def signin(request):
"""
signin page. It manage the legacy authentification (user/password)
and authentification with openid.
url: /signin/
template : authopenid/signin.htm
"""
on_failure = signin_failure
next = ''
if request.GET.get('next') and is_valid_next_url(request.GET['next']):
next = request.GET.get('next', '').strip()
if not next or not is_valid_next_url(next):
next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/')
form_signin = OpenidSigninForm(initial={'next': next})
form_auth = OpenidAuthForm(initial={'next': next})
if request.POST:
if 'bsignin' in request.POST.keys():
form_signin = OpenidSigninForm(request.POST)
if form_signin.is_valid():
next = form_signin.cleaned_data['next']
if not next:
next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/')
sreg_req = sreg.SRegRequest(optional=['nickname', 'email'])
redirect_to = "%s%s?%s" % (get_url_host(request),
reverse('user_complete_signin'),
urllib.urlencode({'next': next}))
return ask_openid(request,
form_signin.cleaned_data['openid_url'],
redirect_to,
on_failure=signin_failure,
sreg_request=sreg_req)
elif 'blogin' in request.POST.keys():
# perform normal django authentification
form_auth = OpenidAuthForm(request.POST)
if form_auth.is_valid():
user_ = form_auth.get_user()
login(request, user_)
next = form_auth.cleaned_data['next']
if not next:
next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/')
return HttpResponseRedirect(next)
return render('authopenid/signin.html', {
'form1': form_auth,
'form2': form_signin,
'msg': request.GET.get('msg', ''),
'sendpw_url': reverse('user_sendpw'),
},
context_instance=RequestContext(request))
def signin(request):
"""
signin page. It manage the legacy authentification (user/password)
and authentification with openid.
url: /signin/
template : authopenid/signin.htm
"""
request.encoding = 'UTF-8'
on_failure = signin_failure
next = clean_next(request.GET.get('next'))
form_signin = OpenidSigninForm(initial={'next':next})
form_auth = OpenidAuthForm(initial={'next':next})
if request.POST:
if 'bsignin' in request.POST.keys():
form_signin = OpenidSigninForm(request.POST)
if form_signin.is_valid():
next = clean_next(form_signin.cleaned_data.get('next'))
sreg_req = sreg.SRegRequest(optional=['nickname', 'email'])
redirect_to = "%s%s?%s" % (
get_url_host(request),
reverse('user_complete_signin'),
urllib.urlencode({'next':next})
)
return ask_openid(request,
form_signin.cleaned_data['openid_url'],
redirect_to,
on_failure=signin_failure,
sreg_request=sreg_req)
elif 'blogin' in request.POST.keys():
# perform normal django authentification
form_auth = OpenidAuthForm(request.POST)
if form_auth.is_valid():
user_ = form_auth.get_user()
login(request, user_)
next = clean_next(form_auth.cleaned_data.get('next'))
return HttpResponseRedirect(next)
return render('authopenid/signin.html', {
'form1': form_auth,
'form2': form_signin,
'msg': request.GET.get('msg',''),
'sendpw_url': reverse('user_sendpw'),
}, context_instance=RequestContext(request))
def home(request):
form1 = OpenidSigninForm()
form2 = AuthenticationForm()
return render(request, "home.html", {
'form1': form1,
'form2': form2
})
def signup(request):
"""
signup page. Create a legacy account
url : /signup/"
templates: authopenid/signup.html, authopenid/confirm_email.txt
"""
action_signin = reverse('user_signin')
next = request.GET.get('next', '')
if not next or not is_valid_next_url(next):
next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/')
form = RegistrationForm(initial={'next': next})
form_signin = OpenidSigninForm(initial={'next': next})
if request.POST:
form = RegistrationForm(request.POST)
if form.is_valid():
next = form.cleaned_data.get('next', '')
if not next or not is_valid_next_url(next):
next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/')
user_ = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password1'])
user_.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user_)
# send email
current_domain = Site.objects.get_current().domain
subject = _("Welcome")
message_template = loader.get_template(
'authopenid/confirm_email.txt')
message_context = Context({
'site_url':
'http://%s/' % current_domain,
'username':
form.cleaned_data['username'],
'password':
form.cleaned_data['password1']
})
message = message_template.render(message_context)
send_mail(subject, message, settings.DEFAULT_FROM_EMAIL,
[user_.email])
return HttpResponseRedirect(next)
return render('authopenid/signup.html', {
'form': form,
'form2': form_signin,
},
context_instance=RequestContext(request))
def signin_failure(request, message):
"""
falure with openid signin. Go back to signin page.
