def auth_process(request, backend): """Authenticate using social backend""" # Save any defined next value into session data = (request.POST if request.method == 'POST' else request.GET).dict() if REDIRECT_FIELD_NAME in data: # Check and sanitize a user-defined GET/POST next field value redirect = data[REDIRECT_FIELD_NAME] if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True): redirect = sanitize_redirect(request.get_host(), redirect) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT # Clean any partial pipeline info before starting the process clean_partial_pipeline(request) if backend.uses_redirect: query = urlencode(data) auth_url = backend.auth_url(data.get('extra_scope', '')) if query: auth_url += "&" + query return HttpResponseRedirect(auth_url) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend): """Authenticate using social backend""" print(backend) data = request.POST if request.method == 'POST' else request.GET # Save extra data into session. for field_name in setting('SOCIAL_AUTH_FIELDS_STORED_IN_SESSION', []): if field_name in data: request.session[field_name] = data[field_name] # Save any defined next value into session if REDIRECT_FIELD_NAME in data: # Check and sanitize a user-defined GET/POST next field value redirect = data[REDIRECT_FIELD_NAME] if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True): redirect = sanitize_redirect(request.get_host(), redirect) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT # Clean any partial pipeline info before starting the process clean_partial_pipeline(request) if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend): """Authenticate using social backend""" data = request.POST if request.method == 'POST' else request.GET # Save extra data into session. for field_name in setting('SOCIAL_AUTH_FIELDS_STORED_IN_SESSION', []): if field_name in data: request.session[field_name] = data[field_name] # Save any defined next value into session if REDIRECT_FIELD_NAME in data: # Check and sanitize a user-defined GET/POST next field value redirect = data[REDIRECT_FIELD_NAME] if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True): redirect = sanitize_redirect(request.get_host(), redirect) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT # Clean any partial pipeline info before starting the process clean_partial_pipeline(request) if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend): """Authenticate using social backend""" # Added by Mike: # Save any query parameters into session. data = request.POST if request.method == 'POST' else request.GET for key, value in data.items(): request.session[key] = value # Save any defined next value into session data = request.POST if request.method == 'POST' else request.GET if REDIRECT_FIELD_NAME in data: # Check and sanitize a user-defined GET/POST next field value redirect = data[REDIRECT_FIELD_NAME] if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True): redirect = sanitize_redirect(request.get_host(), redirect) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT # Clean any partial pipeline info before starting the process clean_partial_pipeline(request) if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend, complete_url_name): """Authenticate using social backend""" redirect = reverse(complete_url_name, args=(backend,)) backend = get_backend(backend, request, redirect) if not backend: return HttpResponseServerError('Incorrect authentication service') # Check and sanitize a user-defined GET/POST redirect_to field value. redirect = sanitize_redirect(request.get_host(), request.REQUEST.get(REDIRECT_FIELD_NAME)) error_redirect = sanitize_redirect(request.get_host(), request.REQUEST.get(ERROR_REDIRECT_FIELD_NAME)) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT request.session[ERROR_REDIRECT_FIELD_NAME] = error_redirect or ERROR_DEFAULT_REDIRECT if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend): """Authenticate using social backend""" # Save any defined redirect_to value into session if REDIRECT_FIELD_NAME in request.REQUEST: data = request.POST if request.method == "POST" else request.GET if REDIRECT_FIELD_NAME in data: # Check and sanitize a user-defined GET/POST redirect_to field value. redirect = sanitize_redirect(request.get_host(), data[REDIRECT_FIELD_NAME]) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type="text/html;charset=UTF-8")
def complete_process(request, backend, *args, **kwargs): """Authentication complete process""" user = auth_complete(request, backend, *args, **kwargs) redirect_value = request.session.pop(REDIRECT_FIELD_NAME, '') # this is added for FB client-side auth which POSTs to this view directly with an access_token if REDIRECT_FIELD_NAME in request.REQUEST: data = request.POST if request.method == 'POST' else request.GET if REDIRECT_FIELD_NAME in data: redirect = data[REDIRECT_FIELD_NAME] if SANITIZE_REDIRECTS: redirect = sanitize_redirect(request.get_host(), redirect) if redirect: redirect_value = redirect if isinstance(user, HttpResponse): return user if user: if getattr(user, 'is_active', True): login(request, user) messages.success(request, 'Awesome, you are now logged in!') # user.social_user is the used UserSocialAuth instance defined # in authenticate process social_user = user.social_user if SESSION_EXPIRATION : # Set session expiration date if present and not disabled by # setting. Use last social-auth instance for current provider, # users can associate several accounts with a same provider. if social_user.expiration_delta(): request.session.set_expiry(social_user.expiration_delta()) # store last login backend name in session request.session[SOCIAL_AUTH_LAST_LOGIN] = social_user.provider # Remove possible redirect URL from session, if this is a new # account, send him to the new-users-page if defined. url = NEW_USER_REDIRECT if NEW_USER_REDIRECT and \ getattr(user, 'is_new', False) else \ redirect_value or \ DEFAULT_REDIRECT else: url = INACTIVE_USER_URL or LOGIN_ERROR_URL else: if ERROR_MESSAGE: messages.error(request, ERROR_MESSAGE) url = LOGIN_ERROR_URL return HttpResponseRedirect(url)
