def get(self, request):
request_args = dict(getattr(settings, 'BROWSERID_REQUEST_ARGS', {}))
# Only pass an email to the JavaScript if the current user was
# authed with our auth backend.
backend_name = self.request.session.get(auth.BACKEND_SESSION_KEY)
backend = auth.load_backend(backend_name) if backend_name else None
if isinstance(backend, BrowserIDBackend):
email = getattr(request.user, 'email', '')
else:
email = ''
# Different CSRF libraries (namely session_csrf) store the CSRF
# token in different places. The only way to retrieve the token
# that works with both the built-in CSRF and session_csrf is to
# pull it from the template context processors via
# RequestContext.
context = RequestContext(request)
csrf_token = context.get('csrf_token', None)
return JSONResponse({
'userEmail': email,
'loginUrl': reverse('browserid.login'),
'logoutUrl': reverse('browserid.logout'),
'requestArgs': request_args,
'csrfToken': csrf_token,
})
def get(self, request):
request_args = dict(getattr(settings, 'BROWSERID_REQUEST_ARGS', {}))
# Only pass an email to the JavaScript if the current user was
# authed with our auth backend.
backend_name = self.request.session.get(auth.BACKEND_SESSION_KEY)
backend = auth.load_backend(backend_name) if backend_name else None
if isinstance(backend, BrowserIDBackend):
email = getattr(request.user, 'email', '')
else:
email = ''
# Different CSRF libraries (namely session_csrf) store the CSRF
# token in different places. The only way to retrieve the token
# that works with both the built-in CSRF and session_csrf is to
# pull it from the template context processors via
# RequestContext.
context = RequestContext(request)
csrf_token = context.get('csrf_token', None)
return JSONResponse({
'userEmail': email,
'loginUrl': reverse('browserid.login'),
'logoutUrl': reverse('browserid.logout'),
'requestArgs': request_args,
'csrfToken': csrf_token,
})
def login_failure(self, error=None):
"""
Redirect the user to a login-failed page, and add the
``bid_login_failed`` parameter to the URL to signify that login
failed to the JavaScript.
:param error:
If login failed due to an error raised during verification,
this will be the BrowserIDException instance that was
raised.
"""
if error:
logger.error(error)
failure_url = self.failure_url
# If this url is a view name, we need to reverse it first to
# get the url.
try:
failure_url = reverse(failure_url)
except NoReverseMatch:
pass
# Append "?bid_login_failed=1" to the URL to notify the
# JavaScript that the login failed.
if not failure_url.endswith('?'):
failure_url += '?' if not '?' in failure_url else '&'
failure_url += 'bid_login_failed=1'
return JSONResponse({'redirect': failure_url}, status=403)
def browserid_logout(text='Sign out',
next=None,
link_class='browserid-logout',
attrs=None):
"""
Output the HTML for a BrowserID logout link.
:param text:
Text to use inside the link. Defaults to 'Sign out', which is not
localized.
:param link_class:
CSS class for the link. `browserid-logout` will be added to this
automatically.
:param attrs:
Dictionary of attributes to add to the link. Values here override those
set by other arguments.
If given a string, it is parsed as JSON and is expected to be an object.
"""
if 'browserid-logout' not in link_class:
link_class += ' browserid-logout'
next = next or getattr(settings, 'LOGOUT_REDIRECT_URL', '/')
return browserid_button(text, next, link_class, attrs,
reverse('browserid.logout'))
def login_failure(self, error=None):
"""
Redirect the user to a login-failed page, and add the
``bid_login_failed`` parameter to the URL to signify that login
failed to the JavaScript.
:param error:
If login failed due to an error raised during verification,
this will be the BrowserIDException instance that was
raised.
"""
if error:
logger.error(error)
failure_url = self.failure_url
# If this url is a view name, we need to reverse it first to
# get the url.
try:
failure_url = reverse(failure_url)
except NoReverseMatch:
pass
# Append "?bid_login_failed=1" to the URL to notify the
# JavaScript that the login failed.
if not failure_url.endswith('?'):
failure_url += '?' if not '?' in failure_url else '&'
failure_url += 'bid_login_failed=1'
return JSONResponse({'redirect': failure_url}, status=403)
def browserid_logout(text='Sign out', next=None,
link_class=DEFAULT_LINK_CLASS_LOGOUT, attrs=None):
"""
Output the HTML for a BrowserID logout link.
:param text:
Text to use inside the link. Defaults to 'Sign out', which is not
localized.
:param next:
URL to redirect users to after they logout from this link. Defaults
to :attr:`.views.Logout.redirect_url`.
:param link_class:
CSS classes for the link. The classes will be appended to the
default class `browserid-logout`.
:param attrs:
Dictionary of attributes to add to the link. Values here override those
set by other arguments.
