def signin(request): """ signin page. It manage the legacy authentification (user/password) and authentification with openid. url: /signin/ template : authopenid/signin.htm """ on_failure = signin_failure next = '' if request.GET.get('next') and is_valid_next_url(request.GET['next']): next = request.GET.get('next', '').strip() if not next or not is_valid_next_url(next): next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/') form_signin = OpenidSigninForm(initial={'next': next}) form_auth = OpenidAuthForm(initial={'next': next}) if request.POST: if 'bsignin' in request.POST.keys(): form_signin = OpenidSigninForm(request.POST) if form_signin.is_valid(): next = form_signin.cleaned_data['next'] if not next: next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/') sreg_req = sreg.SRegRequest(optional=['nickname', 'email']) redirect_to = "%s%s?%s" % (get_url_host(request), reverse('user_complete_signin'), urllib.urlencode({'next': next})) return ask_openid(request, form_signin.cleaned_data['openid_url'], redirect_to, on_failure=signin_failure, sreg_request=sreg_req) elif 'blogin' in request.POST.keys(): # perform normal django authentification form_auth = OpenidAuthForm(request.POST) if form_auth.is_valid(): user_ = form_auth.get_user() login(request, user_) next = form_auth.cleaned_data['next'] if not next: next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/') return HttpResponseRedirect(next) return render('authopenid/signin.html', { 'form1': form_auth, 'form2': form_signin, 'msg': request.GET.get('msg', ''), 'sendpw_url': reverse('user_sendpw'), }, context_instance=RequestContext(request))
def signin(request): """ signin page. It manage the legacy authentification (user/password) and authentification with openid. url: /signin/ template : authopenid/signin.htm """ request.encoding = 'UTF-8' on_failure = signin_failure next = clean_next(request.GET.get('next')) form_signin = OpenidSigninForm(initial={'next':next}) form_auth = OpenidAuthForm(initial={'next':next}) if request.POST: if 'bsignin' in request.POST.keys(): form_signin = OpenidSigninForm(request.POST) if form_signin.is_valid(): next = clean_next(form_signin.cleaned_data.get('next')) sreg_req = sreg.SRegRequest(optional=['nickname', 'email']) redirect_to = "%s%s?%s" % ( get_url_host(request), reverse('user_complete_signin'), urllib.urlencode({'next':next}) ) return ask_openid(request, form_signin.cleaned_data['openid_url'], redirect_to, on_failure=signin_failure, sreg_request=sreg_req) elif 'blogin' in request.POST.keys(): # perform normal django authentification form_auth = OpenidAuthForm(request.POST) if form_auth.is_valid(): user_ = form_auth.get_user() login(request, user_) next = clean_next(form_auth.cleaned_data.get('next')) return HttpResponseRedirect(next) return render('authopenid/signin.html', { 'form1': form_auth, 'form2': form_signin, 'msg': request.GET.get('msg',''), 'sendpw_url': reverse('user_sendpw'), }, context_instance=RequestContext(request))
def home(request): form1 = OpenidSigninForm() form2 = AuthenticationForm() return render(request, "home.html", { 'form1': form1, 'form2': form2 })
def signup(request): """ signup page. Create a legacy account url : /signup/" templates: authopenid/signup.html, authopenid/confirm_email.txt """ action_signin = reverse('user_signin') next = request.GET.get('next', '') if not next or not is_valid_next_url(next): next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/') form = RegistrationForm(initial={'next': next}) form_signin = OpenidSigninForm(initial={'next': next}) if request.POST: form = RegistrationForm(request.POST) if form.is_valid(): next = form.cleaned_data.get('next', '') if not next or not is_valid_next_url(next): next = getattr(settings, 'OPENID_REDIRECT_NEXT', '/') user_ = User.objects.create_user(form.cleaned_data['username'], form.cleaned_data['email'], form.cleaned_data['password1']) user_.backend = "django.contrib.auth.backends.ModelBackend" login(request, user_) # send email current_domain = Site.objects.get_current().domain subject = _("Welcome") message_template = loader.get_template( 'authopenid/confirm_email.txt') message_context = Context({ 'site_url': 'http://%s/' % current_domain, 'username': form.cleaned_data['username'], 'password': form.cleaned_data['password1'] }) message = message_template.render(message_context) send_mail(subject, message, settings.DEFAULT_FROM_EMAIL, [user_.email]) return HttpResponseRedirect(next) return render('authopenid/signup.html', { 'form': form, 'form2': form_signin, }, context_instance=RequestContext(request))