template : "authopenid/signin.html"
"""
next = clean_next(request.GET.get('next'))
form_signin = OpenidSigninForm(initial={'next': next})
form_auth = OpenidAuthForm(initial={'next': next})
return render('authopenid/signin.html', {
'msg': message,
'form1': form_auth,
'form2': form_signin,
}, context_instance=RequestContext(request))
def signin_failure(request, message):
"""
falure with openid signin. Go back to signin page.
template : "authopenid/signin.html"
"""
logging.debug('')
next = get_next_url(request)
form_signin = OpenidSigninForm(initial={'next': next})
form_auth = ClassicLoginForm(initial={'next': next})
return render_to_response('authopenid/signin.html', {
'msg': message,
'form1': form_auth,
'form2': form_signin,
}, context_instance=RequestContext(request))
def signin(request, newquestion=False, newanswer=False):
"""
signin page. It manage the legacy authentification (user/password)
and authentification with openid.
url: /signin/
template : authopenid/signin.htm
"""
request.encoding = "UTF-8"
on_failure = signin_failure
next = clean_next(request.GET.get("next"))
form_signin = OpenidSigninForm(initial={"next": next})
form_auth = OpenidAuthForm(initial={"next": next})
if request.POST:
if "bsignin" in request.POST.keys() or "openid_username" in request.POST.keys():
form_signin = OpenidSigninForm(request.POST)
if form_signin.is_valid():
next = clean_next(form_signin.cleaned_data.get("next"))
sreg_req = sreg.SRegRequest(optional=["nickname", "email"])
redirect_to = "%s%s?%s" % (
get_url_host(request),
reverse("user_complete_signin"),
urllib.urlencode({"next": next}),
)
return ask_openid(
request,
form_signin.cleaned_data["openid_url"],
redirect_to,
on_failure=signin_failure,
sreg_request=sreg_req,
)
elif "blogin" in request.POST.keys():
# perform normal django authentification
form_auth = OpenidAuthForm(request.POST)
if form_auth.is_valid():
user_ = form_auth.get_user()
login(request, user_)
next = clean_next(form_auth.cleaned_data.get("next"))
return HttpResponseRedirect(next)
question = None
if newquestion == True:
from forum.models import AnonymousQuestion as AQ
session_key = request.session.session_key
qlist = AQ.objects.filter(session_key=session_key).order_by("-added_at")
if len(qlist) > 0:
question = qlist[0]
answer = None
if newanswer == True:
from forum.models import AnonymousAnswer as AA
session_key = request.session.session_key
alist = AA.objects.filter(session_key=session_key).order_by("-added_at")
if len(alist) > 0:
answer = alist[0]
return render(
"authopenid/signin.html",
{
"question": question,
"answer": answer,
"form1": form_auth,
"form2": form_signin,
"msg": request.GET.get("msg", ""),
"sendpw_url": reverse("user_sendpw"),
},
context_instance=RequestContext(request),
)
def signin(request,newquestion=False,newanswer=False):
"""
signin page. It manages the legacy authentification (user/password)
and openid authentification
url: /signin/
template : authopenid/signin.htm
"""
logging.debug('in signin view')
request.encoding = 'UTF-8'
on_failure = signin_failure
email_feeds_form = SimpleEmailSubscribeForm()
next = get_next_url(request)
form_signin = OpenidSigninForm(initial={'next':next})
form_auth = ClassicLoginForm(initial={'next':next})
if request.method == 'POST':
#'blogin' - password login
if 'blogin' in request.POST.keys():
logging.debug('processing classic login form submission')
form_auth = ClassicLoginForm(request.POST)
if form_auth.is_valid():
#have login and password and need to login through external website
if settings.USE_EXTERNAL_LEGACY_LOGIN == True:
username = form_auth.cleaned_data['username']
password = form_auth.cleaned_data['password']
next = form_auth.cleaned_data['next']
if form_auth.get_user() == None:
#need to create internal user
#1) save login and password temporarily in session
request.session['external_username'] = username
request.session['external_password'] = password
#2) try to extract user email and nickname from external service
email = EXTERNAL_LOGIN_APP.api.get_email(username,password)
screen_name = EXTERNAL_LOGIN_APP.api.get_screen_name(username,password)
#3) see if username clashes with some existing user
#if so, we have to prompt the user to pick a different name
username_taken = User.is_username_taken(screen_name)
email_feeds_form = SimpleEmailSubscribeForm()
form_data = {'username':screen_name,'email':email,'next':next}
form = OpenidRegisterForm(initial=form_data)
template_data = {'form1':form,'username':screen_name,\
'email_feeds_form':email_feeds_form,\
