def signin_success(request, identity_url, openid_response): """ openid signin success. If the openid is already registered, the user is redirected to url set par next or in settings with OPENID_REDIRECT_NEXT variable. If none of these urls are set user is redirectd to /. if openid isn't registered user is redirected to register page. """ logging.debug('') openid_ = from_openid_response(openid_response) #create janrain OpenID object request.session['openid'] = openid_ try: logging.debug('trying to get user associated with this openid...') rel = UserAssociation.objects.get(openid_url__exact = str(openid_)) logging.debug('success') except: logging.debug('failed --> try to register brand new user') # try to register this new user return register(request) user_ = rel.user if user_.is_active: user_.backend = "django.contrib.auth.backends.ModelBackend" logging.debug('user is active --> attached django auth ModelBackend --> calling login') login(request, user_) logging.debug('success') else: logging.debug('user is inactive, do not log them in') logging.debug('redirecting to %s' % get_next_url(request)) return HttpResponseRedirect(get_next_url(request))
def feedback(request): if request.method == "POST": form = FeedbackForm(request.POST) if form.is_valid(): context = {'user': request.user} if not request.user.is_authenticated: context['email'] = form.cleaned_data.get('email', None) context['message'] = form.cleaned_data['message'] context['name'] = form.cleaned_data.get('name', None) recipients = [(adm.username, adm.email) for adm in User.objects.filter(is_superuser=True)] send_email( settings.EMAIL_SUBJECT_PREFIX + _("Feedback message from %(site_name)s") % {'site_name': settings.APP_SHORT_NAME}, recipients, "notifications/feedback.html", context) msg = _('Thanks for the feedback!') request.user.message_set.create(message=msg) return HttpResponseRedirect(get_next_url(request)) else: form = FeedbackForm(initial={'next': get_next_url(request)}) return render_to_response('feedback.html', {'form': form}, context_instance=RequestContext(request))
def logout(request):#refactor/change behavior? #currently you click logout and you get #to this view which actually asks you again - do you really want to log out? #I guess rationale was to tell the user that s/he may be still logged in #through their external login sytem and we'd want to remind them about it #however it might be a little annoying #why not just show a message: you are logged out of askbot, but #if you really want to log out -> go to your openid provider return render_to_response('logout.html', { 'next' : get_next_url(request), }, context_instance=RequestContext(request))
def feedback(request): data = {} form = None if request.method == "POST": form = FeedbackForm(request.POST) if form.is_valid(): if not request.user.is_authenticated: data['email'] = form.cleaned_data.get('email',None) data['message'] = form.cleaned_data['message'] data['name'] = form.cleaned_data.get('name',None) message = render_to_response('feedback_email.txt',data,context_instance=RequestContext(request)) mail_admins(_('Q&A forum feedback'), message) msg = _('Thanks for the feedback!') request.user.message_set.create(message=msg) return HttpResponseRedirect(get_next_url(request)) else: form = FeedbackForm(initial={'next':get_next_url(request)}) data['form'] = form return render_to_response('feedback.html', data, context_instance=RequestContext(request))
def process_view(self, request, view_func, view_args, view_kwargs): if 'cancel' in request.REQUEST: #todo use session messages for the anonymous users try: msg = getattr(view_func,'CANCEL_MESSAGE') except AttributeError: msg = 'action canceled' request.user.message_set.create(message=msg) return HttpResponseRedirect(get_next_url(request)) else: return None
def process_view(self, request, view_func, view_args, view_kwargs): if 'cancel' in request.REQUEST: #todo use session messages for the anonymous users try: msg = getattr(view_func, 'CANCEL_MESSAGE') except AttributeError: msg = 'action canceled' request.user.message_set.create(message=msg) return HttpResponseRedirect(get_next_url(request)) else: return None
def changeemail(request, action='change'): """ changeemail view. requires openid with request type GET url: /email/* template : authopenid/changeemail.html """ logging.debug('') msg = request.GET.get('msg', None) extension_args = {} user_ = request.user if request.POST: if 'cancel' in request.POST: msg = _('your email was not changed') request.user.message_set.create(message=msg) return HttpResponseRedirect(get_next_url(request)) form = ChangeEmailForm(request.POST, user=user_) if form.is_valid(): new_email = form.cleaned_data['email'] if new_email != user_.email: if settings.EMAIL_VALIDATION == 'on': action = 'validate' else: action = 'done_novalidate' set_new_email(user_, new_email,nomessage=True) else: action = 'keep' elif not request.POST and 'openid.mode' in request.GET: redirect_to = get_url_host(request) + reverse('user_changeemail') return complete(request, emailopenid_success, emailopenid_failure, redirect_to) else: form = ChangeEmailForm(initial={'email': user_.email}, user=user_) output = render_to_response('authopenid/changeemail.html', { 'form': form, 'email': user_.email, 'action_type': action, 'gravatar_faq_url': reverse('faq') + '#gravatar', 'change_email_url': reverse('user_changeemail'), 'msg': msg }, context_instance=RequestContext(request)) if action == 'validate': set_email_validation_message(user_) return output
