def signin_success(request, identity_url, openid_response):
"""
openid signin success.
If the openid is already registered, the user is redirected to
url set par next or in settings with OPENID_REDIRECT_NEXT variable.
If none of these urls are set user is redirectd to /.
if openid isn't registered user is redirected to register page.
"""
logging.debug('')
openid_ = from_openid_response(openid_response) #create janrain OpenID object
request.session['openid'] = openid_
try:
logging.debug('trying to get user associated with this openid...')
rel = UserAssociation.objects.get(openid_url__exact = str(openid_))
logging.debug('success')
except:
logging.debug('failed --> try to register brand new user')
# try to register this new user
return register(request)
user_ = rel.user
if user_.is_active:
user_.backend = "django.contrib.auth.backends.ModelBackend"
logging.debug('user is active --> attached django auth ModelBackend --> calling login')
login(request, user_)
logging.debug('success')
else:
logging.debug('user is inactive, do not log them in')
logging.debug('redirecting to %s' % get_next_url(request))
return HttpResponseRedirect(get_next_url(request))
def feedback(request):
if request.method == "POST":
form = FeedbackForm(request.POST)
if form.is_valid():
context = {'user': request.user}
if not request.user.is_authenticated:
context['email'] = form.cleaned_data.get('email', None)
context['message'] = form.cleaned_data['message']
context['name'] = form.cleaned_data.get('name', None)
recipients = [(adm.username, adm.email)
for adm in User.objects.filter(is_superuser=True)]
send_email(
settings.EMAIL_SUBJECT_PREFIX +
_("Feedback message from %(site_name)s") %
{'site_name': settings.APP_SHORT_NAME}, recipients,
"notifications/feedback.html", context)
msg = _('Thanks for the feedback!')
request.user.message_set.create(message=msg)
return HttpResponseRedirect(get_next_url(request))
else:
form = FeedbackForm(initial={'next': get_next_url(request)})
return render_to_response('feedback.html', {'form': form},
context_instance=RequestContext(request))
def logout(request):#refactor/change behavior?
#currently you click logout and you get
#to this view which actually asks you again - do you really want to log out?
#I guess rationale was to tell the user that s/he may be still logged in
#through their external login sytem and we'd want to remind them about it
#however it might be a little annoying
#why not just show a message: you are logged out of askbot, but
#if you really want to log out -> go to your openid provider
return render_to_response('logout.html', {
'next' : get_next_url(request),
}, context_instance=RequestContext(request))
def feedback(request):
data = {}
form = None
if request.method == "POST":
form = FeedbackForm(request.POST)
if form.is_valid():
if not request.user.is_authenticated:
data['email'] = form.cleaned_data.get('email',None)
data['message'] = form.cleaned_data['message']
data['name'] = form.cleaned_data.get('name',None)
message = render_to_response('feedback_email.txt',data,context_instance=RequestContext(request))
mail_admins(_('Q&A forum feedback'), message)
msg = _('Thanks for the feedback!')
