def test_private_user_details_has_email(self): email = '*****@*****.**' self._signup(USERNAME, PASSWORD, email) user = User.objects.get(username=USERNAME) user_details = PrivateUserDetails.from_id(user.id).to_client() print PrivateUserDetails.from_id(user.id).to_client() self.assertEqual(user_details['email'], email)
def _login_user(request, user): if not user.is_active: return inactive_user_http_response() # This is a total hack because we don't care to write a backend for the above authenticate method. user.backend = settings.AUTHENTICATION_BACKENDS[0] auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'comment_count': QuestComment.all_objects.filter(author=user).count(), 'quest_count': Quest.all_objects.filter(author=user).count(), 'sessionid': request.session.session_key, 'login': True, 'heavy_state_sync': heavy_state_sync(request.user, app_version=request.app_version, app_version_tuple=request.app_version_tuple), }
def logout(request): user_details = None if request.user.is_authenticated(): user_details = PrivateUserDetails.from_id(request.user.id).to_client() auth.logout(request) return { 'user': user_details, 'heavy_state_sync': heavy_state_sync(request.user, app_version=request.app_version, app_version_tuple=request.app_version_tuple), }
def _login(request, password, username=None, email=None): def wrong_password(): raise ValidationError({ 'password': [_("The password you entered is incorrect. Please try again (make sure your caps lock is off).")], }) def wrong_username(username): raise ValidationError({ 'username': [_(u"""The username you entered, "%(username)s", doesn't exist. Please try again, or enter the email address you used to sign up.""" % {'username': username})], }) if not username and not email: raise ValidationError({'username': [_("Username is required to sign in.")]}) if username is not None and not all(ord(char) < 256 for char in username): wrong_username(username) user = auth.authenticate(username=username, password=password, email=email) if user is None: try: try: User.objects.get(Q(username=username) | Q(email=email) | Q(email=username)) except User.MultipleObjectsReturned: pass wrong_password() except User.DoesNotExist: wrong_username(username) if not user.is_active: return inactive_user_http_response() auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'comment_count': QuestComment.all_objects.filter(author=user).count(), 'quest_count': Quest.all_objects.filter(author=user).count(), 'sessionid': request.session.session_key, 'migrated_from_canvas_account': False, 'login': True, 'heavy_state_sync': heavy_state_sync(request.user, app_version=request.app_version, app_version_tuple=request.app_version_tuple), }
def login_with_facebook(request, facebook_access_token): try: fb_user = FacebookUser.get_from_access_token(facebook_access_token) except FacebookUser.DoesNotExist: raise PermissionDenied("No DrawQuest user exists for this Facebook account.") user = fb_user.user if not user.is_active: return inactive_user_http_response() # this is a total hack because we don't care to write a backend for the above authenticate method user.backend = settings.AUTHENTICATION_BACKENDS[0] auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'sessionid': request.session.session_key, }
def login_with_facebook(request, facebook_access_token): try: fb_user = FacebookUser.get_from_access_token(facebook_access_token) except FacebookUser.DoesNotExist: raise PermissionDenied( "No DrawQuest user exists for this Facebook account.") user = fb_user.user if not user.is_active: return inactive_user_http_response() # this is a total hack because we don't care to write a backend for the above authenticate method user.backend = settings.AUTHENTICATION_BACKENDS[0] auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'sessionid': request.session.session_key, }
def _login(request, password, username=None, email=None): migrated_from_canvas_account = False def wrong_password(): raise ValidationError({ 'password': "******" "Please try again (make sure your caps lock is off)." }) def wrong_username(username): raise ValidationError({ 'username': """The username you entered, "{}", doesn't exist. """.format(username) + """Please try again, or enter the e-mail address you used to sign up.""" }) def get_username_from_email(email): if not email: wrong_username(email) try: return User.objects.get(email=email).username except User.DoesNotExist: wrong_username(email) if not username and not email: raise ValidationError({'username': "******"}) if not username: username = get_username_from_email(email) user = auth.authenticate(username=username, password=password) if user is None: # Maybe they entered an email into the username field? try: User.objects.get(username=username) except User.DoesNotExist: try: #TODO This might be broken - should probably pass username. username = get_username_from_email(email) user = auth.authenticate(username=username, password=password) except ValidationError: # No such username exists. # See if it's a example.com account we need to migrate over. if User.is_username_reserved(username): try: user = User.migrate_canvas_user(request, username, password, email=email) except ValidationError as e: wrong_password() else: migrated_from_canvas_account = True if user is None: wrong_password() if not user.is_active: return inactive_user_http_response() auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'sessionid': request.session.session_key, 'migrated_from_canvas_account': migrated_from_canvas_account, }
