]> git.openstreetmap.org Git - osqa.git/blobdiff - forum/views/auth.py
projects / osqa.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Accepting incoming merge of the jambazov feature branch. Mostly includes new bug...
[osqa.git] / forum / views / auth.py
diff --git a/forum/views/auth.py b/forum/views/auth.py
index 75095a6c3aba5e59347f94c94c3d00574ad9ce5c..ad4785dcef53e6a273702ea9b7d8abe78ddaff86 100644 (file)
--- a/forum/views/auth.py
+++ b/forum/views/auth.py
@@ -7,7 +7,8 @@ from forum.http_responses import HttpResponseUnauthorized
 from django.utils.safestring import mark_safe
 from django.utils.translation import ugettext as _
 from django.utils.http import urlquote_plus
-from django.contrib.auth.decorators import login_required
+from forum.views.decorators import login_required
+from forum.modules import decorate
 from django.contrib.auth import login, logout
 from django.http import get_host
 from forum.actions import SuspendAction
@@ -20,7 +21,7 @@ import logging
 
 from forum.forms import SimpleRegistrationForm, SimpleEmailSubscribeForm, \
         TemporaryLoginRequestForm, ChangePasswordForm, SetPasswordForm
-from forum.utils.mail import send_email, send_template_email
+from forum.utils.mail import send_template_email
 
 from forum.authentication.base import InvalidAuthentication
 from forum.authentication import AUTH_PROVIDERS
@@ -30,6 +31,9 @@ from forum.actions import UserJoinsAction
 
 def signin_page(request):
     request.session['on_signin_url'] = request.META.get('HTTP_REFERER', '/')
+    
+    if reverse('auth_signin') == request.session['on_signin_url'].replace(settings.APP_URL, ''):
+        request.session['on_signin_url'] = reverse('index')
 
     all_providers = [provider.context for provider in AUTH_PROVIDERS.values()]
 
@@ -257,6 +261,11 @@ def temp_signin(request, user, code):
     user = get_object_or_404(User, id=user)
 
     if (ValidationHash.objects.validate(code, user, 'templogin', [user.id])):
+        
+        # If the user requests temp_signin he must have forgotten his password. So we mark it as unusable.
+        user.set_unusable_password()
+        user.save()
+        
         return login_and_forward(request, user, reverse('user_authsettings', kwargs={'id': user.id}),
                                  _(
                                          "You are logged in with a temporary access key, please take the time to fix your issue with authentication."
@@ -270,9 +279,12 @@ def send_validation_email(request):
     else:
         try:
             hash = ValidationHash.objects.get(user=request.user, type='email')
-            if hash.expiration < datetime.datetime.now():
-                hash.delete()
-                return send_validation_email(request)
+            hash.delete()
+            
+            # If we were able to get a previous validation hash we should raise an
+            # Exception immediately. Otherwise new validation hash will not be created
+            # and users will not receive the desired e-mail vaidation link.
+            raise Exception("Validation has already been sent")
         except:
             hash = ValidationHash.objects.create_new(request.user, 'email', [request.user.email])
 
@@ -288,11 +300,10 @@ def validate_email(request, user, code):
     if (ValidationHash.objects.validate(code, user, 'email', [user.email])):
         user.email_isvalid = True
         user.save()
-        return login_and_forward(request, user, None, _("Thank you, your email is now validated."))
+        return login_and_forward(request, user, reverse('index'), _("Thank you, your email is now validated."))
     else:
-        raise Http404()
+        return render_to_response('auth/mail_already_validated.html', { 'user' : user }, RequestContext(request))
 
-@login_required
 def auth_settings(request, id):
     user_ = get_object_or_404(User, id=id)
 
@@ -346,6 +357,7 @@ def auth_settings(request, id):
     'form': form,
     'has_password': user_.has_usable_password(),
     'auth_keys': auth_keys_list,
+    'allow_local_auth': AUTH_PROVIDERS.get('local', None),
     }, context_instance=RequestContext(request))
 
 def remove_external_provider(request, id):
@@ -403,7 +415,7 @@ def forward_suspended_user(request, user, show_private_msg=True):
     request.user.message_set.create(message)
     return HttpResponseRedirect(reverse('index'))
 
-@login_required
+@decorate.withfn(login_required)
 def signout(request):
     logout(request)
-    return HttpResponseRedirect(reverse('index'))
\ No newline at end of file
+    return HttpResponseRedirect(reverse('index'))
OSQA