forum_modules/authentication/auth.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144

from django.shortcuts import render_to_response, get_object_or_404
from django.template import RequestContext
from django.core.urlresolvers import reverse
from django.contrib.auth.models import User
from django.http import HttpResponseRedirect, Http404
from django.utils.safestring import mark_safe
from django.utils.translation import ugettext as _
from django.utils.http import urlquote_plus
from django.contrib.auth.decorators import login_required
from django.contrib.auth import login,  logout
from django.http import get_host
import types
import datetime

from forum.models import AuthKeyUserAssociation, ValidationHash
from forum.authentication.forms import SimpleRegistrationForm, SimpleEmailSubscribeForm, \
        TemporaryLoginRequestForm, ChangePasswordForm, SetPasswordForm
from forum.utils.email import send_email

from forum.authentication.base import InvalidAuthentication
from forum.authentication import AUTH_PROVIDERS

from forum.models import Question, Answer

def send_validation_email(user):
    hash = ValidationHash.objects.create_new(user, 'email', [user.email])
    send_email(_("Email Validation"), [user.email], "auth/email_validation.html", {
        'validation_code': hash,
        'user': user
    })

def validate_email(request, user, code):
    user = get_object_or_404(User, id=user)

    if (ValidationHash.objects.validate(code, user, 'email', [user.email])):
        user.email_isvalid = True
        user.save()
        return login_and_forward(request,  user, None, _("Thank you, your email is now validated."))
    else:
        raise Http404()

@login_required
def auth_settings(request):
    """
    change password view.

    url : /changepw/
    template: authopenid/changepw.html
    """
    user_ = request.user
    auth_keys = user_.auth_keys.all()

    if user_.has_usable_password():
        FormClass = ChangePasswordForm
    else:
        FormClass = SetPasswordForm

    if request.POST:
        form = FormClass(request.POST, user=user_)
        if form.is_valid():
            if user_.has_usable_password():
                request.user.message_set.create(message=_("Your password was changed"))
            else:
                request.user.message_set.create(message=_("New password set"))
                FormClass = ChangePasswordForm
                
            user_.set_password(form.cleaned_data['password1'])
            user_.save()
            return HttpResponseRedirect(reverse('user_authsettings'))
    
    form = FormClass(user=user_)

    auth_keys_list = []

    for k in auth_keys:
        provider = AUTH_PROVIDERS.get(k.provider, None)

        if provider is not None:
            name =  "%s: %s" % (provider.context.human_name, provider.context.readable_key(k))
        else:
            from forum.authentication.base import ConsumerTemplateContext
            "unknown: %s" % ConsumerTemplateContext.readable_key(k)

        auth_keys_list.append({
            'name': name,
            'id': k.id
        })

    return render_to_response('auth/auth_settings.html', {
        'form': form,
        'has_password': user_.has_usable_password(),
        'auth_keys': auth_keys_list,
    }, context_instance=RequestContext(request))

def newquestion_signin_action(user):
    question = Question.objects.filter(author=user).order_by('-added_at')[0]
    return question.get_absolute_url()

def newanswer_signin_action(user):
    answer = Answer.objects.filter(author=user).order_by('-added_at')[0]
    return answer.get_absolute_url()

POST_SIGNIN_ACTIONS = {
    'newquestion': newquestion_signin_action,
    'newanswer': newanswer_signin_action,
}

def login_and_forward(request,  user, forward=None, message=None):
    old_session = request.session.session_key
    user.backend = "django.contrib.auth.backends.ModelBackend"
    login(request,  user)

    from forum.models import signals#todo: move to auth app
    signals.user_logged_in.send(user=user,session_key=old_session,sender=None)

    if not forward:
        signin_action = request.session.get('on_signin_action', None)
        if not signin_action:
            forward = request.session.get('on_signin_url', None)

            if not forward:
                forward = reverse('index')
        else:
            try:
                forward = POST_SIGNIN_ACTIONS[signin_action](user)
            except:
                forward = reverse('index')

    if message is None:
        message = _("Welcome back %s, you are now logged in") % user.username

    request.user.message_set.create(message=message)
    return HttpResponseRedirect(forward)

@login_required
def signout(request):
    """
    signout from the website. Remove openid from session and kill it.

    url : /signout/"
    """

    logout(request)
    return HttpResponseRedirect(reverse('index'))