summaryrefslogtreecommitdiffstats
path: root/forum/views/auth.py
diff options
context:
space:
mode:
Diffstat (limited to 'forum/views/auth.py')
-rw-r--r--[-rwxr-xr-x]forum/views/auth.py183
1 files changed, 165 insertions, 18 deletions
diff --git a/forum/views/auth.py b/forum/views/auth.py
index cf27f1bb..72b0af29 100755..100644
--- a/forum/views/auth.py
+++ b/forum/views/auth.py
@@ -1,17 +1,21 @@
-from django.shortcuts import render_to_response
+from django.shortcuts import render_to_response, get_object_or_404
from django.template import RequestContext
from django.core.urlresolvers import reverse
from django.contrib.auth.models import User
-from django.http import HttpResponseRedirect
+from django.http import HttpResponseRedirect, Http404
from django.utils.safestring import mark_safe
from django.utils.translation import ugettext as _
+from django.utils.http import urlquote_plus
from django.contrib.auth.decorators import login_required
from django.contrib.auth import login, logout
from django.http import get_host
import types
+import datetime
-from forum.models import AuthKeyUserAssociation
-from forum.authentication.forms import SimpleRegistrationForm, SimpleEmailSubscribeForm
+from forum.models import AuthKeyUserAssociation, ValidationHash
+from forum.authentication.forms import SimpleRegistrationForm, SimpleEmailSubscribeForm, \
+ TemporaryLoginRequestForm, ChangePasswordForm, SetPasswordForm
+from forum.utils.email import send_email
from forum.authentication.base import InvalidAuthentication
from forum.authentication import AUTH_PROVIDERS
@@ -23,6 +27,7 @@ def signin_page(request, action=None):
request.session['on_signin_url'] = request.META.get('HTTP_REFERER', '/')
else:
request.session['on_signin_action'] = action
+ request.session['on_signin_url'] = reverse('auth_action_signin', kwargs={'action': action})
all_providers = [provider.context for provider in AUTH_PROVIDERS.values()]
@@ -104,8 +109,13 @@ def process_provider_signin(request, provider):
except:
uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider)
uassoc.save()
- request.session['auth_error'] = _("These new credentials are now associated with your account.")
+ request.user.message_set.create(message=_('The new credentials are now associated with your account'))
+ return HttpResponseRedirect(reverse('user_authsettings'))
+
return HttpResponseRedirect(reverse('auth_signin'))
+ else:
+ if isinstance(assoc_key, (type, User)):
+ return login_and_forward(request, assoc_key)
try:
assoc = AuthKeyUserAssociation.objects.get(key=assoc_key)
@@ -124,12 +134,22 @@ def external_register(request):
email_feeds_form = SimpleEmailSubscribeForm(request.POST)
if (form1.is_valid() and email_feeds_form.is_valid()):
- tmp_pwd = User.objects.make_random_password()
- user_ = User.objects.create_user(form1.cleaned_data['username'],
- form1.cleaned_data['email'], tmp_pwd)
-
+ user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email'])
+ user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email']
user_.set_unusable_password()
+ user_.save()
+
+ if not user_.email_isvalid:
+ send_validation_email(user_)
+
+ try:
+ assoc_key = request.session['assoc_key']
+ auth_provider = request.session['auth_provider']
+ except:
+ request.session['auth_error'] = _("Oops, something went wrong in the middle of this process. Please try again.")
+ return HttpResponseRedirect(request.session.get('on_signin_url', reverse('auth_signin')))
+
uassoc = AuthKeyUserAssociation(user=user_, key=request.session['assoc_key'], provider=request.session['auth_provider'])
uassoc.save()
@@ -137,7 +157,11 @@ def external_register(request):
del request.session['assoc_key']
del request.session['auth_provider']
- return login_and_forward(request, user_)
+
+ if user_.email_isvalid:
+ return login_and_forward(request, user_)
+ else:
+ return HttpResponseRedirect(reverse('index'))
else:
provider_class = AUTH_PROVIDERS[request.session['auth_provider']].consumer
user_data = provider_class.get_user_data(request.session['assoc_key'])
@@ -148,6 +172,9 @@ def external_register(request):
if not email:
email = request.session.get('auth_email_request', '')
+ if email:
+ request.session['auth_validated_email'] = email
+
form1 = SimpleRegistrationForm(initial={
'next': '/',
'username': username,
@@ -165,6 +192,121 @@ def external_register(request):
'gravatar_faq_url':reverse('faq') + '#gravatar',
}, context_instance=RequestContext(request))
+def request_temp_login(request):
+ if request.method == 'POST':
+ form = TemporaryLoginRequestForm(request.POST)
+
+ if form.is_valid():
+ user = form.user_cache
+
+ try:
+ hash = get_object_or_404(ValidationHash, user=user, type='templogin')
+ if hash.expiration < datetime.datetime.now():
+ hash.delete()
+ return request_temp_login(request)
+ except:
+ hash = ValidationHash.objects.create_new(user, 'templogin', [user.id])
+
+ send_email(_("Temporary login link"), [user.email], "auth/temp_login_email.html", {
+ 'temp_login_code': hash,
+ 'user': user
+ })
+
+ request.user.message_set.create(message=_("An email has been sent with your temporary login key"))
+
+ return HttpResponseRedirect(reverse('index'))
+ else:
+ form = TemporaryLoginRequestForm()
+
+ return render_to_response(
+ 'auth/temp_login_request.html', {'form': form},
+ context_instance=RequestContext(request))
+
+def temp_signin(request, user, code):
+ user = get_object_or_404(User, id=user)
+
+ if (ValidationHash.objects.validate(code, user, 'templogin', [user.id])):
+ return login_and_forward(request, user, reverse('user_authsettings'),
+ _("You are logged in with a temporary access key, please take the time to fix your issue with authentication."))
