X-Git-Url: https://git.openstreetmap.org./osqa.git/blobdiff_plain/d7a18910f5d471a3fa37f3a1cf202fa5302ac25f..786e1bae7fc276a0c49c4aeb98646a9ba8935c77:/forum/views/auth.py diff --git a/forum/views/auth.py b/forum/views/auth.py index 26ce783..ddc5e95 100644 --- a/forum/views/auth.py +++ b/forum/views/auth.py @@ -7,14 +7,15 @@ from django.utils.safestring import mark_safe from django.utils.translation import ugettext as _ from django.utils.http import urlquote_plus from django.contrib.auth.decorators import login_required -from django.contrib.auth import login, logout +from django.contrib.auth import login, logout from django.http import get_host import types import datetime +import logging -from forum.authentication.forms import SimpleRegistrationForm, SimpleEmailSubscribeForm, \ +from forum.forms import SimpleRegistrationForm, SimpleEmailSubscribeForm, \ TemporaryLoginRequestForm, ChangePasswordForm, SetPasswordForm -from forum.utils.mail import send_email +from forum.utils.mail import send_email, send_template_email from forum.authentication.base import InvalidAuthentication from forum.authentication import AUTH_PROVIDERS @@ -35,19 +36,19 @@ def signin_page(request, action=None): can_show = lambda c: not request.user.is_authenticated() or c.show_to_logged_in_user bigicon_providers = sorted([ - context for context in all_providers if context.mode == 'BIGICON' and can_show(context) + context for context in all_providers if context.mode == 'BIGICON' and can_show(context) ], sort) smallicon_providers = sorted([ - context for context in all_providers if context.mode == 'SMALLICON' and can_show(context) + context for context in all_providers if context.mode == 'SMALLICON' and can_show(context) ], sort) top_stackitem_providers = sorted([ - context for context in all_providers if context.mode == 'TOP_STACK_ITEM' and can_show(context) + context for context in all_providers if context.mode == 'TOP_STACK_ITEM' and can_show(context) ], sort) stackitem_providers = sorted([ - context for context in all_providers if context.mode == 'STACK_ITEM' and can_show(context) + context for context in all_providers if context.mode == 'STACK_ITEM' and can_show(context) ], sort) try: @@ -59,25 +60,26 @@ def signin_page(request, action=None): return render_to_response( 'auth/signin.html', { - 'msg': msg, - 'all_providers': all_providers, - 'bigicon_providers': bigicon_providers, - 'top_stackitem_providers': top_stackitem_providers, - 'stackitem_providers': stackitem_providers, - 'smallicon_providers': smallicon_providers, + 'msg': msg, + 'all_providers': all_providers, + 'bigicon_providers': bigicon_providers, + 'top_stackitem_providers': top_stackitem_providers, + 'stackitem_providers': stackitem_providers, + 'smallicon_providers': smallicon_providers, }, RequestContext(request)) def prepare_provider_signin(request, provider): force_email_request = request.REQUEST.get('validate_email', 'yes') == 'yes' request.session['force_email_request'] = force_email_request - + if provider in AUTH_PROVIDERS: provider_class = AUTH_PROVIDERS[provider].consumer try: request_url = provider_class.prepare_authentication_request(request, - reverse('auth_provider_done', kwargs={'provider': provider})) + reverse('auth_provider_done', + kwargs={'provider': provider})) return HttpResponseRedirect(request_url) except NotImplementedError, e: @@ -103,26 +105,32 @@ def process_provider_signin(request, provider): if request.user.is_authenticated(): if isinstance(assoc_key, (type, User)): if request.user != assoc_key: - request.session['auth_error'] = _("Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again.") + request.session['auth_error'] = _( + "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." + ) else: request.session['auth_error'] = _("You are already logged in with that user.") else: try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) if assoc.user == request.user: - request.session['auth_error'] = _("These login credentials are already associated with your account.") + request.session['auth_error'] = _( + "These login