def process_request(self, request): if request.GET.get('alu'): uuid = request.GET.get('alu') user = AutoLoginKey.find_user_by_uuid(uuid) if user: # "forcibly" log in as this user from django.contrib.auth import load_backend, login for backend in settings.AUTHENTICATION_BACKENDS: if user == load_backend(backend).get_user(user.pk): user.backend = backend if hasattr(user, 'backend'): login(request, user) new_full_path = request.get_full_path().replace('alu=%s' % uuid, '') new_full_path = new_full_path.replace('?&','?').replace('&&','&') return HttpResponsePermanentRedirect(new_full_path) return None
def test_send_newsletter_urls(self): """ create a newsletter, set a template text and render it """ # Create a KungfuPerson so it can send to someone user, person = self._create_person('bob', '*****@*****.**', first_name="Bob", last_name="Sponge") text_template = "Profile URL: {{ profile_url }}\n"\ "Site URL: {{ site_url }}\n"\ "Autologin Profile URL: {{ profile_url_alu }}\n"\ "Autologin Site URL: {{ site_url_alu }}\n" subject_template = "Newsletter no {{ newsletter_issue_no }}" n = Newsletter.objects.create(text_template=text_template, subject_template=subject_template) self.assertFalse(n.sent) n.send() sent_email = mail.outbox[0] # The body of the email should now contain full URLs # to the profile and to the site site_url_base = 'http://' + Site.objects.get_current().domain self.assertTrue((site_url_base + '/') in sent_email.body) self.assertTrue((site_url_base + person.get_absolute_url()) in sent_email.body) # the body should also contain "alu urls", e.g. # http://example.com/peterbe?alu=550269bc-bc67-4085-ba1a-04f3f0290288 alu_regex = re.compile(r'alu=([\w-]{36,})\b') uuids = alu_regex.findall(sent_email.body) self.assertEqual(len(uuids), 2) # but they should be equal self.assertEqual(uuids[0], uuids[1]) # with these it should be possible to get the user back self.assertEqual(user, AutoLoginKey.find_user_by_uuid(uuids[0]))