def signup(request, username, password, email, facebook_access_token=None): if check_rate_limit(request, username): raise ServiceError( "Too many signup attempts. Wait a minute and try again.") try: return _login(request, password, username=username, email=email) except ValidationError: pass migrated_from_canvas_account = False errors = defaultdict(list) fb_user = None if facebook_access_token: fb_user = FacebookUser.create_from_access_token(facebook_access_token) def username_taken(): # Ugly hack. for error in errors['username']: if 'taken' in error: return errors['username'].append("Sorry! That username is already taken.") if not password: errors['password'].append("Please enter a password.") if not User.validate_password(password): errors['password'].append("Sorry, your password is too short. " "Please use {} or more characters.".format( User.MINIMUM_PASSWORD_LENGTH)) if not email: errors['email'].append("Please enter your email address.") elif not User.validate_email(email): errors['email'].append("Please enter a valid email address.") username_error = User.validate_username(username) if username_error: errors['username'].append(username_error) if not User.email_is_unused(email): errors['email'].append( "Sorry! That email address is already being used for an account.") elif User.is_username_reserved(username): try: user = User.migrate_canvas_user(request, username, password, email=email) except IntegrityError: username_taken() except ValidationError: errors['username'] = [ """Sorry! This username is taken. Please pick a different username, """ + """or if you are "{}," enter your password to sign in.""". format(username) ] else: migrated_from_canvas_account = True if errors: if fb_user: fb_user.delete() raise ValidationError(errors) if not migrated_from_canvas_account: try: user = User.objects.create_user(username, email, password) except IntegrityError: username_taken() raise ValidationError(errors) UserInfo.objects.create(user=user) if fb_user: fb_user.user = user fb_user.save() fb_user.notify_friends_of_signup(facebook_access_token) user.migrate_facebook_avatar(request, facebook_access_token) user = auth.authenticate(username=username, password=password) # auth.login starts a new session and copies the session data from the old one to the new one auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'sessionid': request.session.session_key, 'migrated_from_canvas_account': migrated_from_canvas_account, }
def logout(request): user_id = request.user.id auth.logout(request) return {'user': PrivateUserDetails.from_id(user_id).to_client()}
def _login(request, password, username=None, email=None): migrated_from_canvas_account = False def wrong_password(): raise ValidationError({ 'password': "******" "Please try again (make sure your caps lock is off)." }) def wrong_username(username): raise ValidationError({ 'username': """The username you entered, "{}", doesn't exist. """.format( username) + """Please try again, or enter the e-mail address you used to sign up.""" }) def get_username_from_email(email): if not email: wrong_username(email) try: return User.objects.get(email=email).username except User.DoesNotExist: wrong_username(email) if not username and not email: raise ValidationError({'username': "******"}) if not username: username = get_username_from_email(email) user = auth.authenticate(username=username, password=password) if user is None: # Maybe they entered an email into the username field? try: User.objects.get(username=username) except User.DoesNotExist: try: #TODO This might be broken - should probably pass username. username = get_username_from_email(email) user = auth.authenticate(username=username, password=password) except ValidationError: # No such username exists. # See if it's a example.com account we need to migrate over. if User.is_username_reserved(username): try: user = User.migrate_canvas_user(request, username, password, email=email) except ValidationError as e: wrong_password() else: migrated_from_canvas_account = True if user is None: wrong_password() if not user.is_active: return inactive_user_http_response() auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'sessionid': request.session.session_key, 'migrated_from_canvas_account': migrated_from_canvas_account, }