'provider':mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME),\
'login_type':'legacy',\
'gravatar_faq_url':reverse('faq') + '#gravatar',\
'external_login_name_is_taken':username_taken}
return render_to_response('authopenid/complete.html',template_data,\
context_instance=RequestContext(request))
else:
#user existed, external password is ok
user = form_auth.get_user()
login(request,user)
response = HttpResponseRedirect(get_next_url(request))
EXTERNAL_LOGIN_APP.api.set_login_cookies(response,user)
return response
else:
#regular password authentication
user = form_auth.get_user()
login(request, user)
return HttpResponseRedirect(get_next_url(request))
elif 'bnewaccount' in request.POST.keys():
logging.debug('processing classic (login/password) create account form submission')
#register externally logged in password user with a new local account
if settings.USE_EXTERNAL_LEGACY_LOGIN == True:
form = OpenidRegisterForm(request.POST)
email_feeds_form = SimpleEmailSubscribeForm(request.POST)
form1_is_valid = form.is_valid()
form2_is_valid = email_feeds_form.is_valid()
if form1_is_valid and form2_is_valid:
#create the user
username = form.cleaned_data['username']
password = request.session.get('external_password',None)
email = form.cleaned_data['email']
if password and username:
User.objects.create_user(username,email,password)
user = authenticate(username=username,password=password)
EXTERNAL_LOGIN_APP.api.connect_local_user_to_external_user(user,username,password)
external_username = request.session['external_username']
eld = ExternalLoginData.objects.get(external_username=external_username)
eld.user = user
eld.save()
login(request,user)
email_feeds_form.save(user)
del request.session['external_username']
del request.session['external_password']
response = HttpResponseRedirect(reverse('index'))
EXTERNAL_LOGIN_APP.api.set_login_cookies(response, user)
return response
else:
if password:
del request.session['external_username']
if username:
del request.session['external_password']
return HttpResponseServerError()
else:
username = request.POST.get('username',None)
provider = mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME)
username_taken = User.is_username_taken(username)
data = {'login_type':'legacy','form1':form,'username':username,\
'email_feeds_form':email_feeds_form,'provider':provider,\
'gravatar_faq_url':reverse('faq') + '#gravatar',\
'external_login_name_is_taken':username_taken}
return render_to_response('authopenid/complete.html',data,
context_instance=RequestContext(request))
else:
raise Http404
elif 'bsignin' in request.POST.keys() or 'openid_username' in request.POST.keys():
logging.debug('processing signin with openid submission')
form_signin = OpenidSigninForm(request.POST)
if form_signin.is_valid():
logging.debug('OpenidSigninForm is valid')
next = form_signin.cleaned_data['next']
sreg_req = sreg.SRegRequest(optional=['nickname', 'email'])
redirect_to = "%s%s?%s" % (
get_url_host(request),
reverse('user_complete_signin'),
urllib.urlencode({'next':next})
)
return ask_openid(request,
form_signin.cleaned_data['openid_url'],
redirect_to,
on_failure=signin_failure,
sreg_request=sreg_req)
else:
logging.debug('OpenidSigninForm is NOT valid! -> redisplay login view')
#if request is GET
if request.method == 'GET':
logging.debug('request method was GET')
question = None
if newquestion == True:
from forum.models import AnonymousQuestion as AQ
session_key = request.session.session_key
logging.debug('retrieving anonymously posted question associated with session %s' % session_key)
qlist = AQ.objects.filter(session_key=session_key).order_by('-added_at')
if len(qlist) > 0:
question = qlist[0]
answer = None
if newanswer == True:
from forum.models import AnonymousAnswer as AA
session_key = request.session.session_key
logging.debug('retrieving posted answer associated with session %s' % session_key)
alist = AA.objects.filter(session_key=session_key).order_by('-added_at')
if len(alist) > 0:
answer = alist[0]
logging.debug('showing signin view')
return render_to_response('authopenid/signin.html', {
'question':question,
'answer':answer,
'form1': form_auth,
'form2': form_signin,
'msg': request.GET.get('msg',''),
'sendpw_url': reverse('user_sendpw'),
'fb_api_key': settings.FB_API_KEY,
}, context_instance=RequestContext(request))
def signin(request,newquestion=False,newanswer=False):
"""
signin page. It manage the legacy authentification (user/password)
and authentification with openid.
