def pre_social_login(self, request, sociallogin):
"""
Invoked just after a user successfully authenticates via a
social provider, but before the login is actually processed.
We use it to:
1. Check if the user is connecting accounts via signup page
2. store the name of the socialaccount provider in the user's session.
"""
session_login_data = request.session.get('socialaccount_sociallogin',
None)
request_login = sociallogin
# Is there already a sociallogin_provider in the session?
if session_login_data:
session_login = SocialLogin.deserialize(session_login_data)
# If the provider in the session is different from the provider in the
# request, the user is connecting a new provider to an existing account
if session_login.account.provider != request_login.account.provider:
# Does the request sociallogin match an existing user?
if not request_login.is_existing:
# go straight back to signup page with an error message
# BEFORE allauth over-writes the session sociallogin
level = messages.ERROR
message = "socialaccount/messages/account_not_found.txt"
get_adapter().add_message(request, level, message)
raise ImmediateHttpResponse(
redirect('socialaccount_signup'))
# TODO: Can the code that uses this just use request.session['socialaccount_sociallogin'].account.provider instead?
request.session['sociallogin_provider'] = (
sociallogin.account.provider)
request.session.modified = True
def pre_social_login(self, request, sociallogin):
"""
Invoked just after a user successfully authenticates via a
social provider, but before the login is actually processed.
We use it to:
1. Check if the user is connecting accounts via signup page
2. store the name of the socialaccount provider in the user's session.
"""
session_login_data = request.session.get('socialaccount_sociallogin', None)
request_login = sociallogin
# Is there already a sociallogin_provider in the session?
if session_login_data:
session_login = SocialLogin.deserialize(session_login_data)
# If the provider in the session is different from the provider in the
# request, the user is connecting a new provider to an existing account
if session_login.account.provider != request_login.account.provider:
# Does the request sociallogin match an existing user?
if not request_login.is_existing:
# go straight back to signup page with an error message
# BEFORE allauth over-writes the session sociallogin
level = messages.ERROR
message = "socialaccount/messages/account_not_found.txt"
get_adapter().add_message(request, level, message)
raise ImmediateHttpResponse(
redirect('socialaccount_signup')
)
# TODO: Can the code that uses this just use request.session['socialaccount_sociallogin'].account.provider instead?
request.session['sociallogin_provider'] = (sociallogin
.account.provider)
request.session.modified = True
def ajax_user_delete_temp_profile_image(request):
data = request.session.get('socialaccount_sociallogin')
if data:
sociallogin = SocialLogin.deserialize(data)
delete_temp_profile_image(sociallogin)
return JsonResponse({'status': 'success'})
return HttpResponseForbidden('response-error')
def dispatch(self, request, *args, **kwargs):
self.sociallogin = None
data = request.session.get("sociallogin", None)
if data is not None:
self.sociallogin = SocialLogin.deserialize(data)
if self.sociallogin is None:
return redirect(reverse("account_login"))
return super().dispatch(request, *args, **kwargs)
def pre_social_login(self, request, sociallogin):
"""
Invoked just after a user successfully authenticates via a
social provider, but before the login is actually processed.
We use it to:
1. Check if the user is connecting accounts via signup page
2. store the name of the socialaccount provider in the user's session.
TODO: When legacy Persona sessions are cleared (Nov 1 2016), this
function can be simplified.
"""
session_login_data = request.session.get("socialaccount_sociallogin",
None)
request_login = sociallogin
# Is there already a sociallogin_provider in the session?
if session_login_data:
session_login = SocialLogin.deserialize(session_login_data)
# If the provider in the session is different from the provider in the
# request, the user is connecting a new provider to an existing account
if session_login.account.provider != request_login.account.provider:
# Does the request sociallogin match an existing user?
if not request_login.is_existing:
# go straight back to signup page with an error message
# BEFORE allauth over-writes the session sociallogin
level = messages.ERROR
message = "socialaccount/messages/account_not_found.txt"
get_adapter().add_message(request, level, message)
raise ImmediateHttpResponse(
redirect("socialaccount_signup"))
# Is the user banned?
if sociallogin.is_existing:
bans = UserBan.objects.filter(user=sociallogin.user,
is_active=True)
if bans.exists():
banned_response = render(
request,
"users/user_banned.html",
{
"bans": bans,
"path": request.path
},
)
add_never_cache_headers(banned_response)
raise ImmediateHttpResponse(banned_response)
