def login(request, template): """Try to log the user in.""" if request.method == 'GET' and not request.MOBILE: url = reverse('users.auth') + '?' + request.GET.urlencode() return HttpResponsePermanentRedirect(url) next_url = get_next_url(request) or reverse('home') form = handle_login(request) if request.user.is_authenticated(): # Add a parameter so we know the user just logged in. # fpa = "first page authed" or something. next_url = urlparams(next_url, fpa=1) res = HttpResponseRedirect(next_url) max_age = (None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE else settings.SESSION_COOKIE_AGE) res.set_cookie(settings.SESSION_EXISTS_COOKIE, '1', secure=False, max_age=max_age) return res if request.MOBILE: return render(request, template, {'form': form, 'next_url': next_url}) return user_auth(request, login_form=form)
def login(request, template): """Try to log the user in.""" if request.method == 'GET' and not request.MOBILE: url = reverse('users.auth') + '?' + request.GET.urlencode() return HttpResponsePermanentRedirect(url) next_url = get_next_url(request) or reverse('home') form = handle_login(request) if request.user.is_authenticated(): # Add a parameter so we know the user just logged in. # fpa = "first page authed" or something. next_url = urlparams(next_url, fpa=1) res = HttpResponseRedirect(next_url) max_age = (None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE else settings.SESSION_COOKIE_AGE) res.set_cookie(settings.SESSION_EXISTS_COOKIE, '1', secure=False, max_age=max_age) return res if request.MOBILE: return render(request, template, { 'form': form, 'next_url': next_url}) return user_auth(request, login_form=form)
def user_auth(request, notification=None): """ Show user authorization page which includes a link for FXA sign-up/login and the legacy login form """ next_url = get_next_url(request) or reverse("home") help_text = _( "Continuing with Firefox Accounts means you have agreed with the " + "{terms_open}Terms and Conditions{terms_close} and " + "{privacy_open}Privacy Policy{privacy_close}.").format( terms_open= "<a href='https://www.mozilla.org/about/legal/terms/services/'>", terms_close="</a>", privacy_open="<a href='https://www.mozilla.org/privacy/firefox/'>", privacy_close="</a>", ) return render( request, "users/auth.html", { "next_url": next_url, "notification": notification, "auth_page_help_text": help_text }, )
def logout(request): """Log the user out.""" auth.logout(request) statsd.incr("user.logout") res = HttpResponseRedirect(get_next_url(request) or reverse("home")) res.delete_cookie(settings.SESSION_EXISTS_COOKIE) return res
def logout(request): """Log the user out.""" auth.logout(request) statsd.incr('user.logout') res = HttpResponseRedirect(get_next_url(request) or reverse('home')) res.delete_cookie(settings.SESSION_EXISTS_COOKIE) return res
def join_contributors(request): """Join the Contributors group.""" next = get_next_url(request) or reverse('home') group = Group.objects.get(name='Contributors') request.user.groups.add(group) messages.add_message(request, messages.SUCCESS, _('You are now part of the Contributors group!')) return HttpResponseRedirect(next)
def user_auth(request, notification=None): """ Show user authorization page which includes a link for FXA sign-up/login and the legacy login form """ next_url = get_next_url(request) or reverse("home") return render(request, "users/auth.html", { "next_url": next_url, "notification": notification })
def user_auth(request, notification=None): """ Show user authorization page which includes a link for FXA sign-up/login and the legacy login form """ next_url = get_next_url(request) or reverse('home') return render(request, 'users/auth.html', { 'next_url': next_url, 'notification': notification })
def logout(request, already_migrated=False): """Log the user out.""" auth.logout(request) statsd.incr('user.logout') if already_migrated: res = user_auth(request, notification='already_migrated') else: res = HttpResponseRedirect(get_next_url(request) or reverse('home')) res.delete_cookie(settings.SESSION_EXISTS_COOKIE) return res
def watch_locale(request): """Watch/unwatch a locale.""" locale = request.LANGUAGE_CODE if request.POST.get("watch") == "yes": NewPostInLocaleEvent.notify(request.user, locale=locale) NewThreadInLocaleEvent.notify(request.user, locale=locale) else: NewPostInLocaleEvent.stop_notifying(request.user, locale=locale) NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale) # If there is no next url, send the user to the home page. return HttpResponseRedirect(get_next_url(request) or reverse("home"))
def watch_locale(request): """Watch/unwatch a locale.""" locale = request.LANGUAGE_CODE if request.POST.get('watch') == 'yes': NewPostInLocaleEvent.notify(request.user, locale=locale) NewThreadInLocaleEvent.notify(request.user, locale=locale) statsd.incr('kbforums.watches.locale') else: NewPostInLocaleEvent.stop_notifying(request.user, locale=locale) NewThreadInLocaleEvent.stop_notifying(request.user, locale=locale) # If there is no next url, send the user to the home page. return HttpResponseRedirect(get_next_url(request) or reverse('home'))
