def create_user(self, email, password):
"""
Create user account.
:param email: Email address
:param password: Password
:return: HttpResponse
"""
user = User.objects.create_user(email, password)
user.add_to_log('User account created')
# Create activation request
token = User.objects.make_random_password(64)
ActivationRequest.objects.create(user=user, token=token)
# Send email
url = absolute_url(self.request, 'accounts:activate', args=(user.alias, token))
context = {'user': user, 'token': token, 'url': url}
msg = EmailMessage('Welcome to YDNS',
tpl='accounts/welcome.mail',
context=context)
msg.send(to=[user.email])
messages.success(self.request, 'We have sent activation instructions to your email address. '
'Please check your mail box in a few moments.')
return self.redirect('login')
def get(self, request, *args, **kwargs):
"""
Verify the OAuth2 response from Facebook.
:param request: HttpRequest
:param args: tuple
:param kwargs: dict
:return: HttpResponse
"""
if not request.GET.get('state'):
return self.response_error(request, 'Missing state property.')
elif not request.GET.get('code'):
return self.response_error(request, 'Missing code property.')
state = request.GET['state']
code = request.GET['code']
if state != request.session.get('fb_state'):
return self.response_error(request, 'Invalid state.')
facebook.redirect_uri = absolute_url(request, 'accounts:facebook_sign_in')
facebook.scope = '' # need to reset scope to '', because otherwise we'll get trouble
try:
facebook.fetch_token(self.URL_GET_TOKEN,
code=code,
client_secret=settings.FACEBOOK_APP_SECRET)
except Exception:
return self.response_error(request, 'An error occurred while verifying response.')
response = facebook.get(self.URL_PROFILE)
try:
data = json.loads(response.content.decode('utf-8'))
except ValueError:
return self.response_error(request, 'Invalid response format.')
email_address = None
if isinstance(data, dict) and data.get('email'):
email_address = data['email']
if not email_address:
return self.response_error(request, 'No valid account-based email address found.')
# Now check if the account exists and login
user = None
try:
user = User.objects.get(email__iexact=email_address)
except User.DoesNotExist:
user = self.create_user(email_address)
if not user.is_active:
return self.response_error(request, 'Your account is inactive.')
elif user.type != UserType.FACEBOOK:
return self.response_error(request, 'Account type mismatch.')
else:
return self.login(request, user)
def post(self, request, *args, **kwargs):
"""
Request a OAuth2 login via GitHub.
This has to be done through POST to ensure that no
cross-site requests are happening (CSRF protection).
:param request: HttpRequest
:param args: tuple
:param kwargs: dict
:return: HttpResponse
"""
github.redirect_uri = absolute_url(request, 'accounts:github_sign_in')
github.scope = None
authorization_url, state = github.authorization_url('https://github.com/login/oauth/authorize')
request.session['github_state'] = state
return self.redirect(authorization_url)
def post(self, request, *args, **kwargs):
"""
Request a OAuth2 login via Facebook.
This has to be done through POST to ensure that no
cross-site requests are happening (CSRF protection).
:param request: HttpRequest
:param args: tuple
:param kwargs: dict
:return: HttpResponse
"""
facebook.redirect_uri = absolute_url(request, 'accounts:facebook_sign_in')
facebook.scope = 'email'
authorization_url, state = facebook.authorization_url('https://www.facebook.com/dialog/oauth')
request.session['fb_state'] = state
return self.redirect(authorization_url)
def post(self, request, *args, **kwargs):
"""
Request a OAuth2 login via Google.
This has to be done through POST to ensure that no
cross-site requests are happening (CSRF protection).
:param request: HttpRequest
:param args: tuple
:param kwargs: dict
:return: HttpResponse
"""
google.redirect_uri = absolute_url(request, 'accounts:google_sign_in')
google.scope = 'email'
authorization_url, state = google.authorization_url(
'https://accounts.google.com/o/oauth2/auth',
access_type='offline',
approval_prompt='force')
request.session['gapi_state'] = state
return self.redirect(authorization_url)
def create_token(cls, request, user):
"""
Create password reset request.
:param request: HttpRequest
:param user: User
:return: HttpResponse
"""
token = User.objects.make_random_password(64)
rp = PasswordRequest.objects.create(user=user, token=token)
user.add_to_log('Password reset request')
# Send email
url = absolute_url(request, 'accounts:set_password', args=(user.alias, token))
context = {'user': user, 'token': token, 'url': url}
msg = EmailMessage('Password reset',
tpl='accounts/reset_password.mail',
context=context)
msg.send(to=[user.email])
messages.success(request, 'Instructions on how to reset your password has been sent via email. '
'Please check your mail box in a few moments.')
return cls.redirect('login')