X-Git-Url: https://git.openstreetmap.org./osqa.git/blobdiff_plain/f1defc59ca7a7b15e17e8a59c72a726ae937d8e5..a7918118f11ba4e856d06307f20aba6057552e07:/forum/views/auth.py diff --git a/forum/views/auth.py b/forum/views/auth.py index c64aa1d..00b67dc 100644 --- a/forum/views/auth.py +++ b/forum/views/auth.py @@ -2,6 +2,8 @@ import datetime import logging +import urllib +from urlparse import urlparse from django.shortcuts import render_to_response, get_object_or_404 from django.template import RequestContext @@ -12,8 +14,11 @@ from django.utils.translation import ugettext as _ from django.utils.encoding import smart_unicode from django.contrib.auth import login, logout +from django.contrib import messages + from writers import manage_pending_data +from forum.actions import EmailValidationAction from forum.utils import html from forum.views.decorators import login_required from forum.modules import decorate @@ -23,7 +28,7 @@ from forum.utils.mail import send_template_email from forum.authentication.base import InvalidAuthentication from forum.authentication import AUTH_PROVIDERS from forum.models import User, AuthKeyUserAssociation, ValidationHash -from forum.actions import UserJoinsAction +from forum.actions import UserJoinsAction, UserLoginAction from forum import settings from vars import ON_SIGNIN_SESSION_ATTR, PENDING_SUBMISSION_SESSION_ATTR @@ -84,7 +89,7 @@ def prepare_provider_signin(request, provider): try: request_url = provider_class.prepare_authentication_request(request, - reverse('auth_provider_done', + reverse('auth_provider_done', prefix='/', kwargs={'provider': provider})) return HttpResponseRedirect(request_url) @@ -129,8 +134,7 @@ def process_provider_signin(request, provider): except: uassoc = AuthKeyUserAssociation(user=request.user, key=assoc_key, provider=provider) uassoc.save() - request.user.message_set.create( - message=_('The new credentials are now associated with your account')) + messages.info(request, _('The new credentials are now associated with your account')) return HttpResponseRedirect(reverse('user_authsettings', args=[request.user.id])) return HttpResponseRedirect(reverse('auth_signin')) @@ -154,7 +158,7 @@ def external_register(request): form1 = SimpleRegistrationForm(request.POST) if form1.is_valid(): - user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email']) + user_ = User(username=form1.cleaned_data['username'], email=form1.cleaned_data['email'], real_name=form1.cleaned_data['real_name']) user_.email_isvalid = request.session.get('auth_validated_email', '') == form1.cleaned_data['email'] user_.set_unusable_password() @@ -194,17 +198,18 @@ def external_register(request): provider_class = AUTH_PROVIDERS[auth_provider].consumer - # Pass the cookies to the Facebook authentication class get_user_data method. We need them to take the access token. if provider_class.__class__.__name__ == 'FacebookAuthConsumer': - user_data = provider_class.get_user_data(request.COOKIES) + user_data = provider_class.get_user_data(request.session['access_token']) else: user_data = provider_class.get_user_data(request.session['assoc_key']) + if not user_data: user_data = request.session.get('auth_consumer_data', {}) username = user_data.get('username', '') email = user_data.get('email', '') + real_name = user_data.get('real_name', '') if email: request.session['auth_validated_email'] = email @@ -213,6 +218,7 @@ def external_register(request): 'next': '/', 'username': username, 'email': email, + 'real_name': real_name, }) provider_context = AUTH_PROVIDERS[request.session['auth_provider']].context @@ -246,7 +252,7 @@ def request_temp_login(request): send_template_email([u], "auth/temp_login_email.html", {'temp_login_code': hash}) - request.user.message_set.create(message=_("An email has been sent with your temporary login key")) + messages.info(request, _("An email has been sent with your temporary login key")) return HttpResponseRedirect(reverse('index')) else: @@ -286,8 +292,13 @@ def send_validation_email(request): # We don't care if there are previous cashes in the database... In every case we have to create a new one hash = ValidationHash.objects.create_new(request.user, 'email', [request.user.email]) - send_template_email([request.user], "auth/mail_validation.html", {'validation_code': hash}) - request.user.message_set.create(message=_("A message with an email validation link was just sent to