def clean_email(self): try: return super(PasswordResetForm, self).clean_email() except forms.ValidationError as e: email = self.cleaned_data["email"] deki_user = DekiUserBackend.get_deki_user_by_email(email) if deki_user is None: raise e else: user = DekiUserBackend.get_or_create_user(deki_user) self.users_cache = User.objects.filter(email__iexact=email) return user.email raise e
def browserid_verify(request): """Process a submitted BrowserID assertion. If valid, try to find either a Django or MindTouch user that matches the verified email address. If neither is found, we bounce to a profile creation page (ie. browserid_register).""" redirect_to = (_clean_next_url(request) or getattr(settings, 'LOGIN_REDIRECT_URL', reverse('home'))) redirect_to_failure = (_clean_next_url(request) or getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', reverse('home'))) failure_resp = set_browserid_explained( HttpResponseRedirect(redirect_to_failure)) # If the form's not valid, then this is a failure. form = BrowserIDForm(data=request.POST) if not form.is_valid(): return failure_resp # If the BrowserID assersion is not valid, then this is a failure. result = _verify_browserid(form, request) if not result: return failure_resp # So far, so good: We have a verified email address. But, no user, yet. email = result['email'] user = None # Look for first most recently used Django account, use if found. user = _get_latest_user_with_email(email) # If no Django account, look for a MindTouch account by email. But, only if # there's a MindTouch API available. If found, auto-create the user. if not user and settings.DEKIWIKI_ENDPOINT: deki_user = DekiUserBackend.get_deki_user_by_email(email) if deki_user: user = DekiUserBackend.get_or_create_user(deki_user) # If we got a user from either the Django or MT paths, complete login for # Django and MT and redirect. if user: user.backend = 'django_browserid.auth.BrowserIDBackend' auth.login(request, user) return set_browserid_explained( _redirect_with_mindtouch_login(redirect_to, user.username)) # Retain the verified email in a session, redirect to registration page. request.session[SESSION_VERIFIED_EMAIL] = email request.session[SESSION_REDIRECT_TO] = redirect_to return set_browserid_explained( HttpResponseRedirect(reverse('users.browserid_register')))
def browserid_verify(request): """Process a submitted BrowserID assertion. If valid, try to find either a Django or MindTouch user that matches the verified email address. If neither is found, we bounce to a profile creation page (ie. browserid_register).""" redirect_to = (_clean_next_url(request) or getattr(settings, 'LOGIN_REDIRECT_URL', reverse('home'))) redirect_to_failure = (_clean_next_url(request) or getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', reverse('home'))) failure_resp = set_browserid_explained( HttpResponseRedirect(redirect_to_failure)) # If the form's not valid, then this is a failure. form = BrowserIDForm(data=request.POST) if not form.is_valid(): return failure_resp # If the BrowserID assersion is not valid, then this is a failure. result = _verify_browserid(form, request) if not result: return failure_resp # So far, so good: We have a verified email address. But, no user, yet. email = result['email'] user = None # Look for first most recently used Django account, use if found. user = _get_latest_user_with_email(email) # If no Django account, look for a MindTouch account by email. But, only if # there's a MindTouch API available. If found, auto-create the user. if not user and settings.DEKIWIKI_ENDPOINT: deki_user = DekiUserBackend.get_deki_user_by_email(email) if deki_user: user = DekiUserBackend.get_or_create_user(deki_user) # If we got a user from either the Django or MT paths, complete login for # Django and MT and redirect. if user: user.backend = 'django_browserid.auth.BrowserIDBackend' auth.login(request, user) return set_browserid_explained( _redirect_with_mindtouch_login(redirect_to, user.username)) # Retain the verified email in a session, redirect to registration page. request.session[SESSION_VERIFIED_EMAIL] = email request.session[SESSION_REDIRECT_TO] = redirect_to return set_browserid_explained( HttpResponseRedirect(reverse('users.browserid_register')))
def test_valid_assertion_with_mindtouch_user(self, _verify_browserid): if not settings.DEKIWIKI_ENDPOINT: # Don't even bother with this test, if there's no MindTouch API raise SkipTest() mt_email = '*****@*****.**' _verify_browserid.return_value = {'email': mt_email} # Probably overkill but let's be sure we're testing the right thing. try: User.objects.get(email=mt_email) ok_(False, "The MindTouch user shouldn't exist in Django yet.") except User.DoesNotExist: pass if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API user_xml = MINDTOUCH_USER_XML % dict(username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount', user_xml=user_xml) deki_user = DekiUserBackend.get_deki_user_by_email(mt_email) ok_(deki_user is not None, "The MindTouch user should exist") # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post( reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('SUCCESS' in resp['Location']) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) # And, after all the above, there should be a Django user now. try: User.objects.get(email=mt_email) except User.DoesNotExist: ok_(False, "The MindTouch user should exist in Django now.")