url: /signin/
template : authopenid/signin.htm
"""
request.encoding = 'UTF-8'
on_failure = signin_failure
next = clean_next(request.GET.get('next'))
form_signin = OpenidSigninForm(initial={'next':next})
form_auth = OpenidAuthForm(initial={'next':next})
if request.POST:
if 'bsignin' in request.POST.keys() or 'openid_username' in request.POST.keys():
form_signin = OpenidSigninForm(request.POST)
if form_signin.is_valid():
next = clean_next(form_signin.cleaned_data.get('next'))
sreg_req = sreg.SRegRequest(optional=['nickname', 'email'])
redirect_to = "%s%s?%s" % (
get_url_host(request),
reverse('user_complete_signin'),
urllib.urlencode({'next':next})
)
return ask_openid(request,
form_signin.cleaned_data['openid_url'],
redirect_to,
on_failure=signin_failure,
sreg_request=sreg_req)
elif 'blogin' in request.POST.keys():
# perform normal django authentification
form_auth = OpenidAuthForm(request.POST)
if form_auth.is_valid():
user_ = form_auth.get_user()
login(request, user_)
next = clean_next(form_auth.cleaned_data.get('next'))
return HttpResponseRedirect(next)
question = None
if newquestion == True:
from forum.models import AnonymousQuestion as AQ
session_key = request.session.session_key
qlist = AQ.objects.filter(session_key=session_key).order_by('-added_at')
if len(qlist) > 0:
question = qlist[0]
answer = None
if newanswer == True:
from forum.models import AnonymousAnswer as AA
session_key = request.session.session_key
alist = AA.objects.filter(session_key=session_key).order_by('-added_at')
if len(alist) > 0:
answer = alist[0]
return render('authopenid/signin.html', {
'question':question,
'answer':answer,
'form1': form_auth,
'form2': form_signin,
'msg': request.GET.get('msg',''),
'sendpw_url': reverse('user_sendpw'),
}, context_instance=RequestContext(request))
def login(request, template_name='auth/login.html'):
if request.method == 'GET':
goto_url = clean_next(request.GET.get('next', None))
return render_to_response(request, template_name, {'goto_url': goto_url})
elif request.method == "POST":
if 'bsignin' in request.POST.keys():
# openid_login
openid_login_form = OpenidSigninForm(request.POST)
if openid_login_form.is_valid():
next = clean_next(openid_login_form.cleaned_data.get('next'))
sreg_req = sreg.SRegRequest(optional=['fullname', 'nickname', 'email'])
redirect_to = "%s%s?%s" % (
get_url_host(request),
reverse('auth_openid_login_complete'),
urllib.urlencode({'next': next}))
return ask_openid(request,
openid_login_form.cleaned_data['openid_url'],
redirect_to,
on_failure=openid_login_failure,
sreg_request=sreg_req)
else:
return render_login_form(request, '/', message='Invalid OpenID login form.')