def signin_failure(request, message): """ falure with openid signin. Go back to signin page. template : "authopenid/signin.html" """ next = clean_next(request.GET.get('next')) form_signin = OpenidSigninForm(initial={'next': next}) form_auth = OpenidAuthForm(initial={'next': next}) return render('authopenid/signin.html', { 'msg': message, 'form1': form_auth, 'form2': form_signin, }, context_instance=RequestContext(request))
def signin_failure(request, message): """ falure with openid signin. Go back to signin page. template : "authopenid/signin.html" """ logging.debug('') next = get_next_url(request) form_signin = OpenidSigninForm(initial={'next': next}) form_auth = ClassicLoginForm(initial={'next': next}) return render_to_response('authopenid/signin.html', { 'msg': message, 'form1': form_auth, 'form2': form_signin, }, context_instance=RequestContext(request))
def signin(request, newquestion=False, newanswer=False): """ signin page. It manage the legacy authentification (user/password) and authentification with openid. url: /signin/ template : authopenid/signin.htm """ request.encoding = "UTF-8" on_failure = signin_failure next = clean_next(request.GET.get("next")) form_signin = OpenidSigninForm(initial={"next": next}) form_auth = OpenidAuthForm(initial={"next": next}) if request.POST: if "bsignin" in request.POST.keys() or "openid_username" in request.POST.keys(): form_signin = OpenidSigninForm(request.POST) if form_signin.is_valid(): next = clean_next(form_signin.cleaned_data.get("next")) sreg_req = sreg.SRegRequest(optional=["nickname", "email"]) redirect_to = "%s%s?%s" % ( get_url_host(request), reverse("user_complete_signin"), urllib.urlencode({"next": next}), ) return ask_openid( request, form_signin.cleaned_data["openid_url"], redirect_to, on_failure=signin_failure, sreg_request=sreg_req, ) elif "blogin" in request.POST.keys(): # perform normal django authentification form_auth = OpenidAuthForm(request.POST) if form_auth.is_valid(): user_ = form_auth.get_user() login(request, user_) next = clean_next(form_auth.cleaned_data.get("next")) return HttpResponseRedirect(next) question = None if newquestion == True: from forum.models import AnonymousQuestion as AQ session_key = request.session.session_key qlist = AQ.objects.filter(session_key=session_key).order_by("-added_at") if len(qlist) > 0: question = qlist[0] answer = None if newanswer == True: from forum.models import AnonymousAnswer as AA session_key = request.session.session_key alist = AA.objects.filter(session_key=session_key).order_by("-added_at") if len(alist) > 0: answer = alist[0] return render( "authopenid/signin.html", { "question": question, "answer": answer, "form1": form_auth, "form2": form_signin, "msg": request.GET.get("msg", ""), "sendpw_url": reverse("user_sendpw"), }, context_instance=RequestContext(request), )
def signin(request,newquestion=False,newanswer=False): """ signin page. It manages the legacy authentification (user/password) and openid authentification url: /signin/ template : authopenid/signin.htm """ logging.debug('in signin view') request.encoding = 'UTF-8' on_failure = signin_failure email_feeds_form = SimpleEmailSubscribeForm() next = get_next_url(request) form_signin = OpenidSigninForm(initial={'next':next}) form_auth = ClassicLoginForm(initial={'next':next}) if request.method == 'POST': #'blogin' - password login if 'blogin' in request.POST.keys(): logging.debug('processing classic login form submission') form_auth = ClassicLoginForm(request.POST) if form_auth.is_valid(): #have login and password and need to login through