + params) # If the user is already authenticated + verified, proceed to next page if not is_tmp_user(request.user) and not is_unlinked_account(request.user): return HttpResponseRedirect(next_url) # If the user is temporary, but was not logged in via an institution # (e.g. created through Uniauth, but not verified), redirect to signup if not is_unlinked_account(request.user): return HttpResponseRedirect(reverse('uniauth:signup') + '?' + params) # At this point, we've ensured the user is temporary and was # logged in via an institution. We just need to handle the # Login Form, if the user chooses to link to an existing account. # If it's a POST request, attempt to validate the form if request.method == "POST": form = LoginForm(request, request.POST) # Authentication successful if form.is_valid(): unlinked_user = request.user username_split = get_account_username_split(request.user.username) # Log in as the authenticated Uniauth user user = form.get_user() auth_login(request, user) # Merge the unlinked account into the logged in profile, # then add the institution account described by the username merge_model_instances(user, [unlinked_user]) _add_institution_account(user.profile, username_split[1], username_split[2]) slug = username_split[1] context['institution'] = Institution.objects.get(slug=slug) return render(request, 'uniauth/link-success.html', context) # Authentication failed: render form errors else: context['form'] = form return render(request, 'uniauth/link-to-profile.html', context) # Otherwise, render a blank Login form else: form = LoginForm(request) context['form'] = form return render(request, 'uniauth/link-to-profile.html', context)