def test_login(self):
""" Make sure we didn't break the authentication system
This assumes that login urls are named 'login'
"""
self.assertTrue(has_user_agreed_latest_tos(self.user1))
login = self.client.login(username='******', password='******')
self.failUnless(login, 'Could not log in')
self.assertTrue(has_user_agreed_latest_tos(self.user1))
def test_need_agreement(self):
""" user2 tries to login and then has to go and agree to terms"""
self.assertFalse(has_user_agreed_latest_tos(self.user2))
response = self.client.post(self.login_url, dict(username='******', password='******'))
self.assertContains(response, "first edition of the terms of service")
self.assertFalse(has_user_agreed_latest_tos(self.user2))
def test_login(self):
""" Make sure we didn't break the authentication system
This assumes that login urls are named 'login'
"""
self.assertTrue(has_user_agreed_latest_tos(self.user1))
login = self.client.login(username='******', password='******')
self.failUnless(login, 'Could not log in')
self.assertTrue(has_user_agreed_latest_tos(self.user1))
def test_need_agreement(self):
""" user2 tries to login and then has to go and agree to terms"""
self.assertFalse(has_user_agreed_latest_tos(self.user2))
response = self.client.post(self.login_url, dict(username='******', password='******'))
self.assertContains(response, "first edition of the terms of service")
self.assertFalse(has_user_agreed_latest_tos(self.user2))
def test_reject_agreement(self):
self.assertFalse(has_user_agreed_latest_tos(self.user2))
response = self.client.post(self.login_url, dict(username='******', password='******'))
self.assertContains(response, "first edition of the terms of service")
url = reverse('tos_check_tos')
response = self.client.post(url, {'accept': 'reject'})
self.assertFalse(has_user_agreed_latest_tos(self.user2))
def test_user_agreement(self):
# simple agreement
UserAgreement.objects.create(terms_of_service=self.tos1,
user=self.user1)
self.assertTrue(has_user_agreed_latest_tos(self.user1))
self.assertFalse(has_user_agreed_latest_tos(self.user2))
self.assertFalse(has_user_agreed_latest_tos(self.user3))
# Now set self.tos2.active to True and see what happens
self.tos2.active = True
self.tos2.save()
self.assertFalse(has_user_agreed_latest_tos(self.user1))
self.assertFalse(has_user_agreed_latest_tos(self.user2))
self.assertFalse(has_user_agreed_latest_tos(self.user3))
# add in a couple agreements and try again
UserAgreement.objects.create(terms_of_service=self.tos2,
user=self.user1)
UserAgreement.objects.create(terms_of_service=self.tos2,
user=self.user3)
self.assertTrue(has_user_agreed_latest_tos(self.user1))
self.assertFalse(has_user_agreed_latest_tos(self.user2))
self.assertTrue(has_user_agreed_latest_tos(self.user3))
def test_user_agreement(self):
# simple agreement
UserAgreement.objects.create(
terms_of_service=self.tos1,
user=self.user1
)
self.assertTrue(has_user_agreed_latest_tos(self.user1))
self.assertFalse(has_user_agreed_latest_tos(self.user2))
self.assertFalse(has_user_agreed_latest_tos(self.user3))
# Now set self.tos2.active to True and see what happens
self.tos2.active = True
self.tos2.save()
self.assertFalse(has_user_agreed_latest_tos(self.user1))
self.assertFalse(has_user_agreed_latest_tos(self.user2))
self.assertFalse(has_user_agreed_latest_tos(self.user3))
# add in a couple agreements and try again
UserAgreement.objects.create(
terms_of_service=self.tos2,
user=self.user1
)
UserAgreement.objects.create(
terms_of_service=self.tos2,
user=self.user3
)
self.assertTrue(has_user_agreed_latest_tos(self.user1))
self.assertFalse(has_user_agreed_latest_tos(self.user2))
self.assertTrue(has_user_agreed_latest_tos(self.user3))
def login(request,
template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
form = authentication_form(data=request.POST)
if form.is_valid():
redirect_to = _redirect_to(redirect_to)
# Okay, security checks complete. Check to see if user agrees to terms
user = form.get_user()
if has_user_agreed_latest_tos(user):