If given a string, it is parsed as JSON and is expected to be an object.
"""
next = next or ''
if MANDATORY_LINK_CLASS_LOGOUT not in link_class.split(' '):
link_class += ' ' + MANDATORY_LINK_CLASS_LOGOUT
return browserid_button(text, next, link_class,
attrs, reverse('browserid.logout'))
def browserid_logout(text='Sign out',
next=None,
link_class=DEFAULT_LINK_CLASS_LOGOUT,
attrs=None):
"""
Output the HTML for a BrowserID logout link.
:param text:
Text to use inside the link. Defaults to 'Sign out', which is not
localized.
:param next:
URL to redirect users to after they logout from this link. Defaults
to :attr:`.views.Logout.redirect_url`.
:param link_class:
CSS classes for the link. The classes will be appended to the
default class `browserid-logout`.
:param attrs:
Dictionary of attributes to add to the link. Values here override those
set by other arguments.
If given a string, it is parsed as JSON and is expected to be an object.
"""
next = next or ''
if MANDATORY_LINK_CLASS_LOGOUT not in link_class.split(' '):
link_class += ' ' + MANDATORY_LINK_CLASS_LOGOUT
return browserid_button(text, next, link_class, attrs,
reverse('browserid.logout'))
def browserid_info():
"""
Output the HTML for the info tag, which contains the arguments for
navigator.id.request from the BROWSERID_REQUEST_ARGS setting. Should
be called once at the top of the page just below the <body> tag.
"""
# Force request_args to be a dictionary, in case it is lazily generated.
request_args = dict(getattr(settings, 'BROWSERID_REQUEST_ARGS', {}))
info = json.dumps({
'loginUrl': reverse('browserid.login'),
'logoutUrl': reverse('browserid.logout'),
'csrfUrl': reverse('browserid.csrf'),
'requestArgs': request_args,
}, cls=LazyEncoder)
return render_to_string('browserid/info.html', {
'info': info,
})
def browserid_info():
"""
Output the HTML for the info tag, which contains the arguments for
navigator.id.request from the BROWSERID_REQUEST_ARGS setting. Should
be called once at the top of the page just below the <body> tag.
"""
# Force request_args to be a dictionary, in case it is lazily generated.
request_args = dict(getattr(settings, 'BROWSERID_REQUEST_ARGS', {}))
info = json.dumps({
'loginUrl': reverse('browserid.login'),
'logoutUrl': reverse('browserid.logout'),
'csrfUrl': reverse('browserid.csrf'),
'requestArgs': request_args,
}, cls=LazyEncoder)
return render_to_string('browserid/info.html', {
'info': info,
})
def browserid_info():
"""
Output the HTML for the info tag, which contains the arguments for
navigator.id.request from the BROWSERID_REQUEST_ARGS setting. Should
be called once at the top of the page just below the <body> tag.
"""
# Force request_args to be a dictionary, in case it is lazily generated.
request_args = dict(getattr(settings, "BROWSERID_REQUEST_ARGS", {}))
info = json.dumps(
{
"loginUrl": reverse("browserid.login"),
"logoutUrl": reverse("browserid.logout"),
"csrfUrl": reverse("browserid.csrf"),
"requestArgs": request_args,
},
cls=LazyEncoder,
)
return render_to_string("browserid/info.html", {"info": info})
def browserid_logout(text='Sign out', next=None, link_class='browserid-logout', attrs=None):
"""
Output the HTML for a BrowserID logout link.
:param text:
Text to use inside the link. Defaults to 'Sign out', which is not
localized.
:param link_class:
CSS class for the link. Defaults to `browserid-logout`.
:param attrs:
Dictionary of attributes to add to the link. Values here override those
set by other arguments.
If given a string, it is parsed as JSON and is expected to be an object.
"""
next = next or getattr(settings, 'LOGOUT_REDIRECT_URL', '/')
return browserid_button(text, next, link_class, attrs, reverse('browserid.logout'))
def browserid_logout(text="Sign out", next=None, link_class=DEFAULT_LINK_CLASS_LOGOUT, attrs=None):
"""
Output the HTML for a BrowserID logout link.
:param text:
Text to use inside the link. Defaults to 'Sign out', which is not
localized.
:param link_class:
CSS classes for the link. The classes will be appended to the
default class `browserid-logout`.
:param attrs:
Dictionary of attributes to add to the link. Values here override those
set by other arguments.
If given a string, it is parsed as JSON and is expected to be an object.
"""
next = next or getattr(settings, "LOGOUT_REDIRECT_URL", "/")
if MANDATORY_LINK_CLASS_LOGOUT not in link_class.split(" "):
link_class += " " + MANDATORY_LINK_CLASS_LOGOUT
return browserid_button(text, next, link_class, attrs, reverse("browserid.logout"))