credentials are already associated with your account.") else: - request.session['auth_error'] = _("Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again.") + request.session['auth_error'] = _( + "Sorry, these login credentials belong to anoother user. Plese terminate your current session and try again." + ) except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() - request.user.message_set.create(message=_('The new credentials are now associated with your account')) + request.user.message_set.create( + message=_('The new credentials are now associated with your account')) return HttpResponseRedirect(reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) else: if isinstance(assoc_key, User): - return login_and_forward(request, assoc_key) + return login_and_forward(request, assoc_key) try: assoc = AuthKeyUserAssociation.objects.get(key=assoc_key) @@ -148,19 +156,19 @@ def external_register(request): if User.objects.all().count() == 0: user_.is_superuser = True user_.is_staff = True - + user_.save() UserJoinsAction(user=user_, ip=request.META['REMOTE_ADDR']).save() - if not user_.email_isvalid: - send_validation_email(user_) - try: assoc_key = request.session['assoc_key'] auth_provider = request.session['auth_provider'] except: - request.session['auth_error'] = _("Oops, something went wrong in the middle of this process. Please try again.") - return HttpResponseRedirect(request.session.get('on_signin_url', reverse('auth_signin'))) + request.session['auth_error'] = _( + "Oops, something went wrong in the middle of this process. Please try again.") + logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( + ["%s: %s" % (k, v) for k, v in request.META.items()])) + return HttpResponseRedirect(reverse('auth_signin')) uassoc = AuthKeyUserAssociation(user=user_, key=assoc_key, provider=auth_provider) uassoc.save() @@ -172,9 +180,17 @@ def external_register(request): del request.session['assoc_key'] del request.session['auth_provider'] - return login_and_forward(request, user_) + return login_and_forward(request, user_, message=_("A welcome email has been sent to your email address. ")) else: - provider_class = AUTH_PROVIDERS[request.session['auth_provider']].consumer + auth_provider = request.session.get('auth_provider', None) + if not auth_provider: + request.session['auth_error'] = _( + "Oops, something went wrong in the middle of this process. Please try again.") + logging.error("Missing session data when trying to complete user registration: %s" % ", ".join( + ["%s: %s" % (k, v) for k, v in request.META.items()])) + return HttpResponseRedirect(reverse('auth_signin')) + + provider_class = AUTH_PROVIDERS[auth_provider].consumer user_data = provider_class.get_user_data(request.session['assoc_key']) if not user_data: @@ -187,20 +203,20 @@ def external_register(request): request.session['auth_validated_email'] = email form1 = SimpleRegistrationForm(initial={ - 'next': '/', - 'username': username, - 'email': email, + 'next': '/', + 'username': username, + 'email': email, }) email_feeds_form = SimpleEmailSubscribeForm() provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context return render_to_response('auth/complete.html', { - 'form1': form1, - 'email_feeds_form': email_feeds_form, - 'provider':mark_safe(provider_context.human_name), - 'login_type':provider_context.id, - 'gravatar_faq_url':reverse('faq') + '#gravatar', + 'form1': form1, + 'email_feeds_form': email_feeds_form, + 'provider':mark_safe(provider_context.human_name), + 'login_type':provider_context.id, + 'gravatar_faq_url':reverse('faq') + '#gravatar', }, context_instance=RequestContext(request)) def request_temp_login(request): @@ -218,10 +234,7 @@ def request_temp_login(request): except: hash = ValidationHash.objects.create_new(user, 'templogin', [user.id]) - send_email(_("Temporary login link"), [(user.username, user.email)], "auth/temp_login_email.html", { - 'temp_login_code': hash, - 'user': user - }) + send_template_email([user], "auth/temp_login_email.html", {'temp_login_code': hash}) request.user.message_set.create(message=_("An