def pre_social_login(self, request, sociallogin): """ Invoked just after a user successfully authenticates via a social provider, but before the login is actually processed. We use it to: 1. Check if the user is connecting accounts via signup page 2. store the name of the socialaccount provider in the user's session. """ session_login_data = request.session.get('socialaccount_sociallogin', None) request_login = sociallogin # Is there already a sociallogin_provider in the session? if session_login_data: session_login = SocialLogin.deserialize(session_login_data) # If the provider in the session is different from the provider in the # request, the user is connecting a new provider to an existing account if session_login.account.provider != request_login.account.provider: # Does the request sociallogin match an existing user? if not request_login.is_existing: # go straight back to signup page with an error message # BEFORE allauth over-writes the session sociallogin level = messages.ERROR message = "socialaccount/messages/account_not_found.txt" get_adapter().add_message(request, level, message) raise ImmediateHttpResponse( redirect('socialaccount_signup')) # TODO: Can the code that uses this just use request.session['socialaccount_sociallogin'].account.provider instead? request.session['sociallogin_provider'] = ( sociallogin.account.provider) request.session.modified = True
def pre_social_login(self, request, sociallogin): """ Invoked just after a user successfully authenticates via a social provider, but before the login is actually processed. We use it to: 1. Check if the user is connecting accounts via signup page 2. store the name of the socialaccount provider in the user's session. """ session_login_data = request.session.get('socialaccount_sociallogin', None) request_login = sociallogin # Is there already a sociallogin_provider in the session? if session_login_data: session_login = SocialLogin.deserialize(session_login_data) # If the provider in the session is different from the provider in the # request, the user is connecting a new provider to an existing account if session_login.account.provider != request_login.account.provider: # Does the request sociallogin match an existing user? if not request_login.is_existing: # go straight back to signup page with an error message # BEFORE allauth over-writes the session sociallogin level = messages.ERROR message = "socialaccount/messages/account_not_found.txt" get_adapter().add_message(request, level, message) raise ImmediateHttpResponse( redirect('socialaccount_signup') ) # TODO: Can the code that uses this just use request.session['socialaccount_sociallogin'].account.provider instead? request.session['sociallogin_provider'] = (sociallogin .account.provider) request.session.modified = True
def ajax_user_delete_temp_profile_image(request): data = request.session.get('socialaccount_sociallogin') if data: sociallogin = SocialLogin.deserialize(data) delete_temp_profile_image(sociallogin) return JsonResponse({'status': 'success'}) return HttpResponseForbidden('response-error')
def dispatch(self, request, *args, **kwargs): self.sociallogin = None data = request.session.get("sociallogin", None) if data is not None: self.sociallogin = SocialLogin.deserialize(data) if self.sociallogin is None: return redirect(reverse("account_login")) return super().dispatch(request, *args, **kwargs)
def pre_social_login(self, request, sociallogin): """ Invoked just after a user successfully authenticates via a social provider, but before the login is actually processed. We use it to: 1. Check if the user is connecting accounts via signup page 2. store the name of the socialaccount provider in the user's session. TODO: When legacy Persona sessions are cleared (Nov 1 2016), this function can be simplified. """ session_login_data = request.session.get("socialaccount_sociallogin", None) request_login = sociallogin # Is there already a sociallogin_provider in the session? if session_login_data: session_login = SocialLogin.deserialize(session_login_data) # If the provider in the session is different from the provider in the # request, the user is connecting a new provider to an existing account if session_login.account.provider != request_login.account.provider: # Does the request sociallogin match an existing user? if not request_login.is_existing: # go straight back to signup page with an error message # BEFORE allauth over-writes the session sociallogin level = messages.ERROR message = "socialaccount/messages/account_not_found.txt" get_adapter().add_message(request, level, message) raise ImmediateHttpResponse( redirect("socialaccount_signup")) # Is the user banned? if sociallogin.is_existing: bans = UserBan.objects.filter(user=sociallogin.user, is_active=True) if bans.exists(): banned_response = render( request, "users/user_banned.html", { "bans": bans, "path": request.path }, ) add_never_cache_headers(banned_response) raise ImmediateHttpResponse(banned_response) # sociallogin_provider is used in the UI to indicate what method was # used to login to the website. The session variable # 'socialaccount_sociallogin' has the same data, but will be dropped at # the end of login. request.session["sociallogin_provider"] = sociallogin.account.provider request.session.modified = True
