def set_password(cls, user=None, password=None, provider_name=None ): """generic method to change password of any for any login provider that uses password and allows the password change function """ login_providers = util.get_enabled_login_providers() if login_providers[provider_name]['type'] != 'password': raise ImproperlyConfigured('login provider must use password') if provider_name == 'local': user.set_password(password) user.save() scrambled_password = user.password + str(user.id) else: raise NotImplementedError('external passwords not supported') try: assoc = UserAssociation.objects.get( user = user, provider_name = provider_name ) except UserAssociation.DoesNotExist: assoc = UserAssociation( user = user, provider_name = provider_name ) assoc.openid_url = scrambled_password assoc.last_used_timestamp = datetime.datetime.now() assoc.save()
def set_password(cls, user=None, password=None, provider_name=None): """generic method to change password of any for any login provider that uses password and allows the password change function """ login_providers = util.get_enabled_login_providers() if login_providers[provider_name]['type'] != 'password': raise ImproperlyConfigured('login provider must use password') if provider_name == 'local': user.set_password(password) user.save() scrambled_password = user.password + str(user.id) else: raise NotImplementedError('external passwords not supported') try: assoc = UserAssociation.objects.get(user=user, provider_name=provider_name) except UserAssociation.DoesNotExist: assoc = UserAssociation(user=user, provider_name=provider_name) assoc.openid_url = scrambled_password assoc.last_used_timestamp = datetime.datetime.now() assoc.save()
def clean(self, value): """make sure that value is name of one of the known password login providers """ value = super(PasswordLoginProviderField, self).clean(value) providers = util.get_enabled_login_providers() if providers[value]["type"] != "password": raise forms.ValidationError("provider %s must accept password" % value) return value
def clean(self, value): """make sure that value is name of one of the known password login providers """ value = super(PasswordLoginProviderField, self).clean(value) providers = util.get_enabled_login_providers() if providers[value]['type'] != 'password': raise forms.ValidationError('provider %s must accept password' % value) return value
def clean(self, value): """makes sure that login provider name exists is in the list of accepted providers """ providers = util.get_enabled_login_providers() if value in providers: return value else: error_message = "unknown provider name %s" % value logging.critical(error_message) raise forms.ValidationError(error_message)
def clean(self, value): """makes sure that login provider name exists is in the list of accepted providers """ providers = util.get_enabled_login_providers() if value in providers: return value else: error_message = 'unknown provider name %s' % value logging.critical(error_message) raise forms.ValidationError(error_message)
def clean(self): """besides input data takes data from the login provider settings and stores final digested data into the cleaned_data the idea is that cleaned data can be used directly to enact the signin action, without post-processing of the data contents of cleaned_data depends on the type of login """ providers = util.get_enabled_login_providers() if "login_provider_name" in self.cleaned_data: provider_name = self.cleaned_data["login_provider_name"] else: raise forms.ValidationError("no login provider specified") provider_data = providers[provider_name] provider_type = provider_data["type"] if provider_type == "password": self.do_clean_password_fields() self.cleaned_data["login_type"] = "password" elif provider_type.startswith("openid"): self.do_clean_openid_fields(provider_data) self.cleaned_data["login_type"] = "openid" elif provider_type == "oauth": self.cleaned_data["login_type"] = "oauth" pass elif provider_type == "facebook": self.cleaned_data["login_type"] = "facebook" # self.do_clean_oauth_fields() elif provider_type == "wordpress_site": self.cleaned_data["login_type"] = "wordpress_site" return self.cleaned_data
def clean(self): """besides input data takes data from the login provider settings and stores final digested data into the cleaned_data the idea is that cleaned data can be used directly to enact the signin action, without post-processing of the data contents of cleaned_data depends on the type of login """ providers = util.get_enabled_login_providers() if 'login_provider_name' in self.cleaned_data: provider_name = self.cleaned_data['login_provider_name'] else: raise forms.ValidationError('no login provider specified') provider_data = providers[provider_name] provider_type = provider_data['type'] if provider_type == 'password': self.do_clean_password_fields() self.cleaned_data['login_type'] = 'password' elif provider_type.startswith('openid'): self.do_clean_openid_fields(provider_data) self.cleaned_data['login_type'] = 'openid' elif provider_type == 'oauth': self.cleaned_data['login_type'] = 'oauth' pass elif provider_type == 'facebook': self.cleaned_data['login_type'] = 'facebook' #self.do_clean_oauth_fields() elif provider_type == 'wordpress_site': self.cleaned_data['login_type'] = 'wordpress_site' return self.cleaned_data
def show_signin_view( request, login_form=None, account_recovery_form=None, account_recovery_message=None, sticky=False, view_subtype="default", ): """url-less utility function that populates context of template 'authenticator/signin.html' and returns its rendered output """ allowed_subtypes = ("default", "add_openid", "email_sent", "change_openid", "bad_key") assert view_subtype in allowed_subtypes if sticky: next_url = reverse("user_signin") else: next_url = get_next_url(request) if login_form is None: login_form = forms.LoginForm(initial={"next": next_url}) if account_recovery_form is None: account_recovery_form = forms.AccountRecoveryForm() # initial = initial_data) # if request is GET if request.method == "GET": logging.debug("request method was GET") if request.user.is_authenticated(): existing_login_methods = UserAssociation.objects.filter(user=request.user) # annotate objects with extra data providers = util.get_enabled_login_providers() for login_method in existing_login_methods: provider_data = providers[login_method.provider_name] if provider_data["type"] == "password": # only external password logins will not be deletable # this is because users with those can lose access to their accounts permanently login_method.is_deletable = provider_data.get("password_changeable", False) else: login_method.is_deletable = True if view_subtype == "default": page_title = _("Please click any of the icons below to sign in") elif view_subtype == "email_sent": page_title = _("Account recovery email sent") elif view_subtype == "change_openid": if len(existing_login_methods) == 0: page_title = _("Please add one or more login methods.") else: page_title = _("If you wish, please add, remove or re-validate your login methods") elif view_subtype == "add_openid": page_title = _("Please wait a second! Your account is recovered, but ...") elif view_subtype == "bad_key": page_title = _("Sorry, this account recovery key has expired or is invalid") logging.debug("showing signin view") data = { "page_class": "openid-signin", "view_subtype": view_subtype, # add_openid|default "page_title": page_title, "login_form": login_form, "use_password_login": util.use_password_login(), "account_recovery_form": account_recovery_form, "openid_error_message": request.REQUEST.get("msg", ""), "account_recovery_message": account_recovery_message, "use_password_login": util.use_password_login(), } major_login_providers = util.get_enabled_major_login_providers() minor_login_providers = util.get_enabled_minor_login_providers() # determine if we are only using password login active_provider_names = [p["name"] for p in major_login_providers.values()] active_provider_names.extend([p["name"] for p in minor_login_providers.values()]) have_buttons = True if len(active_provider_names) == 1 and active_provider_names[0] == "local": if settings.SIGNIN_ALWAYS_SHOW_LOCAL_LOGIN == True: # in this case the form is not using javascript, so set initial values # here have_buttons = False login_form.initial["login_provider_name"] = "local" if request.user.is_authenticated(): login_form.initial["password_action"] = "change_password" else: login_form.initial["password_action"] = "login" data["have_buttons"] = have_buttons if request.user.is_authenticated(): data["existing_login_methods"] = existing_login_methods active_provider_names = [item.provider_name for item in existing_login_methods] util.set_login_provider_tooltips(major_login_providers, active_provider_names=active_provider_names) util.set_login_provider_tooltips(minor_login_providers, active_provider_names=active_provider_names) data["major_login_providers"] = major_login_providers.values() data["minor_login_providers"] = minor_login_providers.values() return render_to_response("authenticator/signin.html", RequestContext(request, data))
def show_signin_view(request, login_form=None, account_recovery_form=None, account_recovery_message=None, sticky=False, view_subtype='default'): """url-less utility function that populates context of template 'authenticator/signin.html' and returns its rendered output """ allowed_subtypes = ('default', 'add_openid', 'email_sent', 'change_openid', 'bad_key') assert (view_subtype in allowed_subtypes) if sticky: next_url = reverse('user_signin') else: next_url = get_next_url(request) if login_form is None: login_form = forms.LoginForm(initial={'next': next_url}) if account_recovery_form is None: account_recovery_form = forms.AccountRecoveryForm( ) #initial = initial_data) #if request is GET if request.method == 'GET': logging.debug('request method was GET') if request.user.is_authenticated(): existing_login_methods = UserAssociation.objects.filter( user=request.user) #annotate objects with extra data providers = util.get_enabled_login_providers() for login_method in existing_login_methods: provider_data = providers[login_method.provider_name] if provider_data['type'] == 'password': #only external password logins will not be deletable #this is because users with those can lose access to their accounts permanently login_method.is_deletable = provider_data.get( 'password_changeable', False) else: login_method.is_deletable = True if view_subtype == 'default': page_title = _('Please click any of the icons below to sign in') elif view_subtype == 'email_sent': page_title = _('Account recovery email sent') elif view_subtype == 'change_openid': if len(existing_login_methods) == 0: page_title = _('Please add one or more login methods.') else: page_title = _( 'If you wish, please add, remove or re-validate your login methods' ) elif view_subtype == 'add_openid': page_title = _( 'Please wait a second! Your account is recovered, but ...') elif view_subtype == 'bad_key': page_title = _( 'Sorry, this account recovery key has expired or is invalid') logging.debug('showing signin view') data = { 'page_class': 'openid-signin', 'view_subtype': view_subtype, #add_openid|default 'page_title': page_title, 'login_form': login_form, 'use_password_login': util.use_password_login(), 'account_recovery_form': account_recovery_form, 'openid_error_message': request.REQUEST.get('msg', ''), 'account_recovery_message': account_recovery_message, 'use_password_login': util.use_password_login(), } major_login_providers = util.get_enabled_major_login_providers() minor_login_providers = util.get_enabled_minor_login_providers() #determine if we are only using password login active_provider_names = [p['name'] for p in major_login_providers.values()] active_provider_names.extend( [p['name'] for p in minor_login_providers.values()]) have_buttons = True if (len(active_provider_names) == 1 and active_provider_names[0] == 'local'): if settings.SIGNIN_ALWAYS_SHOW_LOCAL_LOGIN == True: #in this case the form is not using javascript, so set initial values #here have_buttons = False login_form.initial['login_provider_name'] = 'local' if request.user.is_authenticated(): login_form.initial['password_action'] = 'change_password' else: login_form.initial['password_action'] = 'login' data['have_buttons'] = have_buttons if request.user.is_authenticated(): data['existing_login_methods'] = existing_login_methods active_provider_names = [ item.provider_name for item in existing_login_methods ] util.set_login_provider_tooltips( major_login_providers, active_provider_names=active_provider_names) util.set_login_provider_tooltips( minor_login_providers, active_provider_names=active_provider_names) data['major_login_providers'] = major_login_providers.values() data['minor_login_providers'] = minor_login_providers.values() return render_to_response('authenticator/signin.html', RequestContext(request, data))