X-Git-Url: https://git.openstreetmap.org./osqa.git/blobdiff_plain/834e472cdec6eb5e2240dfcc83683c5c2cd7aa0e..8a6bfd84137635211aa15f3991aa681c37d4cb6e:/forum/views/auth.py?ds=sidebyside diff --git a/forum/views/auth.py b/forum/views/auth.py index 073b9b6..db8cc32 100644 --- a/forum/views/auth.py +++ b/forum/views/auth.py @@ -7,7 +7,8 @@ from forum.http_responses import HttpResponseUnauthorized from django.utils.safestring import mark_safe from django.utils.translation import ugettext as _ from django.utils.http import urlquote_plus -from django.contrib.auth.decorators import login_required +from forum.views.decorators import login_required +from forum.modules import decorate from django.contrib.auth import login, logout from django.http import get_host from forum.actions import SuspendAction @@ -18,8 +19,8 @@ import types import datetime import logging -from forum.forms import SimpleRegistrationForm, SimpleEmailSubscribeForm, \ - TemporaryLoginRequestForm, ChangePasswordForm, SetPasswordForm +from forum.forms import SimpleRegistrationForm, TemporaryLoginRequestForm, \ + ChangePasswordForm, SetPasswordForm from forum.utils.mail import send_template_email from forum.authentication.base import InvalidAuthentication @@ -28,10 +29,18 @@ from forum.authentication import AUTH_PROVIDERS from forum.models import AuthKeyUserAssociation, ValidationHash, Question, Answer from forum.actions import UserJoinsAction +from forum.settings import REP_GAIN_BY_EMAIL_VALIDATION +from vars import ON_SIGNIN_SESSION_ATTR, PENDING_SUBMISSION_SESSION_ATTR + def signin_page(request): - request.session['on_signin_url'] = request.META.get('HTTP_REFERER', '/') + referer = request.META.get('HTTP_REFERER', '/') + + # If the referer is equal to the sign up page, e. g. if the previous login attempt was not successful we do not + # change the sign in URL. The user should go to the same page. + if not referer.replace(settings.APP_URL, '') == reverse('auth_signin'): + request.session[ON_SIGNIN_SESSION_ATTR] = referer - all_providers = [provider.context for provider in AUTH_PROVIDERS.values()] + all_providers = [provider.context for provider in AUTH_PROVIDERS.values() if provider.context] sort = lambda c1, c2: c1.weight - c2.weight can_show = lambda c: not request.user.is_authenticated() or c.show_to_logged_in_user @@ -137,7 +146,7 @@ def process_provider_signin(request, provider): assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) user_ = assoc.user return login_and_forward(request, user_) - except: + except AuthKeyUserAssociation.DoesNotExist: request.session['assoc_key'] = assoc_key request.session['auth_provider'] = provider return HttpResponseRedirect(reverse('auth_external_register')) @@ -147,9 +156,8 @@ def process_provider_signin(request, provider): def external_register(request): if request.method == 'POST' and 'bnewaccount' in request.POST: form1 = SimpleRegistrationForm(request.POST) - email_feeds_form = SimpleEmailSubscribeForm(request.POST) - if (form1.is_valid() and email_feeds_form.is_valid()): + if form1.is_valid(): user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email']) user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email'] user_.set_unusable_password() @@ -175,10 +183,6 @@ def external_register(request): uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() - if email_feeds_form.cleaned_data['subscribe'] == 'n': - user_.subscription_settings.enable_notifications = False - user_.subscription_settings.save() - del request.session['assoc_key'] del request.session['auth_provider'] @@ -209,14 +213,12 @@ def external_register(request): 'username': username, 'email': email, }) - email_feeds_form = SimpleEmailSubscribeForm() provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context return render_to_response('auth/complete.html', { 'form1': form1, - 'email_feeds_form': email_feeds_form, - 'provider':mark_safe(provider_context.human_name), + 'provider':provider_context and mark_safe(provider_context.human_name) or _('unknown'), 'login_type':provider_context.id, 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request)) @@ -257,6 +259,11 @@ def temp_signin(request, user, code): user = get_object_or_404(User, id=user) if (ValidationHash.objects.validate(code, user, 'templogin', [user.id])): + + # If the user requests temp_signin he must have forgotten his password. So we mark it as unusable. + user.set_unusable_password() + user.save() + return login_and_forward(request, user, reverse('user_authsettings', kwargs={'id': user.id}), _( "You are logged in with a temporary access key, please take the time to fix your issue with authentication." @@ -268,13 +275,15 @@ def send_validation_email(request): if not request.user.is_authenticated(): return HttpResponseUnauthorized(request) else: + # We check if there are some old validation hashes. If there are -- we delete them. try: hash = ValidationHash.objects.get(user=request.user, type='email') - if hash.expiration < datetime.datetime.now(): - hash.delete() - return send_validation_email(request) + hash.delete() except: - hash = ValidationHash.objects.create_new(request.user, 'email', [request.user.email]) + pass + + # We don't care if there are previous cashes in the database... In every case we have to create a new one + hash = ValidationHash.objects.create_new(request.user, 'email', [request.user.email]) send_template_email([request.user], "auth/mail_validation.html", {'validation_code': hash}) request.user.message_set.create(message=_("A message with an email validation link was just sent to your address.")) @@ -290,9 +299,8 @@ def validate_email(request, user, code): user.save() return login_and_forward(request, user, reverse('index'), _("Thank you, your email is now validated.")) else: - raise Http404() + return render_to_response('auth/mail_already_validated.html', { 'user' : user }, RequestContext(request)) -@login_required def auth_settings(request, id): user_ = get_object_or_404(User, id=id) @@ -371,14 +379,14 @@ def login_and_forward(request, user, forward=None, message=None): request.user.message_set.create(message=message) if not forward: - forward = request.session.get('on_signin_url', reverse('index')) - - pending_data = request.session.get('pending_submission_data', None) + forward = request.session.get(ON_SIGNIN_SESSION_ATTR, reverse('index')) + + pending_data = request.session.get(PENDING_SUBMISSION_SESSION_ATTR, None) if pending_data and (user.email_isvalid or pending_data['type'] not in settings.REQUIRE_EMAIL_VALIDATION_TO): submission_time = pending_data['time'] if submission_time < datetime.datetime.now() - datetime.timedelta(minutes=int(settings.HOLD_PENDING_POSTS_MINUTES)): - del request.session['pending_submission_data'] + del request.session[PENDING_SUBMISSION_SESSION_ATTR] elif submission_time < datetime.datetime.now() - datetime.timedelta(minutes=int(settings.WARN_PENDING_POSTS_MINUTES)): user.message_set.create(message=(_("You have a %s pending submission.") % pending_data['data_name']) + " %s, %s, %s" % ( html.hyperlink(reverse('manage_pending_data', kwargs={'action': _('save')}), _("save it")), @@ -404,7 +412,7 @@ def forward_suspended_user(request, user, show_private_msg=True): request.user.message_set.create(message) return HttpResponseRedirect(reverse('index')) -@login_required +@decorate.withfn(login_required) def signout(request): logout(request) - return HttpResponseRedirect(reverse('index')) \ No newline at end of file + return HttpResponseRedirect(reverse('index'))