def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: request.session['auth_error'] = _( "You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account." ) else: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create(message=_( 'The new credentials are now associated with your account' )) return HttpResponseRedirect( reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except AuthKeyUserAssociation.DoesNotExist: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider return HttpResponseRedirect(reverse('auth_external_register'))
def external_register(request): if request.method == 'POST' and 'bnewaccount' in request.POST: form1 = SimpleRegistrationForm(request.POST) if form1.is_valid(): user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email']) user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email'] user_.set_unusable_password() if User.objects.all().count() == 0: user_.is_superuser = True user_.is_staff = True user_.save() UserJoinsAction(user=user_, ip=request.META['REMOTE_ADDR']).save() try: assoc_key = request.session['assoc_key'] auth_provider = request.session['auth_provider'] except: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again. Note that you need to have cookies enabled for the authentication to work." ) logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() del request.session['assoc_key'] del request.session['auth_provider'] return login_and_forward(request, user_, message=_("A welcome email has been sent to your email address. ")) else: auth_provider = request.session.get('auth_provider', None) if not auth_provider: request.session['auth_error'] = _( "Oops, something went wrong in the middle of this process. Please try again.") logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( ["%s: %s" % (k, v) for k, v in request.META.items()])) return HttpResponseRedirect(reverse('auth_signin')) provider_class = AUTH_PROVIDERS[auth_provider].consumer user_data = provider_class.get_user_data(request.session['assoc_key']) if not user_data: user_data = request.session.get('auth_consumer_data', {}) username = user_data.get('username', '') email = user_data.get('email', '') if email: request.session['auth_validated_email'] = email form1 = SimpleRegistrationForm(initial={ 'next': '/', 'username': username, 'email': email, }) provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context return render_to_response('auth/complete.html', { 'form1': form1, 'provider':provider_context and mark_safe(provider_context.human_name) or _('unknown'), 'login_type':provider_context.id, 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request))
def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: request.session['auth_error'] = _( "You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account." ) else: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create(message=_( 'The new credentials are now associated with your account' )) return HttpResponseRedirect( reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider from forum.authentication.drupal_auth_backend import DrupalAuthBackend open_id_user = DrupalAuthBackend.get_openid_user(assoc_key) if open_id_user: uassoc = AuthKeyUserAssociation(user=open_id_user, key=assoc_key, provider=provider) uassoc.save() return login_and_forward(request, open_id_user) else: # Cann't allow users to authenticate with openid credentials not used at p2pu.org. request.session['auth_error'] = _( "Sorry, these openid login credentials were not found at p2pu.org. (%s)" % assoc_key)
def process_provider_signin(request, provider): if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: assoc_key = provider_class.process_authentication_request(request) except InvalidAuthentication, e: request.session['auth_error'] = e.message return HttpResponseRedirect(reverse('auth_signin')) if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) else: request.session['auth_error'] = _( "You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: request.session['auth_error'] = _( "These login credentials are already associated with your account." ) else: request.session['auth_error'] = _( "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() request.user.message_set.create(message=_( 'The new credentials are now associated with your account' )) return HttpResponseRedirect( reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) except: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider try: # update the key of AuthKeyUserAssociation if the user(email) already # exists user_data = provider_class.get_user_data(assoc_key) if not user_data: user_data = request.session.get('auth_consumer_data', {}) email = user_data.get('email', '') if email: user_ = User.objects.get(email=email) if user_: assoc = AuthKeyUserAssociation.objects.get( user=user_.id) if assoc: # update the key of AuthKeyUserAssociation # old assoc does not work when domain or secret key changed assoc.key = assoc_key assoc.save() return login_and_forward(request, user_) except: pass return HttpResponseRedirect(reverse('auth_external_register'))
def external_register(request): if request.method == 'POST' and 'bnewaccount' in request.POST: form1 = SimpleRegistrationForm(request.POST) email_feeds_form = SimpleEmailSubscribeForm(request.POST) if (form1.is_valid() and email_feeds_form.is_valid()): user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email']) user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email'] user_.set_unusable_password() if User.objects.all().count() == 0: user_.is_superuser = True user_.save() if not user_.email_isvalid: send_validation_email(user_) try: assoc_key = request.session['assoc_key'] auth_provider = request.session['auth_provider'] except: request.session['auth_error'] = _("Oops, something went wrong in the middle of this process. Please try again.") return HttpResponseRedirect(request.session.get('on_signin_url', reverse('auth_signin'))) uassoc = AuthKeyUserAssociation(user=user_, key=request.session['assoc_key'], provider=request.session['auth_provider']) uassoc.save() if email_feeds_form.cleaned_data['subscribe'] == 'n': user_.subscription_settings.enable_notifications = False user_.subscription_settings.save() del request.session['assoc_key'] del request.session['auth_provider'] if user_.email_isvalid: return login_and_forward(request, user_) else: return HttpResponseRedirect(reverse('index')) else: provider_class = AUTH_PROVIDERS[request.session['auth_provider']].consumer user_data = provider_class.get_user_data(request.session['assoc_key']) username = user_data.get('username', '') email = user_data.get('email', '') if not email: email = request.session.get('auth_email_request', '') if email: request.session['auth_validated_email'] = email form1 = SimpleRegistrationForm(initial={ 'next': '/', 'username': username, 'email': email, }) email_feeds_form = SimpleEmailSubscribeForm() provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context return render_to_response('auth/complete.html', { 'form1': form1, 'email_feeds_form': email_feeds_form, 'provider':mark_safe(provider_context.human_name), 'login_type':provider_context.id, 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request))