def _login(request, password, username=None, email=None): def wrong_password(): raise ValidationError({ 'password': [ _("The password you entered is incorrect. Please try again (make sure your caps lock is off)." ) ], }) def wrong_username(username): raise ValidationError({ 'username': [ _(u"""The username you entered, "%(username)s", doesn't exist. Please try again, or enter the email address you used to sign up.""" % {'username': username}) ], }) if not username and not email: raise ValidationError( {'username': [_("Username is required to sign in.")]}) if username is not None and not all(ord(char) < 256 for char in username): wrong_username(username) user = auth.authenticate(username=username, password=password, email=email) if user is None: try: try: User.objects.get( Q(username=username) | Q(email=email) | Q(email=username)) except User.MultipleObjectsReturned: pass wrong_password() except User.DoesNotExist: wrong_username(username) if not user.is_active: return inactive_user_http_response() auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'comment_count': QuestComment.all_objects.filter(author=user).count(), 'quest_count': Quest.all_objects.filter(author=user).count(), 'sessionid': request.session.session_key, 'migrated_from_canvas_account': False, 'login': True, 'heavy_state_sync': heavy_state_sync(request.user, app_version=request.app_version, app_version_tuple=request.app_version_tuple), }
def signup(request, username, password, email, facebook_access_token=None, twitter_access_token=None, twitter_access_token_secret=None): if check_rate_limit(request, username): raise ServiceError(_("Too many signup attempts. Wait a minute and try again.")) if not _validate_charset(username): raise ValidationError({ 'username': [_("Usernames can only contain the letters a-z or A-Z, digits, and underscores.")], }) if not _validate_charset(email): raise ValidationError({ 'email': [_("Sorry, your email address contains invalid characters. Please remove them and try again.")], }) try: return _login(request, password, username=username, email=email) except ValidationError: pass errors = defaultdict(list) fb_user = None twitter_user = None if facebook_access_token: fb_user = FacebookUser.get_or_create_from_access_token(facebook_access_token) elif twitter_access_token and twitter_access_token_secret: twitter_user = TwitterUser.get_or_create_from_access_token(twitter_access_token, twitter_access_token_secret) def username_taken(): # Ugly hack. for error in errors['username']: if 'taken' in error: return errors['username'].append(_("Sorry! That username is already taken.")) if not password: errors['password'].append(_("Please enter a password.")) if not User.validate_password(password): errors['password'].append(_(u"Sorry, your password is too short. Please use %(count)d or more characters." % {'count': User.MINIMUM_PASSWORD_LENGTH})) if not email: errors['email'].append(_("Please enter your email address.")) elif not User.validate_email(email): errors['email'].append(_("Please enter a valid email address.")) username_error = User.validate_username(username) if username_error: errors['username'].append(username_error) if not User.email_is_unused(email): errors['email'].append(_("Sorry! That email address is already being used for an account. Try signing in instead, or use another email address.")) if errors: if fb_user: fb_user.delete() raise ValidationError(errors) try: user = User.objects.create_user(username, email, password) except IntegrityError: username_taken() raise ValidationError(errors) ui = UserInfo.objects.create(user=user) ui.update_hashes() if request.app_version is not None: user.kv.signup_app_version.set(request.app_version) if fb_user: fb_user.user = user fb_user.save() fb_user.notify_friends_of_signup(facebook_access_token) fb_user.respond_to_apprequest_invites(facebook_access_token) user.migrate_facebook_avatar(request, facebook_access_token) elif twitter_user: twitter_user.user = user twitter_user.save() twitter_user.notify_followers_of_signup(twitter_access_token, twitter_access_token_secret) twitter_user.auto_follow_from_invite(twitter_access_token, twitter_access_token_secret) @bgwork.defer def migrate_twitter_avatar(): user.migrate_twitter_avatar(request, twitter_access_token, twitter_access_token_secret) user = auth.authenticate(username=username, password=password) # auth.login starts a new session and copies the session data from the old one to the new one auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'comment_count': 0, 'quest_count': Quest.all_objects.filter(author=user).count(), 'sessionid': request.session.session_key, 'migrated_from_canvas_account': False, 'login': False, 'heavy_state_sync': heavy_state_sync(request.user, app_version=request.app_version, app_version_tuple=request.app_version_tuple), }
def signup(request, username, password, email, facebook_access_token=None): if check_rate_limit(request, username): raise ServiceError("Too many signup attempts. Wait a minute and try again.") try: return _login(request, password, username=username, email=email) except ValidationError: pass migrated_from_canvas_account = False errors = defaultdict(list) fb_user = None if facebook_access_token: fb_user = FacebookUser.create_from_access_token(facebook_access_token) def username_taken(): # Ugly hack. for error in errors['username']: if 'taken' in error: return errors['username'].append("Sorry! That username is already taken.") if not password: errors['password'].append("Please enter a password.") if not User.validate_password(password): errors['password'].append("Sorry, your password is too short. " "Please use {} or more