def authenticate(self, assertion=None, audience=None, request=None, **kwargs):
"""
Authenticate a user by verifying a BrowserID assertion. Defers
to the verifier returned by
:func:`BrowserIDBackend.get_verifier` for verification.
You may either pass the ``request`` parameter to determine the
audience from the request, or pass the ``audience`` parameter
explicitly.
:param assertion:
Assertion submitted by the user. This asserts that the user
controls a specific email address.
:param audience:
The audience to use when verifying the assertion; this
prevents another site using an assertion for their site to
login to yours. This value takes precedence over the
audience pulled from the request parameter, if given.
:param request:
The request that generated this authentication attempt. This
is used to determine the audience to use during
verification, using the
:func:`django_browserid.base.get_audience` function. If the
audience parameter is also passed, it will be used instead
of the audience from the request.
:param kwargs:
All remaining keyword arguments are passed to the ``verify``
function on the verifier.
"""
email = self.verify(assertion, audience, request, **kwargs)
if not email or not self.is_valid_email(email):
return None
# In the rare case that two user accounts have the same email address,
# log and bail. Randomly selecting one seems really wrong.
users = self.filter_users_by_email(email=email)
if len(users) > 1:
logger.warn('%s users with email address %s.', len(users), email)
return None
if len(users) == 1:
return users[0]
create_user = getattr(settings, 'BROWSERID_CREATE_USER', True)
if not create_user:
logger.debug('Login failed: No user with email %s found, and '
'BROWSERID_CREATE_USER is False', email)
return None
else:
if create_user is True:
create_function = self.create_user
else:
# Find the function to call.
create_function = import_from_setting('BROWSERID_CREATE_USER')
user = create_function(email)
user_created.send(create_function, user=user)
return user
def authenticate(self,
assertion=None,
audience=None,
browserid_extra=None,
**kw):
"""``django.contrib.auth`` compatible authentication method.
Given a BrowserID assertion and an audience, it attempts to
verify them and then extract the email address for the authenticated
user.
An audience should be in the form ``https://example.com`` or
``http://localhost:8001``.
See django_browserid.base.get_audience()
"""
result = verify(assertion, audience, extra_params=browserid_extra)
if not result:
return None
email = result['email']
# In the rare case that two user accounts have the same email address,
# log and bail. Randomly selecting one seems really wrong.
users = self.filter_users_by_email(email=email)
if len(users) > 1:
logger.warn('%s users with email address %s.', len(users), email)
return None
if len(users) == 1:
return users[0]
create_user = getattr(settings, 'BROWSERID_CREATE_USER', True)
if not create_user:
logger.debug(
'Login failed: No user with email %s found, and '
'BROWSERID_CREATE_USER is False', email)
return None
else:
if create_user is True:
create_function = self.create_user
else:
# Find the function to call.
create_function = self._load_module(create_user)
user = create_function(email)
user_created.send(create_function, user=user)
return user
def authenticate(self, assertion=None, audience=None, browserid_extra=None, **kw):
"""``django.contrib.auth`` compatible authentication method.
Given a BrowserID assertion and an audience, it attempts to
verify them and then extract the email address for the authenticated
user.
An audience should be in the form ``https://example.com`` or
``http://localhost:8001``.
See django_browserid.base.get_audience()
"""
result = verify(assertion, audience, extra_params=browserid_extra)
if not result:
return None
email = result['email']
if not self.is_valid_email(email):
return None
# In the rare case that two user accounts have the same email address,
# log and bail. Randomly selecting one seems really wrong.
users = self.filter_users_by_email(email=email)
if len(users) > 1:
logger.warn('%s users with email address %s.', len(users), email)
return None
if len(users) == 1:
return users[0]
create_user = getattr(settings, 'BROWSERID_CREATE_USER', True)
if not create_user:
logger.debug('Login failed: No user with email %s found, and '
'BROWSERID_CREATE_USER is False', email)
return None
else:
if create_user is True:
create_function = self.create_user
else:
# Find the function to call.
create_function = import_function_from_setting('BROWSERID_CREATE_USER')
user = create_function(email)
user_created.send(create_function, user=user)
return user
def authenticate(self, assertion=None, audience=None, browserid_extra=None, **kw):
"""``django.contrib.auth`` compatible authentication method.
Given a BrowserID assertion and an audience, it attempts to
verify them and then extract the email address for the authenticated
user.
An audience should be in the form ``https://example.com`` or
``http://localhost:8001``.
See django_browserid.base.get_audience()
"""
result = verify(assertion, audience, extra_params=browserid_extra)
if not result:
return None
email = result['email']
# in the rare case that two user accounts have the same email address,
# log and bail. randomly selecting one seems really wrong.
users = self.filter_users_by_email(email=email)
if len(users) > 1:
log.warn('{0} users with email address {1}.'.format(len(users),
email))
return None
if len(users) == 1:
return users[0]
create_user = getattr(settings, 'BROWSERID_CREATE_USER', True)
if not create_user:
return None
else:
if create_user is True:
create_function = self.create_user
else:
# Find the function to call.
create_function = self._load_module(create_user)
user = create_function(email)
user_created.send(create_function, user=user)
return user