def feedback(request): if request.method == "POST": form = FeedbackForm(request.POST) if form.is_valid(): context = {'user': request.user} if not request.user.is_authenticated: context['email'] = form.cleaned_data.get('email',None) context['message'] = form.cleaned_data['message'] context['name'] = form.cleaned_data.get('name',None) recipients = [(adm.username, adm.email) for adm in User.objects.filter(is_superuser=True)] send_email(settings.EMAIL_SUBJECT_PREFIX + _("Feedback message from %(site_name)s") % {'site_name': settings.APP_SHORT_NAME}, recipients, "notifications/feedback.html", context) msg = _('Thanks for the feedback!') request.user.message_set.create(message=msg) return HttpResponseRedirect(get_next_url(request)) else: form = FeedbackForm(initial={'next':get_next_url(request)}) return render_to_response('feedback.html', {'form': form}, context_instance=RequestContext(request))
def signout(request): """ signout from the website. Remove openid from session and kill it. url : /signout/" """ logging.debug('') try: logging.debug('deleting openid session var') del request.session['openid'] except KeyError: logging.debug('failed') pass logout(request) logging.debug('user logged out') return HttpResponseRedirect(get_next_url(request))
def signin_failure(request, message): """ falure with openid signin. Go back to signin page. template : "authopenid/signin.html" """ logging.debug('') next = get_next_url(request) form_signin = OpenidSigninForm(initial={'next': next}) form_auth = ClassicLoginForm(initial={'next': next}) return render_to_response('authopenid/signin.html', { 'msg': message, 'form1': form_auth, 'form2': form_signin, }, context_instance=RequestContext(request))
def logout(request): return render_to_response('logout.html', { 'next': get_next_url(request), }, context_instance=RequestContext(request))
def decorated(request, *args, **kwargs): if request.user.is_authenticated(): return HttpResponseRedirect(get_next_url(request)) return func(request, *args, **kwargs)
def signup(request): """ signup page. Create a legacy account url : /signup/" templates: authopenid/signup.html, authopenid/confirm_email.txt """ logging.debug('') if settings.USE_EXTERNAL_LEGACY_LOGIN == True: logging.debug('handling external legacy login registration') return HttpResponseRedirect(reverse('user_external_legacy_login_signup')) next = get_next_url(request) logging.debug('request method was %s' % request.method) if request.method == 'POST': form = ClassicRegisterForm(request.POST) email_feeds_form = SimpleEmailSubscribeForm(request.POST) #validation outside if to remember form values logging.debug('validating classic register form') form1_is_valid = form.is_valid() logging.debug('classic register form validated') form2_is_valid = email_feeds_form.is_valid() logging.debug('email feeds form validated') if form1_is_valid and form2_is_valid: logging.debug('both forms are valid') next = form.cleaned_data['next'] username = form.cleaned_data['username'] password = form.cleaned_data['password1'] email = form.cleaned_data['email'] user_ = User.objects.create_user( username,email,password ) logging.debug('new user %s created' % username) if settings.USE_EXTERNAL_LEGACY_LOGIN == True: EXTERNAL_LOGIN_APP.api.create_user(username,email,password) user_.backend = "django.contrib.auth.backends.ModelBackend" login(request, user_) logging.debug('new user logged in') email_feeds_form.save(user_) logging.debug('email feeds form saved') # send email subject = _("Welcome email subject line") message_template = loader.get_template( 'authopenid/confirm_email.txt' ) message_context = Context({ 'signup_url': settings.APP_URL + reverse('user_signin'), 'username': username, 'password': password, }) message = message_template.render(message_context) send_mail(subject, message, settings.DEFAULT_FROM_EMAIL, [user_.email]) logging.debug('new user with login and password created, confirmation email sent!') return HttpResponseRedirect(next) else: logging.debug('create classic account forms were invalid') else: form = ClassicRegisterForm(initial={'next':next}) email_feeds_form = SimpleEmailSubscribeForm() logging.debug('printing legacy signup form') return render_to_response('authopenid/signup.html', { 'form': form, 'email_feeds_form': email_feeds_form }, context_instance=RequestContext(request))