characters.".format(User.MINIMUM_PASSWORD_LENGTH)) if not email: errors['email'].append("Please enter your email address.") elif not User.validate_email(email): errors['email'].append("Please enter a valid email address.") username_error = User.validate_username(username) if username_error: errors['username'].append(username_error) if not User.email_is_unused(email): errors['email'].append("Sorry! That email address is already being used for an account.") elif User.is_username_reserved(username): try: user = User.migrate_canvas_user(request, username, password, email=email) except IntegrityError: username_taken() except ValidationError: errors['username'] = ["""Sorry! This username is taken. Please pick a different username, """ + """or if you are "{}," enter your password to sign in.""".format(username)] else: migrated_from_canvas_account = True if errors: if fb_user: fb_user.delete() raise ValidationError(errors) if not migrated_from_canvas_account: try: user = User.objects.create_user(username, email, password) except IntegrityError: username_taken() raise ValidationError(errors) UserInfo.objects.create(user=user) if fb_user: fb_user.user = user fb_user.save() fb_user.notify_friends_of_signup(facebook_access_token) user.migrate_facebook_avatar(request, facebook_access_token) user = auth.authenticate(username=username, password=password) # auth.login starts a new session and copies the session data from the old one to the new one auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'sessionid': request.session.session_key, 'migrated_from_canvas_account': migrated_from_canvas_account, }
def signup(request, username, password, email, facebook_access_token=None, twitter_access_token=None, twitter_access_token_secret=None): if check_rate_limit(request, username): raise ServiceError( _("Too many signup attempts. Wait a minute and try again.")) if not _validate_charset(username): raise ValidationError({ 'username': [ _("Usernames can only contain the letters a-z or A-Z, digits, and underscores." ) ], }) if not _validate_charset(email): raise ValidationError({ 'email': [ _("Sorry, your email address contains invalid characters. Please remove them and try again." ) ], }) try: return _login(request, password, username=username, email=email) except ValidationError: pass errors = defaultdict(list) fb_user = None twitter_user = None if facebook_access_token: fb_user = FacebookUser.get_or_create_from_access_token( facebook_access_token) elif twitter_access_token and twitter_access_token_secret: twitter_user = TwitterUser.get_or_create_from_access_token( twitter_access_token, twitter_access_token_secret) def username_taken(): # Ugly hack. for error in errors['username']: if 'taken' in error: return errors['username'].append(_("Sorry! That username is already taken.")) if not password: errors['password'].append(_("Please enter a password.")) if not User.validate_password(password): errors['password'].append( _(u"Sorry, your password is too short. Please use %(count)d or more characters." % {'count': User.MINIMUM_PASSWORD_LENGTH})) if not email: errors['email'].append(_("Please enter your email address.")) elif not User.validate_email(email): errors['email'].append(_("Please enter a valid email address.")) username_error = User.validate_username(username) if username_error: errors['username'].append(username_error) if not User.email_is_unused(email): errors['email'].append( _("Sorry! That email address is already being used for an account. Try signing in instead, or use another email address." )) if errors: if fb_user: fb_user.delete() raise ValidationError(errors) try: user = User.objects.create_user(username, email, password) except IntegrityError: username_taken() raise ValidationError(errors) ui = UserInfo.objects.create(user=user) ui.update_hashes() if request.app_version is not None: user.kv.signup_app_version.set(request.app_version) if fb_user: fb_user.user = user fb_user.save() fb_user.notify_friends_of_signup(facebook_access_token) fb_user.respond_to_apprequest_invites(facebook_access_token) user.migrate_facebook_avatar(request, facebook_access_token) elif twitter_user: twitter_user.user = user twitter_user.save() twitter_user.notify_followers_of_signup(twitter_access_token, twitter_access_token_secret) twitter_user.auto_follow_from_invite(twitter_access_token, twitter_access_token_secret) @bgwork.defer def migrate_twitter_avatar(): user.migrate_twitter_avatar(request, twitter_access_token, twitter_access_token_secret) user = auth.authenticate(username=username, password=password) # auth.login starts a new session and copies the session data from the old one to the new one auth.login(request, user) return { 'user': PrivateUserDetails.from_id(user.id).to_client(), 'user_bio': user.userinfo.bio_text, 'user_subscribed_to_starred': is_subscribed(user, 'starred'), 'comment_count': 0, 'quest_count': Quest.all_objects.filter(author=user).count(), 'sessionid': request.session.session_key, 'migrated_from_canvas_account': False, 'login': False, 'heavy_state_sync': heavy_state_sync(request.user, app_version=request.app_version, app_version_tuple=request.app_version_tuple), }