def clean_email(self):
try:
return super(PasswordResetForm, self).clean_email()
except forms.ValidationError as e:
email = self.cleaned_data["email"]
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user is None:
raise e
else:
user = DekiUserBackend.get_or_create_user(deki_user)
self.users_cache = User.objects.filter(email__iexact=email)
return user.email
raise e
def browserid_verify(request):
"""Process a submitted BrowserID assertion.
If valid, try to find either a Django or MindTouch user that matches the
verified email address. If neither is found, we bounce to a profile
creation page (ie. browserid_register)."""
redirect_to = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL', reverse('home')))
redirect_to_failure = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', reverse('home')))
failure_resp = set_browserid_explained(
HttpResponseRedirect(redirect_to_failure))
# If the form's not valid, then this is a failure.
form = BrowserIDForm(data=request.POST)
if not form.is_valid():
return failure_resp
# If the BrowserID assersion is not valid, then this is a failure.
result = _verify_browserid(form, request)
if not result:
return failure_resp
# So far, so good: We have a verified email address. But, no user, yet.
email = result['email']
user = None
# Look for first most recently used Django account, use if found.
user = _get_latest_user_with_email(email)
# If no Django account, look for a MindTouch account by email. But, only if
# there's a MindTouch API available. If found, auto-create the user.
if not user and settings.DEKIWIKI_ENDPOINT:
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user:
user = DekiUserBackend.get_or_create_user(deki_user)
# If we got a user from either the Django or MT paths, complete login for
# Django and MT and redirect.
if user:
user.backend = 'django_browserid.auth.BrowserIDBackend'
auth.login(request, user)
return set_browserid_explained(
_redirect_with_mindtouch_login(redirect_to, user.username))
# Retain the verified email in a session, redirect to registration page.
request.session[SESSION_VERIFIED_EMAIL] = email
request.session[SESSION_REDIRECT_TO] = redirect_to
return set_browserid_explained(
HttpResponseRedirect(reverse('users.browserid_register')))
def browserid_verify(request):
"""Process a submitted BrowserID assertion.
If valid, try to find either a Django or MindTouch user that matches the
verified email address. If neither is found, we bounce to a profile
creation page (ie. browserid_register)."""
redirect_to = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL', reverse('home')))
redirect_to_failure = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', reverse('home')))
failure_resp = set_browserid_explained(
HttpResponseRedirect(redirect_to_failure))
# If the form's not valid, then this is a failure.
form = BrowserIDForm(data=request.POST)
if not form.is_valid():
return failure_resp
# If the BrowserID assersion is not valid, then this is a failure.
result = _verify_browserid(form, request)
if not result:
return failure_resp
# So far, so good: We have a verified email address. But, no user, yet.
email = result['email']
user = None
# Look for first most recently used Django account, use if found.
user = _get_latest_user_with_email(email)
# If no Django account, look for a MindTouch account by email. But, only if
# there's a MindTouch API available. If found, auto-create the user.
if not user and settings.DEKIWIKI_ENDPOINT:
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user:
user = DekiUserBackend.get_or_create_user(deki_user)
# If we got a user from either the Django or MT paths, complete login for
# Django and MT and redirect.
if user:
user.backend = 'django_browserid.auth.BrowserIDBackend'
auth.login(request, user)
return set_browserid_explained(
_redirect_with_mindtouch_login(redirect_to, user.username))
# Retain the verified email in a session, redirect to registration page.
request.session[SESSION_VERIFIED_EMAIL] = email
request.session[SESSION_REDIRECT_TO] = redirect_to
return set_browserid_explained(
HttpResponseRedirect(reverse('users.browserid_register')))
def test_valid_assertion_with_mindtouch_user(self, _verify_browserid):
if not settings.DEKIWIKI_ENDPOINT:
# Don't even bother with this test, if there's no MindTouch API
raise SkipTest()
mt_email = '*****@*****.**'
_verify_browserid.return_value = {'email': mt_email}
# Probably overkill but let's be sure we're testing the right thing.
try:
User.objects.get(email=mt_email)
ok_(False, "The MindTouch user shouldn't exist in Django yet.")
