def success_openid_login(request,
openid_response,
redirect_field_name=REDIRECT_FIELD_NAME):
"""
A view-helper to handle a successful OpenID authentication response. Note that this
doesn't mean we've found a matching user yet. That's what this method
does. This view-helper requires adding ``openid_auth.models.OpenIDBackend`` to the
``settings.AUTHENTICATION_BACKENDS`` list.
"""
#Get the OpenID URL
openid_url = openid_response.identity_url
sreg = SRegResponse.fromSuccessResponse(openid_response)
nickname = None
if sreg and sreg.has_key('nickname'):
nickname = sreg.get('nickname')
#Call the built in django auth function
#(NOTE: this call won't work without adding 'openid_auth.models.OpenIDBackend' to the settings.AUTHENTICATION_BACKENDS list)
user = authenticate(openid_url=openid_url, sreg=nickname)
if user:
#Log in the user with the built-in django function
auth_login(request, user)
#Add the user to EzSteroids if it is enabled
add_user_to_EzSteroids("http://" + request.get_host(), user)
#Do we not yet have any openids in the session?
if OPENIDS_SESSION_NAME not in request.session.keys():
request.session[OPENIDS_SESSION_NAME] = []
#Eliminate any duplicate openids in the session
request.session[OPENIDS_SESSION_NAME] = [
o for o in request.session[OPENIDS_SESSION_NAME]
if o.openid != openid_url
]
#Add this new openid to the list
request.session[OPENIDS_SESSION_NAME].append(
from_openid_response(openid_response))
#Get the page to redirect to
redirect = request.REQUEST.get(redirect_field_name, None)
if not redirect or not is_valid_redirect_url(redirect):
redirect = settings.LOGIN_REDIRECT_URL
return HttpResponseRedirect(redirect)
else:
#TODO: This should start the registration process
return failure_openid_login(
request, openid_url,
_("The OpenID doesn't match any registered user."))
def twitter_return(request):
request_token = request.session.get('request_token', None)
# If there is no request_token for session,
# means we didn't redirect user to twitter
if not request_token:
# Redirect the user to the login page,
# So the user can click on the sign-in with twitter button
return HttpResponse("We didn't redirect you to twitter...")
token = OAuthToken.from_string(request_token)
# If the token from session and token from twitter does not match
# means something bad happened to tokens
if token.key != request.GET.get('oauth_token', 'no-token'):
del request.session['request_token']
# Redirect the user to the login page
return HttpResponse("Something wrong! Tokens do not match...")
twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, token)
access_token = twitter.getAccessToken()
request.session['access_token'] = access_token.to_string()
auth_user = authenticate(access_token=access_token)
# if user is authenticated then login user
if auth_user:
login(request, auth_user)
else:
# We were not able to authenticate user
# Redirect to login page
del request.session['access_token']
del request.session['request_token']
return HttpResponse("Unable to authenticate you!")
#Add the user to EzSteroids if it is enabled
add_user_to_EzSteroids("http://" + request.get_host(), auth_user)
# authentication was successful, use is now logged in
#redirect to a proper page
try:
next = request.GET.__getitem__('next')
except:
next = getattr(settings, "LOGIN_REDIRECT_URL", "/")
return HttpResponseRedirect(next)
def twitter_return(request):
request_token = request.session.get('request_token', None)
# If there is no request_token for session,
# means we didn't redirect user to twitter
if not request_token:
# Redirect the user to the login page,
# So the user can click on the sign-in with twitter button
return HttpResponse("We didn't redirect you to twitter...")
token = OAuthToken.from_string(request_token)
# If the token from session and token from twitter does not match
# means something bad happened to tokens
if token.key != request.GET.get('oauth_token', 'no-token'):
del request.session['request_token']
# Redirect the user to the login page
return HttpResponse("Something wrong! Tokens do not match...")
twitter = OAuthApi(CONSUMER_KEY, CONSUMER_SECRET, token)
access_token = twitter.getAccessToken()
request.session['access_token'] = access_token.to_string()
auth_user = authenticate(access_token=access_token)
# if user is authenticated then login user
if auth_user:
login(request, auth_user)
else:
# We were not able to authenticate user
# Redirect to login page
del request.session['access_token']
del request.session['request_token']
return HttpResponse("Unable to authenticate you!")