def user_auth(request, contributor=False, register_form=None, login_form=None): """Try to log the user in, or register a user. POSTs from these forms do not come back to this view, but instead go to the login and register views, which may redirect back to this in case of error. """ next_url = get_next_url(request) or reverse("home") if login_form is None: login_form = AuthenticationForm() if register_form is None: register_form = RegisterForm() return render( request, "users/auth.html", {"login_form": login_form, "register_form": register_form, "contributor": contributor, "next_url": next_url}, )
def user_auth(request, contributor=False, register_form=None, login_form=None): """Try to log the user in, or register a user. POSTs from these forms do not come back to this view, but instead go to the login and register views, which may redirect back to this in case of error. """ next_url = get_next_url(request) or reverse('home') if login_form is None: login_form = AuthenticationForm() if register_form is None: register_form = RegisterForm() return render(request, 'users/auth.html', { 'login_form': login_form, 'register_form': register_form, 'contributor': contributor, 'next_url': next_url})
def user_auth(request, login_form=None, notification=None): """ Show user authorization page which includes a link for FXA sign-up/login and the legacy login form """ next_url = get_next_url(request) or reverse('home') if login_form is None: login_form = AuthenticationForm() # on load, decide whether legacy or FXA form is visible legacy_form_visible = bool(login_form.errors) return render( request, 'users/auth.html', { 'login_form': login_form, 'next_url': next_url, 'notification': notification, 'legacy_form_visible': legacy_form_visible, })
def login(request, template): """Try to log the user in.""" if request.method == "GET" and not request.MOBILE: url = reverse("users.auth") + "?" + request.GET.urlencode() return HttpResponsePermanentRedirect(url) next_url = get_next_url(request) or reverse("home") only_active = request.POST.get("inactive", "0") != "1" form = handle_login(request, only_active=only_active) if request.user.is_authenticated(): # Add a parameter so we know the user just logged in. # fpa = "first page authed" or something. next_url = urlparams(next_url, fpa=1) res = HttpResponseRedirect(next_url) max_age = None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE else settings.SESSION_COOKIE_AGE res.set_cookie(settings.SESSION_EXISTS_COOKIE, "1", secure=False, max_age=max_age) return res if request.MOBILE: return render(request, template, {"form": form, "next_url": next_url}) return user_auth(request, login_form=form)
def test_query_string(self): """Query-strings remain intact.""" r = self.r.get('/', {'next': '/new?f=b'}) eq_('/new?f=b', get_next_url(r))
def test_bad_host_https_debug(self): """If settings.DEBUG == True, bad hosts pass.""" r = self.r.get("/", {"next": "https://example.com"}) with self.settings(DEBUG=True): eq_("https://example.com", get_next_url(r))
def test_get(self): """'next' can be a query-string parameter.""" r = self.r.get("/users/login", {"next": "/kb/new"}) eq_("/kb/new", get_next_url(r))
def test_bad_host_protocol_relative(self): """Protocol-relative URLs do not let bad hosts through.""" r = self.r.get('/', {'next': '//example.com'}) eq_(None, get_next_url(r))
def test_referer(self): """Use HTTP referer if nothing else.""" r = self.r.get('/') r.META['HTTP_REFERER'] = 'http://su.mo.com/new' eq_('http://su.mo.com/new', get_next_url(r))
def test_post(self): """'next' in POST overrides GET.""" r = self.r.post('/?next=/foo', {'next': '/bar'}) eq_('/bar', get_next_url(r))
def _get_next_url_fallback_localization(request): return get_next_url(request) or reverse('dashboards.localization')
def test_bad_host_https(self): r = self.r.get('/', {'next': 'https://example.com'}) eq_(None, get_next_url(r))
def test_get(self): """'next' can be a query-string parameter.""" r = self.r.get('/users/login', {'next': '/kb/new'}) eq_('/kb/new', get_next_url(r))
def test_good_host_https(self): """Full URLs work with valid hosts.""" r = self.r.post('/users/login', {'next': 'https://su.mo.com/kb/new'}) eq_('https://su.mo.com/kb/new', get_next_url(r))
def test_bad_host_protocol_relative(self): """Protocol-relative URLs do not let bad hosts through.""" r = self.r.get("/", {"next": "//example.com"}) eq_(None, get_next_url(r))
def test_good_host_https(self): """Full URLs work with valid hosts.""" r = self.r.post("/users/login", {"next": "https://su.mo.com/kb/new"}) eq_("https://su.mo.com/kb/new", get_next_url(r))
def test_bad_host_https(self): r = self.r.get("/", {"next": "https://example.com"}) eq_(None, get_next_url(r))
def test_referer(self): """Use HTTP referer if nothing else.""" r = self.r.get("/") r.META["HTTP_REFERER"] = "http://su.mo.com/new" eq_("http://su.mo.com/new", get_next_url(r))
def locales(request, template): """The locale switcher page.""" return render(request, template, dict( next_url=get_next_url(request) or reverse('home')))
def test_post(self): """'next' in POST overrides GET.""" r = self.r.post("/?next=/foo", {"next": "/bar"}) eq_("/bar", get_next_url(r))
def locales(request): """The locale switcher page.""" template = 'sumo/locales.html' return render(request, template, dict(next_url=get_next_url(request) or reverse('home')))
def test_bad_host_https_debug(self): """If settings.DEBUG == True, bad hosts pass.""" r = self.r.get('/', {'next': 'https://example.com'}) with self.settings(DEBUG=True): eq_('https://example.com', get_next_url(r))
def test_query_string(self): """Query-strings remain intact.""" r = self.r.get("/", {"next": "/new?f=b"}) eq_("/new?f=b", get_next_url(r))