def connect(request): ''' Exception and validation functionality around the _connect view Separated this out from _connect to preserve readability Don't bother reading this code, skip to _connect for the bit you're interested in :) ''' facebook_login = to_bool(request.REQUEST.get('facebook_login')) context = RequestContext(request) #validation to ensure the context processor is enabled if not context.get('FACEBOOK_APP_ID'): message = 'Please specify a Facebook app id and ensure the context processor is enabled' raise ValueError(message) #hide the connect page, convenient for testing with new users in production though if not facebook_login and not settings.DEBUG and facebook_settings.FACEBOOK_HIDE_CONNECT_TEST: raise Http404('not showing the connect page') try: response = _connect(request, facebook_login) except open_facebook_exceptions.FacebookUnreachable, e: #often triggered when Facebook is slow warning_format = u'%s, often caused by Facebook slowdown, error %s' warn_message = warning_format % (type(e), e.message) send_warning(warn_message, e=e) response = error_next_redirect(request, additional_params=dict( fb_error_or_cancel=1) )
def connect_user(request, access_token=None, facebook_graph=None): ''' Given a request either - (if authenticated) connect the user - login - register ''' user = None graph = facebook_graph or get_facebook_graph(request, access_token) converter = get_instance_for('user_conversion', graph) assert converter.is_authenticated() facebook_data = converter.facebook_profile_data() force_registration = request.REQUEST.get('force_registration') or\ request.REQUEST.get('force_registration_hard') connect_facebook = to_bool(request.REQUEST.get('connect_facebook')) logger.debug('force registration is set to %s', force_registration) if connect_facebook and request.user.is_authenticated() and not force_registration: # we should only allow connect if users indicate they really want to connect # only when the request.CONNECT_FACEBOOK = 1 # if this isn't present we just do a login action = CONNECT_ACTIONS.CONNECT user = _connect_user(request, converter) else: email = facebook_data.get('email', False) email_verified = facebook_data.get('verified', False) kwargs = {} if email and email_verified: kwargs = {'facebook_email': email} auth_user = authenticate(facebook_id=facebook_data['id'], **kwargs) if auth_user and not force_registration: action = CONNECT_ACTIONS.LOGIN # Has the user registered without Facebook, using the verified FB # email address? # It is after all quite common to use email addresses for usernames update = getattr(auth_user, 'fb_update_required', False) if not auth_user.get_profile().facebook_id: update = True # login the user user = _login_user(request, converter, auth_user, update=update) else: action = CONNECT_ACTIONS.REGISTER # when force registration is active we should remove the old profile try: user = _register_user(request, converter, remove_old_connections=force_registration) except facebook_exceptions.AlreadyRegistered, e: # in Multithreaded environments it's possible someone beats us to # the punch, in that case just login logger.info('parallel register encountered, slower thread is doing a login') auth_user = authenticate( facebook_id=facebook_data['id'], **kwargs) action = CONNECT_ACTIONS.LOGIN user = _login_user(request, converter, auth_user, update=False)
def connect_user(request, access_token=None, facebook_graph=None): ''' Given a request either - (if authenticated) connect the user - login - register ''' user = None graph = facebook_graph or get_facebook_graph(request, access_token) facebook = FacebookUserConverter(graph) assert facebook.is_authenticated() facebook_data = facebook.facebook_profile_data() force_registration = request.REQUEST.get('force_registration') or\ request.REQUEST.get('force_registration_hard') connect_facebook = to_bool(request.REQUEST.get('connect_facebook')) logger.debug('force registration is set to %s', force_registration) if connect_facebook and request.user.is_authenticated() and not force_registration: #we should only allow connect if users indicate they really want to connect #only when the request.CONNECT_FACEBOOK = 1 #if this isn't present we just do a login action = CONNECT_ACTIONS.CONNECT user = _connect_user(request, facebook) else: email = facebook_data.get('email', False) email_verified = facebook_data.get('verified', False) kwargs = {} if email and email_verified: kwargs = {'facebook_email': email} auth_user = authenticate(facebook_id=facebook_data['id'], **kwargs) if auth_user and not force_registration: action = CONNECT_ACTIONS.LOGIN # Has the user registered without Facebook, using the verified FB # email address? # It is after all quite common to use email addresses for usernames update = getattr(auth_user, 'fb_update_required', False) if not auth_user.get_profile().facebook_id: update = True #login the user user = _login_user(request, facebook, auth_user, update=update) else: action = CONNECT_ACTIONS.REGISTER # when force registration is active we should remove the old profile try: user = _register_user(request, facebook, remove_old_connections=force_registration) except facebook_exceptions.AlreadyRegistered, e: #in Multithreaded environments it's possible someone beats us to #the punch, in that case just login logger.info('parallel register encountered, slower thread is doing a login') auth_user = authenticate( facebook_id=facebook_data['id'], **kwargs) action = CONNECT_ACTIONS.LOGIN user = _login_user(request, facebook, auth_user, update=False)
