X-Git-Url: https://git.openstreetmap.org./osqa.git/blobdiff_plain/617e60be3c7d2e0f17639f3487a721d4efdc02c0..2444d6ffd7995be782615589fb1d5aef2c8277ce:/forum/views/auth.py diff --git a/forum/views/auth.py b/forum/views/auth.py index 90af33b..ad4785d 100644 --- a/forum/views/auth.py +++ b/forum/views/auth.py @@ -7,7 +7,8 @@ from forum.http_responses import HttpResponseUnauthorized from django.utils.safestring import mark_safe from django.utils.translation import ugettext as _ from django.utils.http import urlquote_plus -from django.contrib.auth.decorators import login_required +from forum.views.decorators import login_required +from forum.modules import decorate from django.contrib.auth import login, logout from django.http import get_host from forum.actions import SuspendAction @@ -20,7 +21,7 @@ import logging from forum.forms import SimpleRegistrationForm, SimpleEmailSubscribeForm, \ TemporaryLoginRequestForm, ChangePasswordForm, SetPasswordForm -from forum.utils.mail import send_email, send_template_email +from forum.utils.mail import send_template_email from forum.authentication.base import InvalidAuthentication from forum.authentication import AUTH_PROVIDERS @@ -30,6 +31,9 @@ from forum.actions import UserJoinsAction def signin_page(request): request.session['on_signin_url'] = request.META.get('HTTP_REFERER', '/') + + if reverse('auth_signin') == request.session['on_signin_url'].replace(settings.APP_URL, ''): + request.session['on_signin_url'] = reverse('index') all_providers = [provider.context for provider in AUTH_PROVIDERS.values()] @@ -226,22 +230,24 @@ def request_temp_login(request): form = TemporaryLoginRequestForm(request.POST) if form.is_valid(): - user = form.user_cache + users = form.user_cache - if user.is_suspended(): - return forward_suspended_user(request, user, False) + for u in users: + if u.is_suspended(): + return forward_suspended_user(request, u, False) - try: - hash = get_object_or_404(ValidationHash, user=user, type='templogin') - if hash.expiration < datetime.datetime.now(): - hash.delete() - return request_temp_login(request) - except: - hash = ValidationHash.objects.create_new(user, 'templogin', [user.id]) + for u in users: + try: + hash = get_object_or_404(ValidationHash, user=u, type='templogin') + if hash.expiration < datetime.datetime.now(): + hash.delete() + return request_temp_login(request) + except: + hash = ValidationHash.objects.create_new(u, 'templogin', [u.id]) - send_template_email([user], "auth/temp_login_email.html", {'temp_login_code': hash}) + send_template_email([u], "auth/temp_login_email.html", {'temp_login_code': hash}) - request.user.message_set.create(message=_("An email has been sent with your temporary login key")) + request.user.message_set.create(message=_("An email has been sent with your temporary login key")) return HttpResponseRedirect(reverse('index')) else: @@ -255,6 +261,11 @@ def temp_signin(request, user, code): user = get_object_or_404(User, id=user) if (ValidationHash.objects.validate(code, user, 'templogin', [user.id])): + + # If the user requests temp_signin he must have forgotten his password. So we mark it as unusable. + user.set_unusable_password() + user.save() + return login_and_forward(request, user, reverse('user_authsettings', kwargs={'id': user.id}), _( "You are logged in with a temporary access key, please take the time to fix your issue with authentication." @@ -268,9 +279,12 @@ def send_validation_email(request): else: try: hash = ValidationHash.objects.get(user=request.user, type='email') - if hash.expiration < datetime.datetime.now(): - hash.delete() - return send_validation_email(request) + hash.delete() + + # If we were able to get a previous validation hash we should raise an + # Exception immediately. Otherwise new validation hash will not be created + # and users will not receive the desired e-mail vaidation link. + raise Exception("Validation has already been sent") except: hash = ValidationHash.objects.create_new(request.user, 'email', [request.user.email]) @@ -286,11 +300,10 @@ def validate_email(request, user, code): if (ValidationHash.objects.validate(code, user, 'email', [user.email])): user.email_isvalid = True user.save() - return login_and_forward(request, user, None, _("Thank you, your email is now validated.")) + return login_and_forward(request, user, reverse('index'), _("Thank you, your email is now validated.")) else: - raise Http404() + return render_to_response('auth/mail_already_validated.html', { 'user' : user }, RequestContext(request)) -@login_required def auth_settings(request, id): user_ = get_object_or_404(User, id=id) @@ -344,6 +357,7 @@ def auth_settings(request, id): 'form': form, 'has_password': user_.has_usable_password(), 'auth_keys': auth_keys_list, + 'allow_local_auth': AUTH_PROVIDERS.get('local', None), }, context_instance=RequestContext(request)) def remove_external_provider(request, id): @@ -367,7 +381,9 @@ def login_and_forward(request, user, forward=None, message=None): request.user.message_set.create(message=message) - forward = request.session.get('on_signin_url', reverse('index')) + if not forward: + forward = request.session.get('on_signin_url', reverse('index')) + pending_data = request.session.get('pending_submission_data', None) if pending_data and (user.email_isvalid or pending_data['type'] not in settings.REQUIRE_EMAIL_VALIDATION_TO): @@ -399,7 +415,7 @@ def forward_suspended_user(request, user, show_private_msg=True): request.user.message_set.create(message) return HttpResponseRedirect(reverse('index')) -@login_required +@decorate.withfn(login_required) def signout(request): logout(request) - return HttpResponseRedirect(reverse('index')) \ No newline at end of file + return HttpResponseRedirect(reverse('index'))