else:
#normal login
username = request.POST.get('username', None)
password = request.POST.get('password', None)
remember_me = request.POST.get('remember', None)
if remember_me and smart_str(remember_me) != 'on':
return HttpResponseBadRequest('Invalid input parameters!')
remember_me = (remember_me == 'on')
is_ajax = request.is_ajax()
if not is_ajax:
goto_url = request.POST.get('goto', '/')
if ((username is None) or (username.strip() == '')) or \
((password is None) or (password.strip() == '')):
if is_ajax:
data = {'success': True,
'data': {'name': 'Bad Login'}}
return JSONResponse(data)
else:
# return render_to_response(template_name, {'goto_url': goto_url,
# 'error_message': 'Both username and password are required.'})
return render_login_form(request,
goto_url,
message='Both username and password are required.')
user = auth.authenticate(username=smart_str(username), password=smart_str(password))
if user is not None and user.is_active:
login_failure = False
request.session[settings.PERSISTENT_SESSION_KEY] = remember_me
auth.login(request, user)
#logging
log.info('username=%s clientip=%s action=user_login', getattr(request.user, 'username', ''), request.META.get('REMOTE_ADDR', ''))
if is_ajax:
data = {'success': True,
'data': dict(username=user.username,
name=user.get_full_name(),
can_share=user.groups.filter(name='can_share').count() > 0,
#is_gnf_user=user.groups.filter(name='gnfusers').count()>0,
is_gnf_user=user.is_gnf_user,
is_nvs_user=user.is_nvs_user,
profile=user.profile)}
else:
return HttpResponseRedirectWithIEFix(request, goto_url)
else:
login_failure = True
if login_failure:
if is_ajax:
data = {'success': True,
'data': {'name': 'Bad Login'}}
else:
if user is not None and not user.is_active:
#if username/password are correct, but user is not activated yet.
#show a more specific err msg below
msg = "Your user account has not been activated yet. Activate your account first using the link we sent to you via email."
else:
msg = 'Please enter a correct username and password. Note that both fields are case-sensitive.'
return render_login_form(request,
goto_url,
message=msg)
if is_ajax:
return JSONResponse(data)
def signin(request, newquestion=False, newanswer=False):
"""
signin page. It manage the legacy authentification (user/password)
and authentification with openid.
url: /signin/
template : authopenid/signin.htm
"""
request.encoding = 'UTF-8'
on_failure = signin_failure
next = clean_next(request.GET.get('next'))
form_signin = OpenidSigninForm(initial={'next': next})
form_auth = OpenidAuthForm(initial={'next': next})
if request.POST:
if 'bsignin' in request.POST.keys(
) or 'openid_username' in request.POST.keys():
form_signin = OpenidSigninForm(request.POST)
if form_signin.is_valid():
next = clean_next(form_signin.cleaned_data.get('next'))
sreg_req = sreg.SRegRequest(optional=['nickname', 'email'])
redirect_to = "%s%s?%s" % (get_url_host(request),
reverse('user_complete_signin'),
urllib.urlencode({'next': next}))
return ask_openid(request,
form_signin.cleaned_data['openid_url'],
redirect_to,
on_failure=signin_failure,
sreg_request=sreg_req)
elif 'blogin' in request.POST.keys():
# perform normal django authentification
form_auth = OpenidAuthForm(request.POST)
if form_auth.is_valid():
user_ = form_auth.get_user()
login(request, user_)
next = clean_next(form_auth.cleaned_data.get('next'))
return HttpResponseRedirect(next)
question = None
if newquestion == True:
from forum.models import AnonymousQuestion as AQ
session_key = request.session.session_key
qlist = AQ.objects.filter(
session_key=session_key).order_by('-added_at')
if len(qlist) > 0:
question = qlist[0]
answer = None
if newanswer == True:
from forum.models import AnonymousAnswer as AA
session_key = request.session.session_key
alist = AA.objects.filter(
session_key=session_key).order_by('-added_at')
if len(alist) > 0:
answer = alist[0]
return render('authopenid/signin.html', {
'question': question,
'answer': answer,
'form1': form_auth,
'form2': form_signin,
'msg': request.GET.get('msg', ''),
'sendpw_url': reverse('user_sendpw'),
},
context_instance=RequestContext(request))