email has been sent with your temporary login key")) @@ -230,32 +243,27 @@ def request_temp_login(request): form = TemporaryLoginRequestForm() return render_to_response( - 'auth/temp_login_request.html', {'form': form}, + 'auth/temp_login_request.html', {'form': form}, context_instance=RequestContext(request)) def temp_signin(request, user, code): user = get_object_or_404(User, id=user) if (ValidationHash.objects.validate(code, user, 'templogin', [user.id])): - return login_and_forward(request, user, reverse('user_authsettings', kwargs={'id': user.id}), - _("You are logged in with a temporary access key, please take the time to fix your issue with authentication.")) + return login_and_forward(request, user, reverse('user_authsettings', kwargs={'id': user.id}), + _( + "You are logged in with a temporary access key, please take the time to fix your issue with authentication." + )) else: raise Http404() -def send_validation_email(user): - hash = ValidationHash.objects.create_new(user, 'email', [user.email]) - send_email(_("Email Validation"), [(user.username, user.email)], "auth/email_validation.html", { - 'validation_code': hash, - 'user': user - }) - def validate_email(request, user, code): user = get_object_or_404(User, id=user) if (ValidationHash.objects.validate(code, user, 'email', [user.email])): user.email_isvalid = True user.save() - return login_and_forward(request, user, None, _("Thank you, your email is now validated.")) + return login_and_forward(request, user, None, _("Thank you, your email is now validated.")) else: raise Http404() @@ -268,25 +276,28 @@ def auth_settings(request, id): auth_keys = user_.auth_keys.all() - if user_.has_usable_password(): - FormClass = ChangePasswordForm - else: + if request.user.is_superuser or (not user_.has_usable_password()): FormClass = SetPasswordForm + else: + FormClass = ChangePasswordForm if request.POST: form = FormClass(request.POST, user=user_) if form.is_valid(): - if user_.has_usable_password(): - request.user.message_set.create(message=_("Your password was changed")) - else: - request.user.message_set.create(message=_("New password set")) - FormClass = ChangePasswordForm - + is_new_pass = not user_.has_usable_password() user_.set_password(form.cleaned_data['password1']) user_.save() + + if is_new_pass: + request.user.message_set.create(message=_("New password set")) + if not request.user.is_superuser: + form = ChangePasswordForm(user=user_) + else: + request.user.message_set.create(message=_("Your password was changed")) + return HttpResponseRedirect(reverse('user_authsettings', kwargs={'id': user_.id})) - - form = FormClass(user=user_) + else: + form = FormClass(user=user_) auth_keys_list = [] @@ -300,16 +311,16 @@ def auth_settings(request, id): "unknown: %s" % ConsumerTemplateContext.readable_key(k) auth_keys_list.append({ - 'name': name, - 'id': k.id + 'name': name, + 'id': k.id }) return render_to_response('auth/auth_settings.html', { - 'view_user': user_, - "can_view_private": (user_ == request.user) or request.user.is_superuser, - 'form': form, - 'has_password': user_.has_usable_password(), - 'auth_keys': auth_keys_list, + 'view_user': user_, + "can_view_private": (user_ == request.user) or request.user.is_superuser, + 'form': form, + 'has_password': user_.has_usable_password(), + 'auth_keys': auth_keys_list, }, context_instance=RequestContext(request)) def remove_external_provider(request, id): @@ -330,14 +341,14 @@ def newanswer_signin_action(user): return answer.get_absolute_url() POST_SIGNIN_ACTIONS = { - 'newquestion': newquestion_signin_action, - 'newanswer': newanswer_signin_action, +'newquestion': newquestion_signin_action, +'newanswer': newanswer_signin_action, } -def login_and_forward(request, user, forward=None, message=None): +def login_and_forward(request, user, forward=None, message=None): old_session = request.session.session_key user.backend = "django.contrib.auth.backends.ModelBackend" - login(request, user) + login(request, user) temp_data = request.session.pop('temp_node_data', None) if temp_data: