def account_recover(request, key = None):
"""view similar to send_email_key, except
it allows user to recover an account by entering
his/her email address
this view will both - send the recover link and
process it
url name 'user_account_recover'
"""
if not askbot_settings.ALLOW_ACCOUNT_RECOVERY_BY_EMAIL:
raise Http404
if request.method == 'POST':
form = forms.AccountRecoveryForm(request.POST)
if form.is_valid():
user = form.cleaned_data['user']
send_new_email_key(user, nomessage = True)
message = _(
'Please check your email and visit the enclosed link.'
)
return show_signin_view(
request,
account_recovery_message = message,
view_subtype = 'email_sent'
)
else:
return show_signin_view(
request,
account_recovery_form = form
)
else:
if key is None:
return HttpResponseRedirect(reverse('user_signin'))
user = authenticate(email_key = key, method = 'email')
if user:
if request.user.is_authenticated():
if user != request.user:
logout(request)
login(request, user)
else:
login(request, user)
#need to show "sticky" signin view here
return show_signin_view(
request,
view_subtype = 'add_openid',
sticky = True
)
else:
return show_signin_view(request, view_subtype = 'bad_key')
def show_signin_view(request,
login_form=None,
account_recovery_form=None,
account_recovery_message=None,
sticky=False,
view_subtype='default'):
"""url-less utility function that populates
context of template 'authopenid/signin.html'
and returns its rendered output
"""
allowed_subtypes = ('default', 'add_openid', 'email_sent', 'change_openid',
'bad_key')
assert (view_subtype in allowed_subtypes)
if sticky:
next_url = reverse('user_signin')
else:
next_url = get_next_url(request)
if login_form is None:
login_form = forms.LoginForm(initial={'next': next_url})
if account_recovery_form is None:
account_recovery_form = forms.AccountRecoveryForm(
) #initial = initial_data)
#if request is GET
if request.method == 'GET':
logging.debug('request method was GET')
#todo: this sthuff must be executed on some signal
#because askbot should have nothing to do with the login app
from askbot.models import AnonymousQuestion as AQ
session_key = request.session.session_key
logging.debug(
'retrieving anonymously posted question associated with session %s' %
session_key)
qlist = AQ.objects.filter(session_key=session_key).order_by('-added_at')
if len(qlist) > 0:
question = qlist[0]
else:
question = None
from askbot.models import AnonymousAnswer as AA
session_key = request.session.session_key
logging.debug('retrieving posted answer associated with session %s' %
session_key)
alist = AA.objects.filter(session_key=session_key).order_by('-added_at')
if len(alist) > 0:
answer = alist[0]
else:
answer = None
if request.user.is_authenticated():
existing_login_methods = UserAssociation.objects.filter(
user=request.user)
if view_subtype == 'default':
page_title = _('Please click any of the icons below to sign in')
elif view_subtype == 'email_sent':
page_title = _('Account recovery email sent')
elif view_subtype == 'change_openid':
if len(existing_login_methods) == 0:
page_title = _('Please add one or more login methods.')
else:
page_title = _(
'If you wish, please add, remove or re-validate your login methods'
)
elif view_subtype == 'add_openid':
page_title = _(
'Please wait a second! Your account is recovered, but ...')