# sociallogin_provider is used in the UI to indicate what method was
# used to login to the website. The session variable
# 'socialaccount_sociallogin' has the same data, but will be dropped at
# the end of login.
request.session["sociallogin_provider"] = sociallogin.account.provider
request.session.modified = True
def dispatch(self, request, *args, **kwargs):
self.sociallogin = None
data = request.session.get('sociallogin', None)
if data is not None:
self.sociallogin = SocialLogin.deserialize(data)
if self.sociallogin is None:
return redirect(reverse('account_login'))
return super(SocialVerificationView, self).dispatch(request, *args,
**kwargs)
def dispatch(self, request, *args, **kwargs):
self.sociallogin = None
data = request.session.get('sociallogin', None)
if data is not None:
self.sociallogin = SocialLogin.deserialize(data)
if self.sociallogin is None:
return redirect(reverse('account_login'))
return super(SocialVerificationView,
self).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs):
if not request.session.get('initial_training', False):
return redirect('common:home')
self.sociallogin = None
data = request.session.get('socialaccount_sociallogin')
if data:
self.sociallogin = SocialLogin.deserialize(data)
if not self.sociallogin:
return HttpResponseRedirect(reverse('account_login'))
return super(SignupView, self).dispatch(request, *args, **kwargs)
def pre_social_login(self, request, sociallogin):
"""
Invoked just after a user successfully authenticates via a
social provider, but before the login is actually processed.
We use it to:
1. Check if the user is connecting accounts via signup page
2. store the name of the socialaccount provider in the user's session.
TODO: When legacy Persona sessions are cleared (Nov 1 2016), this
function can be simplified.
"""
session_login_data = request.session.get('socialaccount_sociallogin', None)
request_login = sociallogin
# Is there already a sociallogin_provider in the session?
if session_login_data:
session_login = SocialLogin.deserialize(session_login_data)
# If the provider in the session is different from the provider in the
# request, the user is connecting a new provider to an existing account
if session_login.account.provider != request_login.account.provider:
# Does the request sociallogin match an existing user?
if not request_login.is_existing:
# go straight back to signup page with an error message
# BEFORE allauth over-writes the session sociallogin
level = messages.ERROR
message = "socialaccount/messages/account_not_found.txt"
get_adapter().add_message(request, level, message)
raise ImmediateHttpResponse(
redirect('socialaccount_signup')
)
# Is the user banned?
if sociallogin.is_existing:
bans = UserBan.objects.filter(user=sociallogin.user,
is_active=True)
if bans.exists():
banned_response = render(request, 'users/user_banned.html', {
'bans': bans,
'path': request.path
})
add_never_cache_headers(banned_response)
raise ImmediateHttpResponse(banned_response)
# sociallogin_provider is used in the UI to indicate what method was
# used to login to the website. The session variable
# 'socialaccount_sociallogin' has the same data, but will be dropped at
# the end of login.
request.session['sociallogin_provider'] = (sociallogin
.account.provider)
request.session.modified = True
def ajax_user_upload_temp_profile_image(request):
data = request.session.get('socialaccount_sociallogin')
if data:
form = UserUploadProfileForm(request.POST, request.FILES)
if form.is_valid():
sociallogin = SocialLogin.deserialize(data)
imgfile = form.cleaned_data['file']
save_temp_profile_image_from_file(sociallogin, imgfile)
return JsonResponse({'status': 'success'})
return HttpResponseForbidden('response-error')
def pre_social_login(self, request, sociallogin):
"""
Invoked just after a user successfully authenticates via a
social provider, but before the login is actually processed.
We use it to:
1. Check if the user is connecting accounts via signup page
2. store the name of the socialaccount provider in the user's session.
TODO: When legacy Persona sessions are cleared (Nov 1 2016), this
function can probably go away as well.
"""
session_login_data = request.session.get('socialaccount_sociallogin',
None)
request_login = sociallogin
# Is there already a sociallogin_provider in the session?
if session_login_data:
session_login = SocialLogin.deserialize(session_login_data)
# If the provider in the session is different from the provider in the
# request, the user is connecting a new provider to an existing account
if session_login.account.provider != request_login.account.provider:
# Does the request sociallogin match an existing user?
if not request_login.is_existing:
# go straight back to signup page with an error message
# BEFORE allauth over-writes the session sociallogin
level = messages.ERROR
message = "socialaccount/messages/account_not_found.txt"
get_adapter().add_message(request, level, message)
raise ImmediateHttpResponse(
redirect('socialaccount_signup'))
# sociallogin_provider is used in the UI to indicate what method was
# used to login to the website. The session variable
# 'socialaccount_sociallogin' has the same data, but will be dropped at
# the end of login.
request.session['sociallogin_provider'] = (
sociallogin.account.provider)
request.session.modified = True
def dispatch(self, request, *args, **kwargs):
self.sociallogin = None
data = request.session.get("socialaccount_sociallogin")
if data:
self.sociallogin = SocialLogin.deserialize(data)
return super(RegisterView, self).dispatch(request, *args, **kwargs)
def get_sociallogin(self, request, data):
login = SocialLogin.deserialize(data)
login.state = SocialLogin.state_from_request(request)
return login
def dispatch(self, request, *args, **kwargs):
self.sociallogin = SocialLogin.deserialize(
request.session.get('socialaccount_sociallogin'))
if not self.sociallogin:
return HttpResponseRedirect(reverse('account_login'))
return super(SignupView, self).dispatch(request, *args, **kwargs)