request.user.message_set.create(message=msg)
return HttpResponseRedirect(get_next_url(request))
else:
form = FeedbackForm(initial={'next':get_next_url(request)})
data['form'] = form
return render_to_response('feedback.html', data, context_instance=RequestContext(request))
def process_view(self, request, view_func, view_args, view_kwargs):
if 'cancel' in request.REQUEST:
#todo use session messages for the anonymous users
try:
msg = getattr(view_func,'CANCEL_MESSAGE')
except AttributeError:
msg = 'action canceled'
request.user.message_set.create(message=msg)
return HttpResponseRedirect(get_next_url(request))
else:
return None
def process_view(self, request, view_func, view_args, view_kwargs):
if 'cancel' in request.REQUEST:
#todo use session messages for the anonymous users
try:
msg = getattr(view_func, 'CANCEL_MESSAGE')
except AttributeError:
msg = 'action canceled'
request.user.message_set.create(message=msg)
return HttpResponseRedirect(get_next_url(request))
else:
return None
def changeemail(request, action='change'):
"""
changeemail view. requires openid with request type GET
url: /email/*
template : authopenid/changeemail.html
"""
logging.debug('')
msg = request.GET.get('msg', None)
extension_args = {}
user_ = request.user
if request.POST:
if 'cancel' in request.POST:
msg = _('your email was not changed')
request.user.message_set.create(message=msg)
return HttpResponseRedirect(get_next_url(request))
form = ChangeEmailForm(request.POST, user=user_)
if form.is_valid():
new_email = form.cleaned_data['email']
if new_email != user_.email:
if settings.EMAIL_VALIDATION == 'on':
action = 'validate'
else:
action = 'done_novalidate'
set_new_email(user_, new_email,nomessage=True)
else:
action = 'keep'
elif not request.POST and 'openid.mode' in request.GET:
redirect_to = get_url_host(request) + reverse('user_changeemail')
return complete(request, emailopenid_success,
emailopenid_failure, redirect_to)
else:
form = ChangeEmailForm(initial={'email': user_.email},
user=user_)
output = render_to_response('authopenid/changeemail.html', {
'form': form,
'email': user_.email,
'action_type': action,
'gravatar_faq_url': reverse('faq') + '#gravatar',
'change_email_url': reverse('user_changeemail'),
'msg': msg
}, context_instance=RequestContext(request))
if action == 'validate':
set_email_validation_message(user_)
return output
def feedback(request):
if request.method == "POST":
form = FeedbackForm(request.POST)
if form.is_valid():
context = {'user': request.user}
if not request.user.is_authenticated:
context['email'] = form.cleaned_data.get('email',None)
context['message'] = form.cleaned_data['message']
context['name'] = form.cleaned_data.get('name',None)
recipients = [(adm.username, adm.email) for adm in User.objects.filter(is_superuser=True)]
send_email(settings.EMAIL_SUBJECT_PREFIX + _("Feedback message from %(site_name)s") % {'site_name': settings.APP_SHORT_NAME},
recipients, "notifications/feedback.html", context)
msg = _('Thanks for the feedback!')
request.user.message_set.create(message=msg)
return HttpResponseRedirect(get_next_url(request))
else:
form = FeedbackForm(initial={'next':get_next_url(request)})
return render_to_response('feedback.html', {'form': form}, context_instance=RequestContext(request))
def signout(request):
"""
signout from the website. Remove openid from session and kill it.
url : /signout/"
"""
logging.debug('')
try:
logging.debug('deleting openid session var')
del request.session['openid']
except KeyError:
logging.debug('failed')
pass
logout(request)
logging.debug('user logged out')
return HttpResponseRedirect(get_next_url(request))
def signin_failure(request, message):
"""
falure with openid signin. Go back to signin page.
template : "authopenid/signin.html"
"""
logging.debug('')
next = get_next_url(request)
form_signin = OpenidSigninForm(initial={'next': next})
form_auth = ClassicLoginForm(initial={'next': next})
return render_to_response('authopenid/signin.html', {
'msg': message,
'form1': form_auth,
'form2': form_signin,
}, context_instance=RequestContext(request))
def logout(request):
return render_to_response('logout.html', {
'next': get_next_url(request),
},
context_instance=RequestContext(request))
def decorated(request, *args, **kwargs):
if request.user.is_authenticated():
return HttpResponseRedirect(get_next_url(request))
return func(request, *args, **kwargs)
def signup(request):
"""
signup page. Create a legacy account
url : /signup/"
templates: authopenid/signup.html, authopenid/confirm_email.txt
"""
logging.debug('')
if settings.USE_EXTERNAL_LEGACY_LOGIN == True:
logging.debug('handling external legacy login registration')
return HttpResponseRedirect(reverse('user_external_legacy_login_signup'))
next = get_next_url(request)
logging.debug('request method was %s' % request.method)
if request.method == 'POST':
form = ClassicRegisterForm(request.POST)
email_feeds_form = SimpleEmailSubscribeForm(request.POST)
#validation outside if to remember form values
logging.debug('validating classic register form')
form1_is_valid = form.is_valid()
logging.debug('classic register form validated')
form2_is_valid = email_feeds_form.is_valid()
logging.debug('email feeds form validated')
if form1_is_valid and form2_is_valid:
logging.debug('both forms are valid')
next = form.cleaned_data['next']
username = form.cleaned_data['username']
password = form.cleaned_data['password1']
email = form.cleaned_data['email']
user_ = User.objects.create_user( username,email,password )
logging.debug('new user %s created' % username)
if settings.USE_EXTERNAL_LEGACY_LOGIN == True:
EXTERNAL_LOGIN_APP.api.create_user(username,email,password)
user_.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user_)
logging.debug('new user logged in')
email_feeds_form.save(user_)
logging.debug('email feeds form saved')
# send email
subject = _("Welcome email subject line")
message_template = loader.get_template(
'authopenid/confirm_email.txt'
)
message_context = Context({
'signup_url': settings.APP_URL + reverse('user_signin'),
'username': username,
'password': password,
})
message = message_template.render(message_context)
send_mail(subject, message, settings.DEFAULT_FROM_EMAIL,
[user_.email])
logging.debug('new user with login and password created, confirmation email sent!')