+ else:
+ raise Http404()
+
+def send_validation_email(user):
+ hash = ValidationHash.objects.create_new(user, 'email', [user.email])
+ send_email(_("Email Validation"), [user.email], "auth/email_validation.html", {
+ 'validation_code': hash,
+ 'user': user
+ })
+
+def validate_email(request, user, code):
+ user = get_object_or_404(User, id=user)
+
+ if (ValidationHash.objects.validate(code, user, 'email', [user.email])):
+ user.email_isvalid = True
+ user.save()
+ return login_and_forward(request, user, None, _("Thank you, your email is now validated."))
+ else:
+ raise Http404()
+
+@login_required
+def auth_settings(request):
+ """
+ change password view.
+
+ url : /changepw/
+ template: authopenid/changepw.html
+ """
+ user_ = request.user
+ auth_keys = user_.auth_keys.all()
+
+ if user_.has_usable_password():
+ FormClass = ChangePasswordForm
+ else:
+ FormClass = SetPasswordForm
+
+ if request.POST:
+ form = FormClass(request.POST, user=user_)
+ if form.is_valid():
+ if user_.has_usable_password():
+ request.user.message_set.create(message=_("Your password was changed"))
+ else:
+ request.user.message_set.create(message=_("New password set"))
+ form = ChangePasswordForm(user=user_)
+
+ user_.set_password(form.cleaned_data['password1'])
+ user_.save()
+ return HttpResponseRedirect(reverse('user_authsettings'))
+ else:
+ form = FormClass(user=user_)
+
+ auth_keys_list = []
+
+ for k in auth_keys:
+ provider = AUTH_PROVIDERS.get(k.provider, None)
+
+ if provider is not None:
+ name = "%s: %s" % (provider.context.human_name, provider.context.readable_key(k))
+ else:
+ from forum.authentication.base import ConsumerTemplateContext
+ "unknown: %s" % ConsumerTemplateContext.readable_key(k)
+
+ auth_keys_list.append({
+ 'name': name,
+ 'id': k.id
+ })
+
+ return render_to_response('auth/auth_settings.html', {
+ 'form': form,
+ 'has_password': user_.has_usable_password(),
+ 'auth_keys': auth_keys_list,
+ }, context_instance=RequestContext(request))
+
+def remove_external_provider(request, id):
+ association = get_object_or_404(AuthKeyUserAssociation, id=id)
+ request.user.message_set.create(message=_("You removed the association with %s") % association.provider)
+ association.delete()
+ return HttpResponseRedirect(reverse('user_authsettings'))
+
def newquestion_signin_action(user):
question = Question.objects.filter(author=user).order_by('-added_at')[0]
return question.get_absolute_url()
@@ -178,7 +320,7 @@ POST_SIGNIN_ACTIONS = {
'newanswer': newanswer_signin_action,
}
-def login_and_forward(request, user):
+def login_and_forward(request, user, forward=None, message=None):
old_session = request.session.session_key
user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user)
@@ -186,19 +328,24 @@ def login_and_forward(request, user):
from forum.models import user_logged_in
user_logged_in.send(user=user,session_key=old_session,sender=None)
- redirect = request.session.get('on_signin_url', None)
-
- if not redirect:
+ if not forward:
signin_action = request.session.get('on_signin_action', None)
if not signin_action:
- redirect = reverse('index')
+ forward = request.session.get('on_signin_url', None)
+
+ if not forward:
+ forward = reverse('index')
else:
try:
- redirect = POST_SIGNIN_ACTIONS[signin_action](user)
+ forward = POST_SIGNIN_ACTIONS[signin_action](user)
except:
- redirect = reverse('index')
+ forward = reverse('index')
+
+ if message is None:
+ message = _("Welcome back %s, you are now logged in") % user.username
- return HttpResponseRedirect(redirect)
+ request.user.message_set.create(message=message)
+ return HttpResponseRedirect(forward)
@login_required
def signout(request):
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-10-12 21:41:19 +0000