external website if settings.USE_EXTERNAL_LEGACY_LOGIN == True: username = form_auth.cleaned_data['username'] password = form_auth.cleaned_data['password'] next = form_auth.cleaned_data['next'] if form_auth.get_user() == None: #need to create internal user #1) save login and password temporarily in session request.session['external_username'] = username request.session['external_password'] = password #2) try to extract user email and nickname from external service email = EXTERNAL_LOGIN_APP.api.get_email(username,password) screen_name = EXTERNAL_LOGIN_APP.api.get_screen_name(username,password) #3) see if username clashes with some existing user #if so, we have to prompt the user to pick a different name username_taken = User.is_username_taken(screen_name) email_feeds_form = SimpleEmailSubscribeForm() form_data = {'username':screen_name,'email':email,'next':next} form = OpenidRegisterForm(initial=form_data) template_data = {'form1':form,'username':screen_name,\ 'email_feeds_form':email_feeds_form,\ 'provider':mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME),\ 'login_type':'legacy',\ 'gravatar_faq_url':reverse('faq') + '#gravatar',\ 'external_login_name_is_taken':username_taken} return render_to_response('authopenid/complete.html',template_data,\ context_instance=RequestContext(request)) else: #user existed, external password is ok user = form_auth.get_user() login(request,user) response = HttpResponseRedirect(get_next_url(request)) EXTERNAL_LOGIN_APP.api.set_login_cookies(response,user) return response else: #regular password authentication user = form_auth.get_user() login(request, user) return HttpResponseRedirect(get_next_url(request)) elif 'bnewaccount' in request.POST.keys(): logging.debug('processing classic (login/password) create account form submission') #register externally logged in password user with a new local account if settings.USE_EXTERNAL_LEGACY_LOGIN == True: form = OpenidRegisterForm(request.POST) email_feeds_form = SimpleEmailSubscribeForm(request.POST) form1_is_valid = form.is_valid() form2_is_valid = email_feeds_form.is_valid() if form1_is_valid and form2_is_valid: #create the user username = form.cleaned_data['username'] password = request.session.get('external_password',None) email = form.cleaned_data['email'] if password and username: User.objects.create_user(username,email,password) user = authenticate(username=username,password=password) EXTERNAL_LOGIN_APP.api.connect_local_user_to_external_user(user,username,password) external_username = request.session['external_username'] eld = ExternalLoginData.objects.get(external_username=external_username) eld.user = user eld.save() login(request,user) email_feeds_form.save(user) del request.session['external_username'] del request.session['external_password'] response = HttpResponseRedirect(reverse('index')) EXTERNAL_LOGIN_APP.api.set_login_cookies(response, user) return response else: if password: del request.session['external_username'] if username: del request.session['external_password'] return HttpResponseServerError() else: username = request.POST.get('username',None) provider = mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME) username_taken = User.is_username_taken(username) data = {'login_type':'legacy','form1':form,'username':username,\ 'email_feeds_form':email_feeds_form,'provider':provider,\ 'gravatar_faq_url':reverse('faq') + '#gravatar',\ 'external_login_name_is_taken':username_taken} return render_to_response('authopenid/complete.html',data, context_instance=RequestContext(request)) else: raise Http404 elif 'bsignin' in request.POST.keys() or 'openid_username' in request.POST.keys(): logging.debug('processing signin with openid submission') form_signin = OpenidSigninForm(request.POST) if form_signin.is_valid(): logging.debug('OpenidSigninForm is valid') next = form_signin.cleaned_data['next'] sreg_req = sreg.SRegRequest(optional=['nickname', 'email']) redirect_to = "%s%s?