def _connect(request, graph): ''' Handles the view logic around connect user - (if authenticated) connect the user - login - register We are already covered by the facebook_required_lazy decorator So we know we either have a graph and permissions, or the user denied the oAuth dialog ''' backend = get_registration_backend() context = RequestContext(request) connect_facebook = to_bool(request.REQUEST.get('connect_facebook')) logger.info('trying to connect using Facebook') if graph: logger.info('found a graph object') converter = get_instance_for('user_conversion', graph) authenticated = converter.is_authenticated() # Defensive programming :) if not authenticated: raise ValueError('didnt expect this flow') logger.info('Facebook is authenticated') facebook_data = converter.facebook_profile_data() # either, login register or connect the user try: action, user = connect_user( request, connect_facebook=connect_facebook) logger.info('Django facebook performed action: %s', action) except facebook_exceptions.IncompleteProfileError, e: # show them a registration form to add additional data warning_format = u'Incomplete profile data encountered with error %s' warn_message = warning_format % unicode(e) send_warning(warn_message, e=e, facebook_data=facebook_data) context['facebook_mode'] = True context['form'] = e.form #MJA modification to auto-register #backend.register(request, None, username='******', eamil='*****@*****.**', password1='Blahblah3') #return next_redirect(request) return render_to_response( facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE, context_instance=context, ) except facebook_exceptions.AlreadyConnectedError, e: user_ids = [u.get_user_id() for u in e.users] ids_string = ','.join(map(str, user_ids)) additional_params = dict(already_connected=ids_string) return backend.post_error(request, additional_params)
def _connect(request, graph): ''' Handles the view logic around connect user - (if authenticated) connect the user - login - register We are already covered by the facebook_required_lazy decorator So we know we either have a graph and permissions, or the user denied the oAuth dialog ''' backend = get_registration_backend() context = RequestContext(request) connect_facebook = to_bool(request.REQUEST.get('connect_facebook')) logger.info('trying to connect using Facebook') if graph: logger.info('found a graph object') converter = get_instance_for('user_conversion', graph) authenticated = converter.is_authenticated() # Defensive programming :) if not authenticated: raise ValueError('didnt expect this flow') logger.info('Facebook is authenticated') facebook_data = converter.facebook_profile_data() # either, login register or connect the user try: action, user = connect_user(request, connect_facebook=connect_facebook) logger.info('Django facebook performed action: %s', action) except facebook_exceptions.IncompleteProfileError as e: # show them a registration form to add additional data warning_format = 'Incomplete profile data encountered with error %s' warn_message = warning_format % str(e) send_warning(warn_message, e=e, facebook_data=facebook_data) context['facebook_mode'] = True context['form'] = e.form return render_to_response( facebook_settings.FACEBOOK_REGISTRATION_TEMPLATE, context_instance=context, ) except facebook_exceptions.AlreadyConnectedError as e: user_ids = [u.get_user_id() for u in e.users] ids_string = ','.join(map(str, user_ids)) additional_params = dict(already_connected=ids_string) return backend.post_error(request, additional_params) response = backend.post_connect(request, user, action) if action is CONNECT_ACTIONS.LOGIN: pass elif action is CONNECT_ACTIONS.CONNECT: # connect means an existing account was attached to facebook messages.info( request, _("You have connected your account " "to %s's facebook profile") % facebook_data['name']) elif action is CONNECT_ACTIONS.REGISTER: # hook for tying in specific post registration functionality response.set_cookie('fresh_registration', user.id) else: # the user denied the request additional_params = dict(fb_error_or_cancel='1') response = backend.post_error(request, additional_params) return response
def _connect(request, graph): ''' Handles the view logic around connect user - (if authenticated) connect the user - login - register We are already covered by the facebook_required_lazy decorator So we know we either have a graph and permissions, or the user denied the oAuth dialog ''' backend = get_registration_backend() context = RequestContext(request) connect_facebook = to_bool(request.REQUEST.get('connect_facebook')) logger.info('C01: trying to connect using Facebook') if graph: logger.info('C02: found a graph object') converter = get_instance_for('user_conversion', graph) authenticated = converter.is_authenticated() # Defensive programming :) if not authenticated: logger.info('C04: not authenticated') raise ValueError('didnt expect this flow') logger.info('C05: Facebook is authenticated') facebook_data = converter.facebook_profile_data() # either, login register or connect the user try: action, user = connect_user( request, connect_facebook=connect_facebook) logger.info('Django facebook performed action: %s', action) # If client or subclient were detected redirect them to client login page if action == CONNECT_ACTIONS.CLIENT_REDIRECT: return redirect("facebook_client_login") except facebook_exceptions.IncompleteProfileError, e: # show them a registration form to add additional data warning_format = u'Incomplete profile data encountered with error %s' warn_message = warning_format % unicode(e) logger.info(warn_message) send_warning(warn_message, e=e, facebook_data=facebook_data) context['facebook_mode'] = True context['blocked_email'] = e.form.data['email'] e.form.data['email'] = u'' context['form'] = e.form # Style register page layout = get_layout(request=request) logger.info('C06: Got layout %s' % layout) context['layout'] = layout return render_to_response( backend.get_registration_template(), context_instance=context, ) except facebook_exceptions.AlreadyConnectedError, e: logger.info('Already connected error') user_ids = [u.get_user_id() for u in e.users] ids_string = ','.join(map(str, user_ids)) additional_params = dict(already_connected=ids_string) return backend.post_error(request, additional_params)