return HttpResponseRedirect(next)
else:
logging.debug('create classic account forms were invalid')
else:
form = ClassicRegisterForm(initial={'next':next})
email_feeds_form = SimpleEmailSubscribeForm()
logging.debug('printing legacy signup form')
return render_to_response('authopenid/signup.html', {
'form': form,
'email_feeds_form': email_feeds_form
}, context_instance=RequestContext(request))
def register(request):
"""
register an openid.
If user is already a member he can associate its openid with
its account.
A new account could also be created and automaticaly associated
to the openid.
url : /complete/
template : authopenid/complete.html
"""
logging.debug('')
openid_ = request.session.get('openid', None)
next = get_next_url(request)
if not openid_:
logging.debug('oops, no openid in session --> go back to signin')
return HttpResponseRedirect(reverse('user_signin') + '?next=%s' % next)
nickname = openid_.sreg.get('nickname', '')
email = openid_.sreg.get('email', '')
form1 = OpenidRegisterForm(initial={
'next': next,
'username': nickname,
'email': email,
})
form2 = OpenidVerifyForm(initial={
'next': next,
'username': nickname,
})
email_feeds_form = SimpleEmailSubscribeForm()
user_ = None
is_redirect = False
logging.debug('request method is %s' % request.method)
if request.method == 'POST':
if 'bnewaccount' in request.POST.keys():
logging.debug('trying to create new account associated with openid')
form1 = OpenidRegisterForm(request.POST)
email_feeds_form = SimpleEmailSubscribeForm(request.POST)
if not form1.is_valid():
logging.debug('OpenidRegisterForm is INVALID')
elif not email_feeds_form.is_valid():
logging.debug('SimpleEmailSubscribeForm is INVALID')
else:
logging.debug('OpenidRegisterForm and SimpleEmailSubscribeForm are valid')
next = form1.cleaned_data['next']
is_redirect = True
logging.debug('creatng new django user %s ...' % form1.cleaned_data['username'])
tmp_pwd = User.objects.make_random_password()
user_ = User.objects.create_user(form1.cleaned_data['username'],
form1.cleaned_data['email'], tmp_pwd)
user_.set_unusable_password()
# make association with openid
logging.debug('creating new openid user association %s <--> %s' \
% (user_.username, str(openid_)))
uassoc = UserAssociation(openid_url=str(openid_), user_id=user_.id)
uassoc.save()
# login
user_.backend = "django.contrib.auth.backends.ModelBackend"
logging.debug('logging the user in')
login(request, user_)
logging.debug('saving email feed settings')
email_feeds_form.save(user_)
elif 'bverify' in request.POST.keys():
logging.debug('processing OpenidVerify form')
form2 = OpenidVerifyForm(request.POST)
if form2.is_valid():
logging.debug('form is valid')
is_redirect = True
next = form2.cleaned_data['next']
user_ = form2.get_user()
logging.debug('creating new openid user association %s <--> %s' \
% (user_.username, str(openid_)))
uassoc = UserAssociation(openid_url=str(openid_),
user_id=user_.id)
uassoc.save()
logging.debug('logging the user in')
login(request, user_)
#check if we need to post a question that was added anonymously
#this needs to be a function call becase this is also done
#if user just logged in and did not need to create the new account
if user_ != None:
if settings.EMAIL_VALIDATION == 'on':
logging.debug('sending email validation')
send_new_email_key(user_,nomessage=True)
output = validation_email_sent(request)
set_email_validation_message(user_) #message set after generating view
return output
if user_.is_authenticated():
logging.debug('success, send user to main page')
return HttpResponseRedirect(reverse('index'))
else:
logging.debug('have really strange error')
raise Exception('openid login failed')#should not ever get here
openid_str = str(openid_)
bits = openid_str.split('/')
base_url = bits[2] #assume this is base url
url_bits = base_url.split('.')