your address.")) + additional_get_params = urllib.urlencode(dict([k, v.encode('utf-8')] for k, v in request.GET.items())) + send_template_email([request.user], "auth/mail_validation.html", { + 'validation_code': hash, + 'additional_get_params' : additional_get_params + }) + + messages.info(request, _("A message with an email validation link was just sent to your address.")) return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/')) @@ -296,8 +307,7 @@ def validate_email(request, user, code): user = get_object_or_404(User, id=user) if (ValidationHash.objects.validate(code, user, 'email', [user.email])): - user.email_isvalid = True - user.save() + EmailValidationAction(user=user, ip=request.META['REMOTE_ADDR']).save() return login_and_forward(request, user, reverse('index'), _("Thank you, your email is now validated.")) else: return render_to_response('auth/mail_already_validated.html', { 'user' : user }, RequestContext(request)) @@ -323,11 +333,11 @@ def auth_settings(request, id): user_.save() if is_new_pass: - request.user.message_set.create(message=_("New password set")) + messages.info(request, _("New password set")) if not request.user.is_superuser: form = ChangePasswordForm(user=user_) else: - request.user.message_set.create(message=_("Your password was changed")) + messages.info(request, _("Your password was changed")) return HttpResponseRedirect(reverse('user_authsettings', kwargs={'id': user_.id})) else: @@ -363,7 +373,7 @@ def remove_external_provider(request, id): if not (request.user.is_superuser or request.user == association.user): return HttpResponseUnauthorized(request) - request.user.message_set.create(message=_("You removed the association with %s") % association.provider) + messages.info(request, _("You removed the association with %s") % association.provider) association.delete() return HttpResponseRedirect(reverse('user_authsettings', kwargs={'id': association.user.id})) @@ -374,10 +384,13 @@ def login_and_forward(request, user, forward=None, message=None): user.backend = "django.contrib.auth.backends.ModelBackend" login(request, user) + # Store the login action + UserLoginAction(user=user, ip=request.META['REMOTE_ADDR']).save() + if message is None: message = _("Welcome back %s, you are now logged in") % smart_unicode(user.username) - request.user.message_set.create(message=message) + messages.info(request, message) if not forward: forward = request.session.get(ON_SIGNIN_SESSION_ATTR, reverse('index')) @@ -389,7 +402,7 @@ def login_and_forward(request, user, forward=None, message=None): if submission_time < datetime.datetime.now() - datetime.timedelta(minutes=int(settings.HOLD_PENDING_POSTS_MINUTES)): del request.session[PENDING_SUBMISSION_SESSION_ATTR] elif submission_time < datetime.datetime.now() - datetime.timedelta(minutes=int(settings.WARN_PENDING_POSTS_MINUTES)): - user.message_set.create(message=(_("You have a %s pending submission.") % pending_data['data_name']) + " %s, %s, %s" % ( + messages.info(request, (_("You have a %s pending submission.") % pending_data['data_name']) + " %s, %s, %s" % ( html.hyperlink(reverse('manage_pending_data', kwargs={'action': _('save')}), _("save it")), html.hyperlink(reverse('manage_pending_data', kwargs={'action': _('review')}), _("review")), html.hyperlink(reverse('manage_pending_data', kwargs={'action': _('cancel')}), _("cancel")) @@ -397,7 +410,17 @@ def login_and_forward(request, user, forward=None, message=None): else: return manage_pending_data(request, _('save'), forward) - return HttpResponseRedirect(forward) + additional_get_params = urllib.urlencode(dict([k, v.encode('utf-8')] for k, v in request.GET.items())) + + parsed_forward = urlparse(forward) + + # If there is already some parsed query in the URL then change the forward URL + if parsed_forward.query: + forward_url = forward + "&%s" % additional_get_params + else: + forward_url = forward + "?%s" % additional_get_params + + return HttpResponseRedirect(forward_url) def forward_suspended_user(request, user, show_private_msg=True): message = _("Sorry, but this account is suspended") @@ -410,7 +433,7 @@ def forward_suspended_user(request, user, show_private_msg=True): if suspension: message += (":
" + suspension.extra.get(msg_type, '')) - request.user.message_set.create(message) + messages.info(request, message) return HttpResponseRedirect(reverse('index')) @decorate.withfn(login_required)