#Add the user to EzSteroids if it is enabled
add_user_to_EzSteroids("http://"+request.get_host(), auth_user)
# authentication was successful, use is now logged in
#redirect to a proper page
try:
next = request.GET.__getitem__('next')
except:
next = getattr(settings, "LOGIN_REDIRECT_URL", "/")
return HttpResponseRedirect(next)
def success_openid_login(request, openid_response, redirect_field_name=REDIRECT_FIELD_NAME):
"""
A view-helper to handle a successful OpenID authentication response. Note that this
doesn't mean we've found a matching user yet. That's what this method
does. This view-helper requires adding ``openid_auth.models.OpenIDBackend`` to the
``settings.AUTHENTICATION_BACKENDS`` list.
"""
#Get the OpenID URL
openid_url = openid_response.identity_url
sreg = SRegResponse.fromSuccessResponse(openid_response)
nickname = None
if sreg and sreg.has_key('nickname'):
nickname = sreg.get('nickname')
#Call the built in django auth function
#(NOTE: this call won't work without adding 'openid_auth.models.OpenIDBackend' to the settings.AUTHENTICATION_BACKENDS list)
user = authenticate(openid_url=openid_url, sreg=nickname)
if user:
#Log in the user with the built-in django function
auth_login(request, user)
#Add the user to EzSteroids if it is enabled
add_user_to_EzSteroids("http://"+request.get_host(), user)
#Do we not yet have any openids in the session?
if OPENIDS_SESSION_NAME not in request.session.keys():
request.session[OPENIDS_SESSION_NAME] = []
#Eliminate any duplicate openids in the session
request.session[OPENIDS_SESSION_NAME] = [o for o in request.session[OPENIDS_SESSION_NAME] if o.openid != openid_url]
#Add this new openid to the list
request.session[OPENIDS_SESSION_NAME].append(from_openid_response(openid_response))
#Get the page to redirect to
redirect = request.REQUEST.get(redirect_field_name, None)
if not redirect or not is_valid_redirect_url(redirect):
redirect = settings.LOGIN_REDIRECT_URL
return HttpResponseRedirect(redirect)
else:
#TODO: This should start the registration process
return failure_openid_login(request, openid_url, _("The OpenID doesn't match any registered user."))
#facebook to login.
if request.POST.get('facebook_only', False):
log.debug('Facebook Only')
profile = FacebookProfile(facebook_id=request.facebook.uid)
user = User(username=request.facebook.uid, email=profile.email)
user.set_unusable_password()
user.save()
profile.user = user
profile.save()
log.info("Added user and profile for %s!" % request.facebook.uid)
user = authenticate(request=request)
login(request, user)
# Add the user to EzSteroids if it is enabled
add_user_to_EzSteroids("http://" + request.get_host(), user)
return HttpResponseRedirect(redirect_url)
# user setup his/her own local account in addition to their facebook
# account. The user will have to login with facebook unless they
# reset their password.
elif request.POST.get('register', False):
log.debug('Register a new account')
profile = FacebookProfile(facebook_id=request.facebook.uid)
if profile.first_name != "(Private)":
fname = profile.first_name
if profile.last_name != "(Private)":
lname = profile.last_name
user = User(first_name=fname, last_name=lname)
registration_form = registration_form_class(data=request.POST,
if request.POST.get('facebook_only',False):
log.debug('Facebook Only')
profile = FacebookProfile(facebook_id=request.facebook.uid)
user = User(username=request.facebook.uid,
email=profile.email)
user.set_unusable_password()
user.save()
profile.user = user
profile.save()
log.info("Added user and profile for %s!" % request.facebook.uid)
user = authenticate(request=request)
login(request, user)
# Add the user to EzSteroids if it is enabled
add_user_to_EzSteroids("http://"+request.get_host(), user)
return HttpResponseRedirect(redirect_url)
# user setup his/her own local account in addition to their facebook
# account. The user will have to login with facebook unless they
# reset their password.
elif request.POST.get('register',False):
log.debug('Register a new account')
profile = FacebookProfile(facebook_id=request.facebook.uid)
if profile.first_name != "(Private)":
fname = profile.first_name
if profile.last_name != "(Private)":
lname = profile.last_name
user = User(first_name=fname, last_name=lname)
registration_form = registration_form_class(