except User.DoesNotExist:
pass
if not getattr(settings, 'DEKIWIKI_MOCK', False):
# HACK: Ensure that expected user details are in MindTouch when not
# mocking the API
user_xml = MINDTOUCH_USER_XML % dict(username="******",
email=mt_email,
fullname="None",
status="active",
language="",
timezone="-08:00",
role="Contributor")
DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount',
user_xml=user_xml)
deki_user = DekiUserBackend.get_deki_user_by_email(mt_email)
ok_(deki_user is not None, "The MindTouch user should exist")
# Posting the fake assertion to browserid_verify should work, with the
# actual verification method mocked out.
resp = self.client.post(
reverse('users.browserid_verify', locale='en-US'),
{'assertion': 'PRETENDTHISISVALID'})
eq_(302, resp.status_code)
ok_('SUCCESS' in resp['Location'])
# The session should look logged in, now.
ok_('_auth_user_id' in self.client.session.keys())
eq_('django_browserid.auth.BrowserIDBackend',
self.client.session.get('_auth_user_backend', ''))
# And, after all the above, there should be a Django user now.
try:
User.objects.get(email=mt_email)
except User.DoesNotExist:
ok_(False, "The MindTouch user should exist in Django now.")
def clean_email(self):
try:
return super(PasswordResetForm, self).clean_email()
except forms.ValidationError as e:
if not settings.DEKIWIKI_ENDPOINT:
# Skip MindTouch API, if unavailable.
raise e
email = self.cleaned_data["email"]
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user is None:
raise e
else:
user = DekiUserBackend.get_or_create_user(deki_user)
self.users_cache = User.objects.filter(email__iexact=email)
return user.email
raise e
def clean_email(self):
try:
return super(PasswordResetForm, self).clean_email()
except forms.ValidationError as e:
if not settings.DEKIWIKI_ENDPOINT:
# Skip MindTouch API, if unavailable.
raise e
email = self.cleaned_data["email"]
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user is None:
raise e
else:
user = DekiUserBackend.get_or_create_user(deki_user)
self.users_cache = User.objects.filter(email__iexact=email)
return user.email
raise e
def test_valid_assertion_with_mindtouch_user(self, _verify_browserid):
if not settings.DEKIWIKI_ENDPOINT:
# Don't even bother with this test, if there's no MindTouch API
raise SkipTest()
mt_email = "*****@*****.**"
_verify_browserid.return_value = {"email": mt_email}
# Probably overkill but let's be sure we're testing the right thing.
try:
User.objects.get(email=mt_email)
ok_(False, "The MindTouch user shouldn't exist in Django yet.")
except User.DoesNotExist:
pass
if not getattr(settings, "DEKIWIKI_MOCK", False):
# HACK: Ensure that expected user details are in MindTouch when not
# mocking the API
user_xml = MINDTOUCH_USER_XML % dict(
username="******",
email=mt_email,
fullname="None",
status="active",
language="",
timezone="-08:00",
role="Contributor",
)
DekiUserBackend.put_mindtouch_user(deki_user_id="=testaccount", user_xml=user_xml)
deki_user = DekiUserBackend.get_deki_user_by_email(mt_email)
ok_(deki_user is not None, "The MindTouch user should exist")
# Posting the fake assertion to browserid_verify should work, with the
# actual verification method mocked out.
resp = self.client.post(reverse("users.browserid_verify", locale="en-US"), {"assertion": "PRETENDTHISISVALID"})
eq_(302, resp.status_code)
ok_("SUCCESS" in resp["Location"])
# The session should look logged in, now.
ok_("_auth_user_id" in self.client.session.keys())
eq_("django_browserid.auth.BrowserIDBackend", self.client.session.get("_auth_user_backend", ""))
# And, after all the above, there should be a Django user now.
try:
User.objects.get(email=mt_email)
except User.DoesNotExist:
ok_(False, "The MindTouch user should exist in Django now.")