def auth_process(request, backend, complete_url_name): """Authenticate using social backend""" redirect = reverse(complete_url_name, args=(backend,)) backend = get_backend(backend, request, redirect) if not backend: return HttpResponseServerError('Incorrect authentication service') # Check and sanitize a user-defined GET/POST redirect_to field value. redirect = sanitize_redirect(request.get_host(), request.REQUEST.get(REDIRECT_FIELD_NAME)) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend): """Authenticate using social backend""" # Save any defined next value into session data = request.POST if request.method == 'POST' else request.GET if REDIRECT_FIELD_NAME in data: # Check and sanitize a user-defined GET/POST next field value redirect = data[REDIRECT_FIELD_NAME] if setting('SOCIAL_AUTH_SANITIZE_REDIRECTS', True): redirect = sanitize_redirect(request.get_host(), redirect) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend): """Authenticate using social backend""" # Save any defined redirect_to value into session if REDIRECT_FIELD_NAME in request.REQUEST: data = request.POST if request.method == 'POST' else request.GET if REDIRECT_FIELD_NAME in data: # Check and sanitize a user-defined GET/POST redirect_to field value. redirect = data[REDIRECT_FIELD_NAME] if SANITIZE_REDIRECTS: redirect = sanitize_redirect(request.get_host(), redirect) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend, complete_url_name): """Authenticate using social backend""" redirect = reverse(complete_url_name, args=(backend,)) backend = get_backend(backend, request, redirect) if not backend: return HttpResponseServerError('Incorrect authentication service') # Save any defined redirect_to value into session if REDIRECT_FIELD_NAME in request.REQUEST: data = request.POST if request.method == 'POST' else request.GET if REDIRECT_FIELD_NAME in data: # Check and sanitize a user-defined GET/POST redirect_to field value. redirect = sanitize_redirect(request.get_host(), data[REDIRECT_FIELD_NAME]) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend): """Authenticate using social backend""" # Save any defined next value into session data = request.POST if request.method == "POST" else request.GET for field in data: if field == REDIRECT_FIELD_NAME: # Check and sanitize a user-defined GET/POST next field value redirect = data[REDIRECT_FIELD_NAME] if setting("SOCIAL_AUTH_SANITIZE_REDIRECTS", True): redirect = sanitize_redirect(request.get_host(), redirect) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT else: request.session[field] = data[field] # Clean any partial pipeline info before starting the process clean_partial_pipeline(request) if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type="text/html;charset=UTF-8")
def auth_process(request, backend): """Authenticate using social backend""" # Save any defined redirect_to value into session if REDIRECT_FIELD_NAME in request.REQUEST: data = request.POST if request.method == 'POST' else request.GET if REDIRECT_FIELD_NAME in data: # Check and sanitize a user-defined GET/POST redirect_to field value. redirect = data[REDIRECT_FIELD_NAME] if SANITIZE_REDIRECTS: redirect = sanitize_redirect(request.get_host(), redirect) request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT backend_obj = getattr(backend, 'AUTH_BACKEND', backend) args = () if backend_obj.name == 'twitter' and request.GET.get('write_access') == '1': args = ({'x_auth_access_type': 'write'},) if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url(*args)) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')
def auth_process(request, backend, complete_url_name): """Authenticate using social backend""" redirect = reverse(complete_url_name, args=(backend,)) backend = get_backend(backend, request, redirect) if not backend: return HttpResponseServerError('Incorrect authentication service') data = request.REQUEST # Check and sanitize a user-defined GET/POST redirect_to field value. redirect = sanitize_redirect(request.get_host(), data.get(REDIRECT_FIELD_NAME)) try: request.session[REDIRECT_FIELD_NAME] = redirect or DEFAULT_REDIRECT if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8') except ValueError, e: error_key = getattr(settings, 'SOCIAL_AUTH_ERROR_KEY', None) if error_key: # store error in session request.session[error_key] = str(e) url = getattr(settings, 'LOGIN_ERROR_URL', settings.LOGIN_URL) return HttpResponseRedirect(url)
def auth_process(request, backend, complete_url_name): """Authenticate using social backend""" redirect = reverse(complete_url_name, args=(backend,)) backend = get_backend(backend, request, redirect) if not backend: return HttpResponseServerError('Incorrect authentication service') # Check and sanitize a user-defined GET/POST redirect_to field value. redirect = sanitize_redirect(request.get_host(), request.REQUEST.get(REDIRECT_FIELD_NAME)) request.session[REDIRECT_FIELD_NAME] = redirect # Store query parameters (if any). These will be tacked on to the end of # the login redirect url in complete_process(). all_params = dict(parse_qsl(request.META['QUERY_STRING'])) params = [(k, v) for k, v in all_params.items() if not k == REDIRECT_FIELD_NAME] request.session[REDIRECT_QUERY_STRING] = urlencode(params) if backend.uses_redirect: return HttpResponseRedirect(backend.auth_url()) else: return HttpResponse(backend.auth_html(), content_type='text/html;charset=UTF-8')