elif view_subtype == 'bad_key':
page_title = _(
'Sorry, this account recovery key has expired or is invalid')
logging.debug('showing signin view')
data = {
'page_class': 'openid-signin',
'view_subtype': view_subtype, #add_openid|default
'page_title': page_title,
'question': question,
'answer': answer,
'login_form': login_form,
'use_password_login': util.use_password_login(),
'account_recovery_form': account_recovery_form,
'openid_error_message': request.REQUEST.get('msg', ''),
'account_recovery_message': account_recovery_message,
'use_password_login': util.use_password_login(),
}
major_login_providers = util.get_major_login_providers()
minor_login_providers = util.get_minor_login_providers()
active_provider_names = None
if request.user.is_authenticated():
data['existing_login_methods'] = existing_login_methods
active_provider_names = [
item.provider_name for item in existing_login_methods
]
util.set_login_provider_tooltips(
major_login_providers, active_provider_names=active_provider_names)
util.set_login_provider_tooltips(
minor_login_providers, active_provider_names=active_provider_names)
data['major_login_providers'] = major_login_providers.values()
data['minor_login_providers'] = minor_login_providers.values()
return render_into_skin('authopenid/signin.html', data, request)
def show_signin_view(request,
login_form=None,
account_recovery_form=None,
account_recovery_message=None,
sticky=False,
view_subtype='default'):
"""url-less utility function that populates
context of template 'authopenid/signin.html'
and returns its rendered output
"""
allowed_subtypes = ('default', 'add_openid', 'email_sent', 'change_openid',
'bad_key')
assert (view_subtype in allowed_subtypes)
if sticky:
next_url = reverse('user_signin')
else:
next_url = get_next_url(request)
if login_form is None:
login_form = forms.LoginForm(initial={'next': next_url})
if account_recovery_form is None:
account_recovery_form = forms.AccountRecoveryForm(
) #initial = initial_data)
#if request is GET
if request.method == 'GET':
logging.debug('request method was GET')
#todo: this sthuff must be executed on some signal
#because askbot should have nothing to do with the login app
from askbot.models import AnonymousQuestion as AQ
session_key = request.session.session_key
logging.debug(
'retrieving anonymously posted question associated with session %s' %
session_key)
qlist = AQ.objects.filter(session_key=session_key).order_by('-added_at')
if len(qlist) > 0:
question = qlist[0]
else:
question = None
from askbot.models import AnonymousAnswer as AA
session_key = request.session.session_key
logging.debug('retrieving posted answer associated with session %s' %
session_key)
alist = AA.objects.filter(session_key=session_key).order_by('-added_at')
if len(alist) > 0:
answer = alist[0]
else:
answer = None
if request.user.is_authenticated():
existing_login_methods = UserAssociation.objects.filter(
user=request.user)
#annotate objects with extra data
providers = util.get_enabled_login_providers()
for login_method in existing_login_methods:
try:
provider_data = providers[login_method.provider_name]
if provider_data['type'] == 'password':
#only external password logins will not be deletable
#this is because users with those can lose access to their accounts permanently
login_method.is_deletable = provider_data.get(
'password_changeable', False)
else:
login_method.is_deletable = True
except KeyError:
logging.critical(
'login method %s is no longer available '
'please delete records for this login method '
'from the UserAssociation table',
login_method.provider_name)
continue
if view_subtype == 'default':
page_title = _('Please click any of the icons below to sign in')
elif view_subtype == 'email_sent':
page_title = _('Account recovery email sent')
elif view_subtype == 'change_openid':
if len(existing_login_methods) == 0:
page_title = _('Please add one or more login methods.')
else:
page_title = _(
'If you wish, please add, remove or re-validate your login methods'
)
elif view_subtype == 'add_openid':
page_title = _(
'Please wait a second! Your account is recovered, but ...')
elif view_subtype == 'bad_key':
page_title = _(
'Sorry, this account recovery key has expired or is invalid')
logging.debug('showing signin view')
data = {
'page_class': 'openid-signin',
'view_subtype': view_subtype, #add_openid|default
'page_title': page_title,
'question': question,
'answer': answer,
'login_form': login_form,
'use_password_login': util.use_password_login(),
'account_recovery_form': account_recovery_form,
'openid_error_message': request.REQUEST.get('msg', ''),
'account_recovery_message': account_recovery_message,
'use_password_login': util.use_password_login(),
}
major_login_providers = util.get_enabled_major_login_providers()
minor_login_providers = util.get_enabled_minor_login_providers()
#determine if we are only using password login
active_provider_names = [p['name'] for p in major_login_providers.values()]
active_provider_names.extend(
[p['name'] for p in minor_login_providers.values()])
have_buttons = True
if (len(active_provider_names) == 1
and active_provider_names[0] == 'local'):
if askbot_settings.SIGNIN_ALWAYS_SHOW_LOCAL_LOGIN == True:
#in this case the form is not using javascript, so set initial values
#here
have_buttons = False
login_form.initial['login_provider_name'] = 'local'
if request.user.is_authenticated():
login_form.initial['password_action'] = 'change_password'
else:
login_form.initial['password_action'] = 'login'
data['have_buttons'] = have_buttons
if request.user.is_authenticated():
data['existing_login_methods'] = existing_login_methods
active_provider_names = [
item.provider_name for item in existing_login_methods
]
util.set_login_provider_tooltips(
major_login_providers, active_provider_names=active_provider_names)
util.set_login_provider_tooltips(
minor_login_providers, active_provider_names=active_provider_names)
data['major_login_providers'] = major_login_providers.values()
data['minor_login_providers'] = minor_login_providers.values()
return render_into_skin('authopenid/signin.html', data, request)