def register(request): """ register an openid. If user is already a member he can associate its openid with its account. A new account could also be created and automaticaly associated to the openid. url : /complete/ template : authopenid/complete.html """ logging.debug('') openid_ = request.session.get('openid', None) next = get_next_url(request) if not openid_: logging.debug('oops, no openid in session --> go back to signin') return HttpResponseRedirect(reverse('user_signin') + '?next=%s' % next) nickname = openid_.sreg.get('nickname', '') email = openid_.sreg.get('email', '') form1 = OpenidRegisterForm(initial={ 'next': next, 'username': nickname, 'email': email, }) form2 = OpenidVerifyForm(initial={ 'next': next, 'username': nickname, }) email_feeds_form = SimpleEmailSubscribeForm() user_ = None is_redirect = False logging.debug('request method is %s' % request.method) if request.method == 'POST': if 'bnewaccount' in request.POST.keys(): logging.debug('trying to create new account associated with openid') form1 = OpenidRegisterForm(request.POST) email_feeds_form = SimpleEmailSubscribeForm(request.POST) if not form1.is_valid(): logging.debug('OpenidRegisterForm is INVALID') elif not email_feeds_form.is_valid(): logging.debug('SimpleEmailSubscribeForm is INVALID') else: logging.debug('OpenidRegisterForm and SimpleEmailSubscribeForm are valid') next = form1.cleaned_data['next'] is_redirect = True logging.debug('creatng new django user %s ...' % form1.cleaned_data['username']) tmp_pwd = User.objects.make_random_password() user_ = User.objects.create_user(form1.cleaned_data['username'], form1.cleaned_data['email'], tmp_pwd) user_.set_unusable_password() # make association with openid logging.debug('creating new openid user association %s <--> %s' \ % (user_.username, str(openid_))) uassoc = UserAssociation(openid_url=str(openid_), user_id=user_.id) uassoc.save() # login user_.backend = "django.contrib.auth.backends.ModelBackend" logging.debug('logging the user in') login(request, user_) logging.debug('saving email feed settings') email_feeds_form.save(user_) elif 'bverify' in request.POST.keys(): logging.debug('processing OpenidVerify form') form2 = OpenidVerifyForm(request.POST) if form2.is_valid(): logging.debug('form is valid') is_redirect = True next = form2.cleaned_data['next'] user_ = form2.get_user() logging.debug('creating new openid user association %s <--> %s' \ % (user_.username, str(openid_))) uassoc = UserAssociation(openid_url=str(openid_), user_id=user_.id) uassoc.save() logging.debug('logging the user in') login(request, user_) #check if we need to post a question that was added anonymously #this needs to be a function call becase this is also done #if user just logged in and did not need to create the new account if user_ != None: if settings.EMAIL_VALIDATION == 'on': logging.debug('sending email validation') send_new_email_key(user_,nomessage=True) output = validation_email_sent(request) set_email_validation_message(user_) #message set after generating view return output if user_.is_authenticated(): logging.debug('success, send user to main page') return HttpResponseRedirect(reverse('index')) else: logging.debug('have really strange error') raise Exception('openid login failed')#should not ever get here openid_str = str(openid_) bits = openid_str.split('/') base_url = bits[2] #assume this is base url url_bits = base_url.split('.') provider_name = url_bits[-2].lower() providers = {'yahoo':'<font color="purple">Yahoo!</font>', 'flickr':'<font color="#0063dc">flick</font><font color="#ff0084">r</font>™', 'google':'Google™', 'aol':'<font color="#31658e">AOL</font>', 'myopenid':'MyOpenID', } if provider_name not in providers: provider_logo = provider_name logging.error('openid provider named "%s" has no pretty customized logo' % provider_name) else: provider_logo = providers[provider_name] logging.debug('printing authopenid/complete.html output') return render_to_response('authopenid/complete.html', { 'form1': form1, 'form2': form2, 'email_feeds_form': email_feeds_form, 'provider':mark_safe(provider_logo), 'username': nickname, 'email': email, 'login_type':'openid', 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request))
def signin(request,newquestion=False,newanswer=False): """ signin page. It manages the legacy authentification (user/password) and openid authentification url: /signin/ template : authopenid/signin.htm """ logging.debug('in signin view') request.encoding = 'UTF-8' on_failure = signin_failure email_feeds_form = SimpleEmailSubscribeForm() next = get_next_url(request) form_signin = OpenidSigninForm(initial={'next':next}) form_auth = ClassicLoginForm(initial={'next':next}) if request.method == 'POST': #'blogin' - password login if 'blogin' in request.POST.keys(): logging.debug('processing classic login form submission') form_auth = ClassicLoginForm(request.POST) if form_auth.is_valid(): #have login and password and need to login through external website if settings.USE_EXTERNAL_LEGACY_LOGIN == True: username = form_auth.cleaned_data['username'] password = form_auth.cleaned_data['password'] next = form_auth.cleaned_data['next'] if form_auth.get_user() == None: #need to create internal user #1) save login and password temporarily in session request.session['external_username'] = username request.session['external_password'] = password #2) try to extract user email and nickname from external service email = EXTERNAL_LOGIN_APP.api.get_email(username,password) screen_name = EXTERNAL_LOGIN_APP.api.get_screen_name(username,password) #3) see if username clashes with some existing