def clean_email(self): try: return super(PasswordResetForm, self).clean_email() except forms.ValidationError as e: if not settings.DEKIWIKI_ENDPOINT: # Skip MindTouch API, if unavailable. raise e email = self.cleaned_data["email"] deki_user = DekiUserBackend.get_deki_user_by_email(email) if deki_user is None: raise e else: user = DekiUserBackend.get_or_create_user(deki_user) self.users_cache = User.objects.filter(email__iexact=email) return user.email raise e
def clean_email(self): try: return super(PasswordResetForm, self).clean_email() except forms.ValidationError as e: if not settings.DEKIWIKI_ENDPOINT: # Skip MindTouch API, if unavailable. raise e email = self.cleaned_data["email"] deki_user = DekiUserBackend.get_deki_user_by_email(email) if deki_user is None: raise e else: user = DekiUserBackend.get_or_create_user(deki_user) self.users_cache = User.objects.filter(email__iexact=email) return user.email raise e
def test_valid_assertion_with_mindtouch_user(self, _verify_browserid): if not settings.DEKIWIKI_ENDPOINT: # Don't even bother with this test, if there's no MindTouch API raise SkipTest() mt_email = "*****@*****.**" _verify_browserid.return_value = {"email": mt_email} # Probably overkill but let's be sure we're testing the right thing. try: User.objects.get(email=mt_email) ok_(False, "The MindTouch user shouldn't exist in Django yet.") except User.DoesNotExist: pass if not getattr(settings, "DEKIWIKI_MOCK", False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API user_xml = MINDTOUCH_USER_XML % dict( username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor", ) DekiUserBackend.put_mindtouch_user(deki_user_id="=testaccount", user_xml=user_xml) deki_user = DekiUserBackend.get_deki_user_by_email(mt_email) ok_(deki_user is not None, "The MindTouch user should exist") # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post(reverse("users.browserid_verify", locale="en-US"), {"assertion": "PRETENDTHISISVALID"}) eq_(302, resp.status_code) ok_("SUCCESS" in resp["Location"]) # The session should look logged in, now. ok_("_auth_user_id" in self.client.session.keys()) eq_("django_browserid.auth.BrowserIDBackend", self.client.session.get("_auth_user_backend", "")) # And, after all the above, there should be a Django user now. try: User.objects.get(email=mt_email) except User.DoesNotExist: ok_(False, "The MindTouch user should exist in Django now.")
def test_valid_assertion_with_mindtouch_user(self, _verify_browserid): mt_email = '*****@*****.**' _verify_browserid.return_value = {'email': mt_email} # Probably overkill but let's be sure we're testing the right thing. try: User.objects.get(email=mt_email) ok_(False, "The MindTouch user shouldn't exist in Django yet.") except User.DoesNotExist: pass if not getattr(settings, 'DEKIWIKI_MOCK', False): # HACK: Ensure that expected user details are in MindTouch when not # mocking the API user_xml = MINDTOUCH_USER_XML % dict(username="******", email=mt_email, fullname="None", status="active", language="", timezone="-08:00", role="Contributor") DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount', user_xml=user_xml) deki_user = DekiUserBackend.get_deki_user_by_email(mt_email) ok_(deki_user is not None, "The MindTouch user should exist") # Posting the fake assertion to browserid_verify should work, with the # actual verification method mocked out. resp = self.client.post(reverse('users.browserid_verify', locale='en-US'), {'assertion': 'PRETENDTHISISVALID'}) eq_(302, resp.status_code) ok_('SUCCESS' in resp['Location']) # The session should look logged in, now. ok_('_auth_user_id' in self.client.session.keys()) eq_('django_browserid.auth.BrowserIDBackend', self.client.session.get('_auth_user_backend', '')) # And, after all the above, there should be a Django user now. try: User.objects.get(email=mt_email) except User.DoesNotExist: ok_(False, "The MindTouch user should exist in Django now.")
def browserid_verify(request): """Process a submitted BrowserID assertion. If valid, try to find either a Django or MindTouch user that matches the verified email address. If neither is found, we bounce to a profile creation page (ie. browserid_register).""" redirect_to = (_clean_next_url(request) or getattr(settings, 'LOGIN_REDIRECT_URL', reverse('home'))) redirect_to_failure = (_clean_next_url(request) or getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', reverse('home'))) failure_resp = set_browserid_explained( HttpResponseRedirect(redirect_to_failure)) # If the form's not valid, then this is a failure. form = BrowserIDForm(data=request.POST) if not form.is_valid(): return failure_resp # If the BrowserID assersion is not valid, then this is a failure. result = _verify_browserid(form, request) if not result: return failure_resp # So far, so good: We have a verified email address. But, no user, yet. email = result['email'] user = None # TODO: This user lookup and create stuff probably belongs in the model: # If user is authenticated, change their email if request.user.is_authenticated(): user = _get_latest_user_with_email(email) # If a user with the email already exists, don't change if user and user != request.user: messages.error(request, 'That email already belongs to another ' 'user.') return set_browserid_explained( HttpResponseRedirect(reverse('users.change_email'))) else: user = request.user user.email = email user.save() redirect_to = reverse('devmo_profile_edit', args=[user.username, ]) else: # Look for first most recently used Django account, use if found. user = _get_latest_user_with_email(email) # If no Django account, look for a MindTouch account by email. # If found, auto-create the user. if not user: deki_user = DekiUserBackend.get_deki_user_by_email(email) if deki_user: user = DekiUserBackend.get_or_create_user(deki_user) # If we got a user from either the Django or MT paths, complete login for # Django and MT and redirect. if user: user.backend = 'django_browserid.auth.BrowserIDBackend' auth.login(request, user) return set_browserid_explained( _redirect_with_mindtouch_login(redirect_to, user.username)) # Retain the verified email in a session, redirect to registration page. request.session[SESSION_VERIFIED_EMAIL] = email request.session[SESSION_REDIRECT_TO] = redirect_to return set_browserid_explained( HttpResponseRedirect(reverse('users.browserid_register')))