provider_name = url_bits[-2].lower()
providers = {'yahoo':'<font color="purple">Yahoo!</font>',
'flickr':'<font color="#0063dc">flick</font><font color="#ff0084">r</font>™',
'google':'Google™',
'aol':'<font color="#31658e">AOL</font>',
'myopenid':'MyOpenID',
}
if provider_name not in providers:
provider_logo = provider_name
logging.error('openid provider named "%s" has no pretty customized logo' % provider_name)
else:
provider_logo = providers[provider_name]
logging.debug('printing authopenid/complete.html output')
return render_to_response('authopenid/complete.html', {
'form1': form1,
'form2': form2,
'email_feeds_form': email_feeds_form,
'provider':mark_safe(provider_logo),
'username': nickname,
'email': email,
'login_type':'openid',
'gravatar_faq_url':reverse('faq') + '#gravatar',
}, context_instance=RequestContext(request))
def signin(request,newquestion=False,newanswer=False):
"""
signin page. It manages the legacy authentification (user/password)
and openid authentification
url: /signin/
template : authopenid/signin.htm
"""
logging.debug('in signin view')
request.encoding = 'UTF-8'
on_failure = signin_failure
email_feeds_form = SimpleEmailSubscribeForm()
next = get_next_url(request)
form_signin = OpenidSigninForm(initial={'next':next})
form_auth = ClassicLoginForm(initial={'next':next})
if request.method == 'POST':
#'blogin' - password login
if 'blogin' in request.POST.keys():
logging.debug('processing classic login form submission')
form_auth = ClassicLoginForm(request.POST)
if form_auth.is_valid():
#have login and password and need to login through external website
if settings.USE_EXTERNAL_LEGACY_LOGIN == True:
username = form_auth.cleaned_data['username']
password = form_auth.cleaned_data['password']
next = form_auth.cleaned_data['next']
if form_auth.get_user() == None:
#need to create internal user
#1) save login and password temporarily in session
request.session['external_username'] = username
request.session['external_password'] = password
#2) try to extract user email and nickname from external service
email = EXTERNAL_LOGIN_APP.api.get_email(username,password)
screen_name = EXTERNAL_LOGIN_APP.api.get_screen_name(username,password)
#3) see if username clashes with some existing user
#if so, we have to prompt the user to pick a different name
username_taken = User.is_username_taken(screen_name)
email_feeds_form = SimpleEmailSubscribeForm()
form_data = {'username':screen_name,'email':email,'next':next}
form = OpenidRegisterForm(initial=form_data)
template_data = {'form1':form,'username':screen_name,\
'email_feeds_form':email_feeds_form,\
'provider':mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME),\
'login_type':'legacy',\
'gravatar_faq_url':reverse('faq') + '#gravatar',\
'external_login_name_is_taken':username_taken}
return render_to_response('authopenid/complete.html',template_data,\
context_instance=RequestContext(request))
else:
#user existed, external password is ok
user = form_auth.get_user()
login(request,user)
response = HttpResponseRedirect(get_next_url(request))
EXTERNAL_LOGIN_APP.api.set_login_cookies(response,user)
return response
else:
#regular password authentication
user = form_auth.get_user()
login(request, user)
return HttpResponseRedirect(get_next_url(request))
elif 'bnewaccount' in request.POST.keys():
logging.debug('processing classic (login/password) create account form submission')
#register externally logged in password user with a new local account
if settings.USE_EXTERNAL_LEGACY_LOGIN == True:
form = OpenidRegisterForm(request.POST)
email_feeds_form = SimpleEmailSubscribeForm(request.POST)
form1_is_valid = form.is_valid()
form2_is_valid = email_feeds_form.is_valid()