%s" % ( get_url_host(request), reverse('user_complete_signin'), urllib.urlencode({'next':next}) ) return ask_openid(request, form_signin.cleaned_data['openid_url'], redirect_to, on_failure=signin_failure, sreg_request=sreg_req) else: logging.debug('OpenidSigninForm is NOT valid! -> redisplay login view') #if request is GET if request.method == 'GET': logging.debug('request method was GET') question = None if newquestion == True: from forum.models import AnonymousQuestion as AQ session_key = request.session.session_key logging.debug('retrieving anonymously posted question associated with session %s' % session_key) qlist = AQ.objects.filter(session_key=session_key).order_by('-added_at') if len(qlist) > 0: question = qlist[0] answer = None if newanswer == True: from forum.models import AnonymousAnswer as AA session_key = request.session.session_key logging.debug('retrieving posted answer associated with session %s' % session_key) alist = AA.objects.filter(session_key=session_key).order_by('-added_at') if len(alist) > 0: answer = alist[0] logging.debug('showing signin view') return render_to_response('authopenid/signin.html', { 'question':question, 'answer':answer, 'form1': form_auth, 'form2': form_signin, 'msg': request.GET.get('msg',''), 'sendpw_url': reverse('user_sendpw'), 'fb_api_key': settings.FB_API_KEY, }, context_instance=RequestContext(request))
def signin(request,newquestion=False,newanswer=False): """ signin page. It manage the legacy authentification (user/password) and authentification with openid. url: /signin/ template : authopenid/signin.htm """ request.encoding = 'UTF-8' on_failure = signin_failure next = clean_next(request.GET.get('next')) form_signin = OpenidSigninForm(initial={'next':next}) form_auth = OpenidAuthForm(initial={'next':next}) if request.POST: if 'bsignin' in request.POST.keys() or 'openid_username' in request.POST.keys(): form_signin = OpenidSigninForm(request.POST) if form_signin.is_valid(): next = clean_next(form_signin.cleaned_data.get('next')) sreg_req = sreg.SRegRequest(optional=['nickname', 'email']) redirect_to = "%s%s?%s" % ( get_url_host(request), reverse('user_complete_signin'), urllib.urlencode({'next':next}) ) return ask_openid(request, form_signin.cleaned_data['openid_url'], redirect_to, on_failure=signin_failure, sreg_request=sreg_req) elif 'blogin' in request.POST.keys(): # perform normal django authentification form_auth = OpenidAuthForm(request.POST) if form_auth.is_valid(): user_ = form_auth.get_user() login(request, user_) next = clean_next(form_auth.cleaned_data.get('next')) return HttpResponseRedirect(next) question = None if newquestion == True: from forum.models import AnonymousQuestion as AQ session_key = request.session.session_key qlist = AQ.objects.filter(session_key=session_key).order_by('-added_at') if len(qlist) > 0: question = qlist[0] answer = None if newanswer == True: from forum.models import AnonymousAnswer as AA session_key = request.session.session_key alist = AA.objects.filter(session_key=session_key).order_by('-added_at') if len(alist) > 0: answer = alist[0] return render('authopenid/signin.html', { 'question':question, 'answer':answer, 'form1': form_auth, 'form2': form_signin, 'msg': request.GET.get('msg',''), 'sendpw_url': reverse('user_sendpw'), }, context_instance=RequestContext(request))
def login(request, template_name='auth/login.html'): if request.method == 'GET': goto_url = clean_next(request.GET.get('next', None)) return render_to_response(request, template_name, {'goto_url': goto_url}) elif request.method == "POST": if 'bsignin' in request.POST.keys(): # openid_login openid_login_form = OpenidSigninForm(request.POST) if openid_login_form.is_valid(): next = clean_next(openid_login_form.cleaned_data.get('next')) sreg_req = sreg.SRegRequest(optional=['fullname', 'nickname', 'email']) redirect_to = "%s%s?