def _connect(request, graph): ''' Handles the view logic around connect user - (if authenticated) connect the user - login - register We are already covered by the facebook_required_lazy decorator So we know we either have a graph and permissions, or the user denied the oAuth dialog ''' backend = get_registration_backend() context = RequestContext(request) connect_facebook = to_bool(request.REQUEST.get('connect_facebook')) logger.info('trying to connect using Facebook') if graph: logger.info('found a graph object') converter = get_instance_for('user_conversion', graph) authenticated = converter.is_authenticated() # Defensive programming :) if not authenticated: raise ValueError('didnt expect this flow') logger.info('Facebook is authenticated') facebook_data = converter.facebook_profile_data() # either, login register or connect the user try: action, user = connect_user( request, connect_facebook=connect_facebook) logger.info('Django facebook performed action: %s', action) except facebook_exceptions.IncompleteProfileError as e: # show them a registration form to add additional data warning_format = u'Incomplete profile data encountered with error %s' warn_message = warning_format % unicode(e) send_warning(warn_message, e=e, facebook_data=facebook_data) context['facebook_mode'] = True context['form'] = e.form return render_to_response( backend.get_registration_template(), context_instance=context, ) except facebook_exceptions.AlreadyConnectedError as e: user_ids = [u.get_user_id() for u in e.users] ids_string = ','.join(map(str, user_ids)) additional_params = dict(already_connected=ids_string) return backend.post_error(request, additional_params) response = backend.post_connect(request, user, action) if action is CONNECT_ACTIONS.LOGIN: pass elif action is CONNECT_ACTIONS.CONNECT: # connect means an existing account was attached to facebook messages.info(request, _("You have connected your account " "to %s's facebook profile") % facebook_data['name']) elif action is CONNECT_ACTIONS.REGISTER: # hook for tying in specific post registration functionality response.set_cookie('fresh_registration', user.id) else: # the user denied the request additional_params = dict(fb_error_or_cancel='1') response = backend.post_error(request, additional_params) return response
def connect_user(request, access_token=None, facebook_graph=None): """ Given a request either - (if authenticated) connect the user - login - register """ user = None graph = facebook_graph or get_facebook_graph(request, access_token) converter = get_instance_for("user_conversion", graph) assert converter.is_authenticated() facebook_data = converter.facebook_profile_data() force_registration = request.REQUEST.get("force_registration") or request.REQUEST.get("force_registration_hard") connect_facebook = to_bool(request.REQUEST.get("connect_facebook")) backend = get_registration_backend() logger.debug("force registration is set to %s", force_registration) if connect_facebook and request.user.is_authenticated() and not force_registration: # we should only allow connect if users indicate they really want to connect # only when the request.CONNECT_FACEBOOK = 1 # if this isn't present we just do a login action = CONNECT_ACTIONS.CONNECT user = _connect_user(request, converter) if backend.is_user_banned(user): raise PermissionDenied() else: email = facebook_data.get("email", False) email_verified = facebook_data.get("verified", False) kwargs = {} if email and email_verified: kwargs = {"facebook_email": email} auth_user = authenticate(facebook_id=facebook_data["id"], **kwargs) if backend.is_user_banned(auth_user): raise PermissionDenied() if auth_user and not force_registration: action = CONNECT_ACTIONS.LOGIN # Has the user registered without Facebook, using the verified FB # email address? # It is after all quite common to use email addresses for usernames update = getattr(auth_user, "fb_update_required", False) profile = try_get_profile(auth_user) current_facebook_id = get_user_attribute(auth_user, profile, "facebook_id") if not current_facebook_id: update = True # login the user user = _login_user(request, converter, auth_user, update=update) else: action = CONNECT_ACTIONS.REGISTER # when force registration is active we should remove the old # profile try: user = _register_user(request, converter, remove_old_connections=force_registration) except facebook_exceptions.AlreadyRegistered, e: # in Multithreaded environments it's possible someone beats us to # the punch, in that case just login logger.info("parallel register encountered, slower thread is doing a login") auth_user = authenticate(facebook_id=facebook_data["id"], **kwargs) action = CONNECT_ACTIONS.LOGIN user = _login_user(request, converter, auth_user, update=False)