if form1_is_valid and form2_is_valid:
#create the user
username = form.cleaned_data['username']
password = request.session.get('external_password',None)
email = form.cleaned_data['email']
if password and username:
User.objects.create_user(username,email,password)
user = authenticate(username=username,password=password)
EXTERNAL_LOGIN_APP.api.connect_local_user_to_external_user(user,username,password)
external_username = request.session['external_username']
eld = ExternalLoginData.objects.get(external_username=external_username)
eld.user = user
eld.save()
login(request,user)
email_feeds_form.save(user)
del request.session['external_username']
del request.session['external_password']
response = HttpResponseRedirect(reverse('index'))
EXTERNAL_LOGIN_APP.api.set_login_cookies(response, user)
return response
else:
if password:
del request.session['external_username']
if username:
del request.session['external_password']
return HttpResponseServerError()
else:
username = request.POST.get('username',None)
provider = mark_safe(settings.EXTERNAL_LEGACY_LOGIN_PROVIDER_NAME)
username_taken = User.is_username_taken(username)
data = {'login_type':'legacy','form1':form,'username':username,\
'email_feeds_form':email_feeds_form,'provider':provider,\
'gravatar_faq_url':reverse('faq') + '#gravatar',\
'external_login_name_is_taken':username_taken}
return render_to_response('authopenid/complete.html',data,
context_instance=RequestContext(request))
else:
raise Http404
elif 'bsignin' in request.POST.keys() or 'openid_username' in request.POST.keys():
logging.debug('processing signin with openid submission')
form_signin = OpenidSigninForm(request.POST)
if form_signin.is_valid():
logging.debug('OpenidSigninForm is valid')
next = form_signin.cleaned_data['next']
sreg_req = sreg.SRegRequest(optional=['nickname', 'email'])
redirect_to = "%s%s?%s" % (
get_url_host(request),
reverse('user_complete_signin'),
urllib.urlencode({'next':next})
)
return ask_openid(request,
form_signin.cleaned_data['openid_url'],
redirect_to,
on_failure=signin_failure,
sreg_request=sreg_req)
else:
logging.debug('OpenidSigninForm is NOT valid! -> redisplay login view')
#if request is GET
if request.method == 'GET':
logging.debug('request method was GET')
question = None
if newquestion == True:
from forum.models import AnonymousQuestion as AQ
session_key = request.session.session_key
logging.debug('retrieving anonymously posted question associated with session %s' % session_key)
qlist = AQ.objects.filter(session_key=session_key).order_by('-added_at')
if len(qlist) > 0:
question = qlist[0]
answer = None
if newanswer == True:
from forum.models import AnonymousAnswer as AA
session_key = request.session.session_key
logging.debug('retrieving posted answer associated with session %s' % session_key)
alist = AA.objects.filter(session_key=session_key).order_by('-added_at')
if len(alist) > 0:
answer = alist[0]
logging.debug('showing signin view')
return render_to_response('authopenid/signin.html', {
'question':question,
'answer':answer,
'form1': form_auth,
'form2': form_signin,
'msg': request.GET.get('msg',''),
'sendpw_url': reverse('user_sendpw'),
'fb_api_key': settings.FB_API_KEY,
}, context_instance=RequestContext(request))
def logout(request):
return render_to_response('logout.html', {
'next' : get_next_url(request),
}, context_instance=RequestContext(request))
def default_on_success(request, identity_url, openid_response):
""" default action on openid signin success """
logging.debug('')
request.session['openid'] = from_openid_response(openid_response)
logging.debug('performing default action on openid success %s' % get_next_url(request))
return HttpResponseRedirect(get_next_url(request))