def dispatch(self, request, *args, **kwargs): self.sociallogin = None data = request.session.get('sociallogin', None) if data is not None: self.sociallogin = SocialLogin.deserialize(data) if self.sociallogin is None: return redirect(reverse('account_login')) return super(SocialVerificationView, self).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): if not request.session.get('initial_training', False): return redirect('common:home') self.sociallogin = None data = request.session.get('socialaccount_sociallogin') if data: self.sociallogin = SocialLogin.deserialize(data) if not self.sociallogin: return HttpResponseRedirect(reverse('account_login')) return super(SignupView, self).dispatch(request, *args, **kwargs)
def pre_social_login(self, request, sociallogin): """ Invoked just after a user successfully authenticates via a social provider, but before the login is actually processed. We use it to: 1. Check if the user is connecting accounts via signup page 2. store the name of the socialaccount provider in the user's session. TODO: When legacy Persona sessions are cleared (Nov 1 2016), this function can be simplified. """ session_login_data = request.session.get('socialaccount_sociallogin', None) request_login = sociallogin # Is there already a sociallogin_provider in the session? if session_login_data: session_login = SocialLogin.deserialize(session_login_data) # If the provider in the session is different from the provider in the # request, the user is connecting a new provider to an existing account if session_login.account.provider != request_login.account.provider: # Does the request sociallogin match an existing user? if not request_login.is_existing: # go straight back to signup page with an error message # BEFORE allauth over-writes the session sociallogin level = messages.ERROR message = "socialaccount/messages/account_not_found.txt" get_adapter().add_message(request, level, message) raise ImmediateHttpResponse( redirect('socialaccount_signup') ) # Is the user banned? if sociallogin.is_existing: bans = UserBan.objects.filter(user=sociallogin.user, is_active=True) if bans.exists(): banned_response = render(request, 'users/user_banned.html', { 'bans': bans, 'path': request.path }) add_never_cache_headers(banned_response) raise ImmediateHttpResponse(banned_response) # sociallogin_provider is used in the UI to indicate what method was # used to login to the website. The session variable # 'socialaccount_sociallogin' has the same data, but will be dropped at # the end of login. request.session['sociallogin_provider'] = (sociallogin .account.provider) request.session.modified = True
def ajax_user_upload_temp_profile_image(request): data = request.session.get('socialaccount_sociallogin') if data: form = UserUploadProfileForm(request.POST, request.FILES) if form.is_valid(): sociallogin = SocialLogin.deserialize(data) imgfile = form.cleaned_data['file'] save_temp_profile_image_from_file(sociallogin, imgfile) return JsonResponse({'status': 'success'}) return HttpResponseForbidden('response-error')
def pre_social_login(self, request, sociallogin): """ Invoked just after a user successfully authenticates via a social provider, but before the login is actually processed. We use it to: 1. Check if the user is connecting accounts via signup page 2. store the name of the socialaccount provider in the user's session. TODO: When legacy Persona sessions are cleared (Nov 1 2016), this function can probably go away as well. """ session_login_data = request.session.get('socialaccount_sociallogin', None) request_login = sociallogin # Is there already a sociallogin_provider in the session? if session_login_data: session_login = SocialLogin.deserialize(session_login_data) # If the provider in the session is different from the provider in the # request, the user is connecting a new provider to an existing account if session_login.account.provider != request_login.account.provider: # Does the request sociallogin match an existing user? if not request_login.is_existing: # go straight back to signup page with an error message # BEFORE allauth over-writes the session sociallogin level = messages.ERROR message = "socialaccount/messages/account_not_found.txt" get_adapter().add_message(request, level, message) raise ImmediateHttpResponse( redirect('socialaccount_signup')) # sociallogin_provider is used in the UI to indicate what method was # used to login to the website. The session variable # 'socialaccount_sociallogin' has the same data, but will be dropped at # the end of login. request.session['sociallogin_provider'] = ( sociallogin.account.provider) request.session.modified = True
def dispatch(self, request, *args, **kwargs): self.sociallogin = None data = request.session.get("socialaccount_sociallogin") if data: self.sociallogin = SocialLogin.deserialize(data) return super(RegisterView, self).dispatch(request, *args, **kwargs)
def get_sociallogin(self, request, data): login = SocialLogin.deserialize(data) login.state = SocialLogin.state_from_request(request) return login
def dispatch(self, request, *args, **kwargs): self.sociallogin = SocialLogin.deserialize( request.session.get('socialaccount_sociallogin')) if not self.sociallogin: return HttpResponseRedirect(reverse('account_login')) return super(SignupView, self).dispatch(request, *args, **kwargs)