def test_valid_assertion_with_mindtouch_user(self, _verify_browserid):
mt_email = '*****@*****.**'
_verify_browserid.return_value = {'email': mt_email}
# Probably overkill but let's be sure we're testing the right thing.
try:
User.objects.get(email=mt_email)
ok_(False, "The MindTouch user shouldn't exist in Django yet.")
except User.DoesNotExist:
pass
if not getattr(settings, 'DEKIWIKI_MOCK', False):
# HACK: Ensure that expected user details are in MindTouch when not
# mocking the API
user_xml = MINDTOUCH_USER_XML % dict(username="******",
email=mt_email, fullname="None", status="active",
language="", timezone="-08:00", role="Contributor")
DekiUserBackend.put_mindtouch_user(deki_user_id='=testaccount',
user_xml=user_xml)
deki_user = DekiUserBackend.get_deki_user_by_email(mt_email)
ok_(deki_user is not None, "The MindTouch user should exist")
# Posting the fake assertion to browserid_verify should work, with the
# actual verification method mocked out.
resp = self.client.post(reverse('users.browserid_verify',
locale='en-US'),
{'assertion': 'PRETENDTHISISVALID'})
eq_(302, resp.status_code)
ok_('SUCCESS' in resp['Location'])
# The session should look logged in, now.
ok_('_auth_user_id' in self.client.session.keys())
eq_('django_browserid.auth.BrowserIDBackend',
self.client.session.get('_auth_user_backend', ''))
# And, after all the above, there should be a Django user now.
try:
User.objects.get(email=mt_email)
except User.DoesNotExist:
ok_(False, "The MindTouch user should exist in Django now.")
def browserid_verify(request):
"""Process a submitted BrowserID assertion.
If valid, try to find either a Django or MindTouch user that matches the
verified email address. If neither is found, we bounce to a profile
creation page (ie. browserid_register)."""
redirect_to = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL', reverse('home')))
redirect_to_failure = (_clean_next_url(request) or
getattr(settings, 'LOGIN_REDIRECT_URL_FAILURE', reverse('home')))
failure_resp = set_browserid_explained(
HttpResponseRedirect(redirect_to_failure))
# If the form's not valid, then this is a failure.
form = BrowserIDForm(data=request.POST)
if not form.is_valid():
return failure_resp
# If the BrowserID assersion is not valid, then this is a failure.
result = _verify_browserid(form, request)
if not result:
return failure_resp
# So far, so good: We have a verified email address. But, no user, yet.
email = result['email']
user = None
# TODO: This user lookup and create stuff probably belongs in the model:
# If user is authenticated, change their email
if request.user.is_authenticated():
user = _get_latest_user_with_email(email)
# If a user with the email already exists, don't change
if user and user != request.user:
messages.error(request, 'That email already belongs to another '
'user.')
return set_browserid_explained(
HttpResponseRedirect(reverse('users.change_email')))
else:
user = request.user
user.email = email
user.save()
redirect_to = reverse('devmo_profile_edit', args=[user.username, ])
else:
# Look for first most recently used Django account, use if found.
user = _get_latest_user_with_email(email)
# If no Django account, look for a MindTouch account by email.
# If found, auto-create the user.
if not user:
deki_user = DekiUserBackend.get_deki_user_by_email(email)
if deki_user:
user = DekiUserBackend.get_or_create_user(deki_user)
# If we got a user from either the Django or MT paths, complete login for
# Django and MT and redirect.
if user:
user.backend = 'django_browserid.auth.BrowserIDBackend'
auth.login(request, user)
return set_browserid_explained(
_redirect_with_mindtouch_login(redirect_to, user.username))
# Retain the verified email in a session, redirect to registration page.
request.session[SESSION_VERIFIED_EMAIL] = email
request.session[SESSION_REDIRECT_TO] = redirect_to
return set_browserid_explained(
HttpResponseRedirect(reverse('users.browserid_register')))