# Log the user in.
auth_login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
# user has not yet agreed to latest tos
# force them to accept or refuse
request.session['tos_user'] = user.pk
# Pass the used backend as well since django will require it
# and it can only be optained by calling authenticate, but we got no credentials in check_tos.
# see: https://docs.djangoproject.com/en/1.6/topics/auth/default/#how-to-log-a-user-in
request.session['tos_backend'] = user.backend
return render_to_response(
'tos/tos_check.html', {
redirect_field_name: redirect_to,
'tos': TermsOfService.objects.get_current_tos()
},
context_instance=RequestContext(request))
else:
form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
return render_to_response(template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
},
context_instance=RequestContext(request))
def login(
request,
template_name="registration/login.html",
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm,
):
"""Displays the login form and handles the login action."""
redirect_to = request.REQUEST.get(redirect_field_name, "")
if request.method == "POST":
form = authentication_form(data=request.POST)
if form.is_valid():
redirect_to = _redirect_to(redirect_to)
# Okay, security checks complete. Check to see if user agrees to terms
user = form.get_user()
if has_user_agreed_latest_tos(user):
# Log the user in.
auth_login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
# user has not yet agreed to latest tos
# force them to accept or refuse
request.session["tos_user"] = user.pk
# Pass the used backend as well since django will require it
# and it can only be optained by calling authenticate, but we got no credentials in check_tos.
# see: https://docs.djangoproject.com/en/1.6/topics/auth/default/#how-to-log-a-user-in
request.session["tos_backend"] = user.backend
return render_to_response(
"tos/tos_check.html",
{redirect_field_name: redirect_to, "tos": TermsOfService.objects.get_current_tos()},
context_instance=RequestContext(request),
)
else:
form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
return render_to_response(
template_name,
{"form": form, redirect_field_name: redirect_to, "site": current_site, "site_name": current_site.name},
context_instance=RequestContext(request),
)
def test_bump_new_agreement(self):
# Change the tos
self.tos2.active = True
self.tos2.save()
# is user1 agreed now?
self.assertFalse(has_user_agreed_latest_tos(self.user1))
# user1 agrees again
response = self.client.post(self.login_url, dict(username='******', password='******'))
self.assertContains(response, "second edition of the terms of service")
self.assertFalse(has_user_agreed_latest_tos(self.user2))
url = reverse('tos_check_tos')
response = self.client.post(url, {'accept':'accept'})
self.assertTrue(has_user_agreed_latest_tos(self.user1))
def test_bump_new_agreement(self):
# Change the tos
self.tos2.active = True
self.tos2.save()
# is user1 agreed now?
self.assertFalse(has_user_agreed_latest_tos(self.user1))
# user1 agrees again
response = self.client.post(self.login_url, dict(username='******', password='******'))
self.assertContains(response, "second edition of the terms of service")
self.assertFalse(has_user_agreed_latest_tos(self.user2))
url = reverse('tos_check_tos')
response = self.client.post(url, {'accept': 'accept'})
self.assertTrue(has_user_agreed_latest_tos(self.user1))
def test_do_not_need_agreement(self):
""" user2 tries to login and has already agreed"""
self.assertTrue(has_user_agreed_latest_tos(self.user1))
response = self.client.post(
self.login_url, dict(username='******', password='******'))
self.assertEqual(302, response.status_code)
def test_do_not_need_agreement(self):
""" user2 tries to login and has already agreed"""
self.assertTrue(has_user_agreed_latest_tos(self.user1))
response = self.client.post(self.login_url, dict(username='******',
password='******'))
self.assertEqual(302, response.status_code)
def login(
request,
template_name="registration/login.html",
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm,
):
"""Displays the login form and handles the login action."""
redirect_to = request.REQUEST.get(redirect_field_name, "")
if request.method == "POST":
form = authentication_form(data=request.POST)
if form.is_valid():
redirect_to = _redirect_to(redirect_to)
# Okay, security checks complete. Check to see if user agrees to terms
user = form.get_user()
if has_user_agreed_latest_tos(user):
# Log the user in.
auth_login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
# user has not yet agreed to latest tos
# force them to accept or refuse
request.session["tos_user"] = user
return render_to_response(
"tos/tos_check.html",
{redirect_field_name: redirect_to, "tos": TermsOfService.objects.get_current_tos()},
context_instance=RequestContext(request),
)
else:
form = authentication_form(request)
request.session.set_test_cookie()
if Site._meta.installed:
current_site = Site.objects.get_current()
else:
current_site = RequestSite(request)
return render_to_response(
template_name,
{"form": form, "redirect_field_name": redirect_to, "site": current_site, "site_name": current_site.name},
context_instance=RequestContext(request),
)
def login_view(request):
"""
Standard Django login, with additions:
Lowercase the login email (username)
Check user has accepted ToS, if any.
"""
if request.method == "POST":
redirect_to = request.POST.get('next', request.GET.get('next', False))
if not redirect_to:
redirect_to = reverse('seed:home')
form = LoginForm(request.POST)
if form.is_valid():
new_user = authenticate(
username=form.cleaned_data['email'].lower(),
password=form.cleaned_data['password']
)
if new_user and new_user.is_active:
# determine if user has accepted ToS, if one exists
try:
user_accepted_tos = has_user_agreed_latest_tos(new_user)
except NoActiveTermsOfService:
# there's no active ToS, skip interstitial
user_accepted_tos = True
if user_accepted_tos:
login(request, new_user)
return HttpResponseRedirect(redirect_to)
else:
# store login info for django-tos to handle
request.session['tos_user'] = new_user.pk
request.session['tos_backend'] = new_user.backend
context = RequestContext(request)
context.update({
'next': redirect_to,
'tos': TermsOfService.objects.get_current_tos()
})
return render_to_response(
'tos/tos_check.html',
context_instance=context
)
else:
errors = ErrorList()
errors = form._errors.setdefault(NON_FIELD_ERRORS, errors)
errors.append('Username and/or password were invalid.')
else:
form = LoginForm()
return render_to_response(
'landing/login.html',
locals(),
context_instance=RequestContext(request),
)
def login_view(request):
"""
Standard Django login, with additions:
Lowercase the login email (username)
Check user has accepted ToS, if any.
"""
if request.method == "POST":
redirect_to = request.REQUEST.get('next', False)
if not redirect_to:
redirect_to = reverse('seed:home')
form = LoginForm(request.POST)
if form.is_valid():
new_user = authenticate(
username=form.cleaned_data['email'].lower(),
password=form.cleaned_data['password']
)
if new_user and new_user.is_active:
# determine if user has accepted ToS, if one exists
try:
user_accepted_tos = has_user_agreed_latest_tos(new_user)
except NoActiveTermsOfService:
# there's no active ToS, skip interstitial
user_accepted_tos = True
if user_accepted_tos:
login(request, new_user)
return HttpResponseRedirect(redirect_to)
else:
# store login info for django-tos to handle
request.session['tos_user'] = new_user.pk
request.session['tos_backend'] = new_user.backend
context = RequestContext(request)
context.update({
'next': redirect_to,
'tos': TermsOfService.objects.get_current_tos()
})
return render_to_response(
'tos/tos_check.html',
context_instance=context
)
else:
errors = ErrorList()
errors = form._errors.setdefault(NON_FIELD_ERRORS, errors)
errors.append('Username and/or password were invalid.')
else:
form = LoginForm()
return render_to_response(
'landing/login.html',
locals(),
context_instance=RequestContext(request),
)