%s" % ( get_url_host(request), reverse('auth_openid_login_complete'), urllib.urlencode({'next': next})) return ask_openid(request, openid_login_form.cleaned_data['openid_url'], redirect_to, on_failure=openid_login_failure, sreg_request=sreg_req) else: return render_login_form(request, '/', message='Invalid OpenID login form.') else: #normal login username = request.POST.get('username', None) password = request.POST.get('password', None) remember_me = request.POST.get('remember', None) if remember_me and smart_str(remember_me) != 'on': return HttpResponseBadRequest('Invalid input parameters!') remember_me = (remember_me == 'on') is_ajax = request.is_ajax() if not is_ajax: goto_url = request.POST.get('goto', '/') if ((username is None) or (username.strip() == '')) or \ ((password is None) or (password.strip() == '')): if is_ajax: data = {'success': True, 'data': {'name': 'Bad Login'}} return JSONResponse(data) else: # return render_to_response(template_name, {'goto_url': goto_url, # 'error_message': 'Both username and password are required.'}) return render_login_form(request, goto_url, message='Both username and password are required.') user = auth.authenticate(username=smart_str(username), password=smart_str(password)) if user is not None and user.is_active: login_failure = False request.session[settings.PERSISTENT_SESSION_KEY] = remember_me auth.login(request, user) #logging log.info('username=%s clientip=%s action=user_login', getattr(request.user, 'username', ''), request.META.get('REMOTE_ADDR', '')) if is_ajax: data = {'success': True, 'data': dict(username=user.username, name=user.get_full_name(), can_share=user.groups.filter(name='can_share').count() > 0, #is_gnf_user=user.groups.filter(name='gnfusers').count()>0, is_gnf_user=user.is_gnf_user, is_nvs_user=user.is_nvs_user, profile=user.profile)} else: return HttpResponseRedirectWithIEFix(request, goto_url) else: login_failure = True if login_failure: if is_ajax: data = {'success': True, 'data': {'name': 'Bad Login'}} else: if user is not None and not user.is_active: #if username/password are correct, but user is not activated yet. #show a more specific err msg below msg = "Your user account has not been activated yet. Activate your account first using the link we sent to you via email." else: msg = 'Please enter a correct username and password. Note that both fields are case-sensitive.' return render_login_form(request, goto_url, message=msg) if is_ajax: return JSONResponse(data)
def signin(request, newquestion=False, newanswer=False): """ signin page. It manage the legacy authentification (user/password) and authentification with openid. url: /signin/ template : authopenid/signin.htm """ request.encoding = 'UTF-8' on_failure = signin_failure next = clean_next(request.GET.get('next')) form_signin = OpenidSigninForm(initial={'next': next}) form_auth = OpenidAuthForm(initial={'next': next}) if request.POST: if 'bsignin' in request.POST.keys( ) or 'openid_username' in request.POST.keys(): form_signin = OpenidSigninForm(request.POST) if form_signin.is_valid(): next = clean_next(form_signin.cleaned_data.get('next')) sreg_req = sreg.SRegRequest(optional=['nickname', 'email']) redirect_to = "%s%s?%s" % (get_url_host(request), reverse('user_complete_signin'), urllib.urlencode({'next': next})) return ask_openid(request, form_signin.cleaned_data['openid_url'], redirect_to, on_failure=signin_failure, sreg_request=sreg_req) elif 'blogin' in request.POST.keys(): # perform normal django authentification form_auth = OpenidAuthForm(request.POST) if form_auth.is_valid(): user_ = form_auth.get_user() login(request, user_) next = clean_next(form_auth.cleaned_data.get('next')) return HttpResponseRedirect(next) question = None if newquestion == True: from forum.models import AnonymousQuestion as AQ session_key = request.session.session_key qlist = AQ.objects.filter( session_key=session_key).order_by('-added_at') if len(qlist) > 0: question = qlist[0] answer = None if newanswer == True: from forum.models import AnonymousAnswer as AA session_key = request.session.session_key alist = AA.objects.filter( session_key=session_key).order_by('-added_at') if len(alist) > 0: answer = alist[0] return render('authopenid/signin.html', { 'question': question, 'answer': answer, 'form1': form_auth, 'form2': form_signin, 'msg': request.GET.get('msg', ''), 'sendpw_url': reverse('user_sendpw'), }, context_instance=RequestContext(request))