user #if so, we have to prompt the user to pick a different name username_taken = User.is_username_taken(screen_name) email_feeds_form = SimpleEmailSubscribeForm() form_data = {'username':screen_name,'email':email,'next':next} form = OpenidRegisterForm(initial=form_data) template_data = {'form1':form,'username':screen_name,\ 'email_feeds_form':email_feeds_form,\ 'provider':mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME),\ 'login_type':'legacy',\ 'gravatar_faq_url':reverse('faq') + '#gravatar',\ 'external_login_name_is_taken':username_taken} return render_to_response('authopenid/complete.html',template_data,\ context_instance=RequestContext(request)) else: #user existed, external password is ok user = form_auth.get_user() login(request,user) response = HttpResponseRedirect(get_next_url(request)) EXTERNAL_LOGIN_APP.api.set_login_cookies(response,user) return response else: #regular password authentication user = form_auth.get_user() login(request, user) return HttpResponseRedirect(get_next_url(request)) elif 'bnewaccount' in request.POST.keys(): logging.debug('processing classic (login/password) create account form submission') #register externally logged in password user with a new local account if settings.USE_EXTERNAL_LEGACY_LOGIN == True: form = OpenidRegisterForm(request.POST) email_feeds_form = SimpleEmailSubscribeForm(request.POST) form1_is_valid = form.is_valid() form2_is_valid = email_feeds_form.is_valid() if form1_is_valid and form2_is_valid: #create the user username = form.cleaned_data['username'] password = request.session.get('external_password',None) email = form.cleaned_data['email'] if password and username: User.objects.create_user(username,email,password) user = authenticate(username=username,password=password) EXTERNAL_LOGIN_APP.api.connect_local_user_to_external_user(user,username,password) external_username = request.session['external_username'] eld = ExternalLoginData.objects.get(external_username=external_username) eld.user = user eld.save() login(request,user) email_feeds_form.save(user) del request.session['external_username'] del request.session['external_password'] response = HttpResponseRedirect(reverse('index')) EXTERNAL_LOGIN_APP.api.set_login_cookies(response, user) return response else: if password: del request.session['external_username'] if username: del request.session['external_password'] return HttpResponseServerError() else: username = request.POST.get('username',None) provider = mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME) username_taken = User.is_username_taken(username) data = {'login_type':'legacy','form1':form,'username':username,\ 'email_feeds_form':email_feeds_form,'provider':provider,\ 'gravatar_faq_url':reverse('faq') + '#gravatar',\ 'external_login_name_is_taken':username_taken} return render_to_response('authopenid/complete.html',data, context_instance=RequestContext(request)) else: raise Http404 elif 'bsignin' in request.POST.keys() or 'openid_username' in request.POST.keys(): logging.debug('processing signin with openid submission') form_signin = OpenidSigninForm(request.POST) if form_signin.is_valid(): logging.debug('OpenidSigninForm is valid') next = form_signin.cleaned_data['next'] sreg_req = sreg.SRegRequest(optional=['nickname', 'email']) redirect_to = "%s%s?%s" % ( get_url_host(request), reverse('user_complete_signin'), urllib.urlencode({'next':next}) ) return ask_openid(request, form_signin.cleaned_data['openid_url'], redirect_to, on_failure=signin_failure, sreg_request=sreg_req) else: logging.debug('OpenidSigninForm is NOT valid! -> redisplay login view') #if request is GET if request.method == 'GET': logging.debug('request method was GET') question = None if newquestion == True: from forum.models import AnonymousQuestion as AQ session_key = request.session.session_key logging.debug('retrieving anonymously posted question associated with session %s' % session_key) qlist = AQ.objects.filter(session_key=session_key).order_by('-added_at') if len(qlist) > 0: question = qlist[0] answer = None if newanswer == True: from forum.models import AnonymousAnswer as AA session_key = request.session.session_key logging.debug('retrieving posted answer associated with session %s' % session_key) alist = AA.objects.filter(session_key=session_key).order_by('-added_at') if len(alist) > 0: answer = alist[0] logging.debug('showing signin view') return render_to_response('authopenid/signin.html', { 'question':question, 'answer':answer, 'form1': form_auth, 'form2': form_signin, 'msg': request.GET.get('msg',''), 'sendpw_url': reverse('user_sendpw'), 'fb_api_key': settings.FB_API_KEY, }, context_instance=RequestContext(request))
def logout(request): return render_to_response('logout.html', { 'next' : get_next_url(request), }, context_instance=RequestContext(request))
def default_on_success(request, identity_url, openid_response): """ default action on openid signin success """ logging.debug('') request.session['openid'] = from_openid_response(openid_response) logging.debug('performing default action on openid success %s' % get_next_url(request)) return HttpResponseRedirect(get_next_url(request))