Revision c8d89a3c
b/snf-astakos-app/astakos/im/target/__init__.py | ||
---|---|---|
38 | 38 |
from django.http import HttpResponseRedirect |
39 | 39 |
from django.core.urlresolvers import reverse |
40 | 40 |
|
41 |
from astakos.im.models import PendingThirdPartyUser |
|
42 |
from astakos.im.util import get_query |
|
41 |
from astakos.im.models import PendingThirdPartyUser, AstakosUser
|
|
42 |
from astakos.im.util import get_query, login_url
|
|
43 | 43 |
from astakos.im import messages as astakos_messages |
44 | 44 |
from astakos.im import auth_providers |
45 | 45 |
from astakos.im.util import prepare_response, get_context |
... | ... | |
47 | 47 |
|
48 | 48 |
|
49 | 49 |
def add_pending_auth_provider(request, third_party_token): |
50 |
|
|
51 | 50 |
if third_party_token: |
52 | 51 |
# use requests to assign the account he just authenticated with with |
53 | 52 |
# a third party provider account |
... | ... | |
59 | 58 |
|
60 | 59 |
|
61 | 60 |
def get_pending_key(request): |
62 |
|
|
63 | 61 |
third_party_token = get_query(request).get('key', False) |
64 | 62 |
if not third_party_token: |
65 | 63 |
third_party_token = request.session.get('pending_key', None) |
... | ... | |
85 | 83 |
_(astakos_messages.AUTH_PROVIDER_INVALID_LOGIN)) |
86 | 84 |
return HttpResponseRedirect(reverse('login')) |
87 | 85 |
|
88 |
# eppn not stored in astakos models, create pending profile
|
|
86 |
# identifier not stored in astakos models, create pending profile
|
|
89 | 87 |
user, created = PendingThirdPartyUser.objects.get_or_create( |
90 | 88 |
third_party_identifier=userid, |
91 | 89 |
provider=provider_module, |
... | ... | |
114 | 112 |
#context_instance=get_context(request, extra_context) |
115 | 113 |
#) |
116 | 114 |
|
115 |
|
|
116 |
|
|
117 |
def handle_third_party_login(request, provider_module, identifier, |
|
118 |
third_party_key=None, provider_info=None, |
|
119 |
affiliation=None): |
|
120 |
|
|
121 |
if not provider_info: |
|
122 |
provider_info = {} |
|
123 |
|
|
124 |
if not affiliation: |
|
125 |
affiliation = provider_module.title() |
|
126 |
|
|
127 |
if not third_party_key: |
|
128 |
third_party_key = get_pending_key(request) |
|
129 |
|
|
130 |
next_redirect = request.GET.get('next', request.session.get('next_url', None)) |
|
131 |
if 'next_url' in request.session: |
|
132 |
del request.session['next_url'] |
|
133 |
|
|
134 |
# an existing user accessed the view |
|
135 |
if request.user.is_authenticated(): |
|
136 |
|
|
137 |
if request.user.has_auth_provider(provider_module, identifier=identifier): |
|
138 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
139 |
|
|
140 |
# automatically add identifier provider to user |
|
141 |
user = request.user |
|
142 |
if not request.user.can_add_auth_provider(provider_module, |
|
143 |
identifier=identifier): |
|
144 |
# TODO: handle existing uuid message separately |
|
145 |
messages.error(request, _(astakos_messages.AUTH_PROVIDER_ADD_FAILED) + |
|
146 |
u' ' + _(astakos_messages.AUTH_PROVIDER_ADD_EXISTS)) |
|
147 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
148 |
|
|
149 |
user.add_auth_provider(provider_module, identifier=identifier, |
|
150 |
affiliation=affiliation, |
|
151 |
provider_info=provider_info) |
|
152 |
messages.success(request, astakos_messages.AUTH_PROVIDER_ADDED) |
|
153 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
154 |
|
|
155 |
# astakos user exists ? |
|
156 |
user = AstakosUser.objects.get_auth_provider_user( |
|
157 |
provider_module, |
|
158 |
identifier=identifier |
|
159 |
) |
|
160 |
if user.is_active: |
|
161 |
# authenticate user |
|
162 |
response = prepare_response(request, |
|
163 |
user, |
|
164 |
next_redirect, |
|
165 |
'renew' in request.GET) |
|
166 |
provider = auth_providers.get_provider(provider_module) |
|
167 |
messages.success(request, _(astakos_messages.LOGIN_SUCCESS) % |
|
168 |
_(provider.get_login_message_display)) |
|
169 |
add_pending_auth_provider(request, third_party_key) |
|
170 |
response.set_cookie('astakos_last_login_method', provider_module) |
|
171 |
return response |
|
172 |
else: |
|
173 |
message = user.get_inactive_message() |
|
174 |
messages.error(request, message) |
|
175 |
return HttpResponseRedirect(login_url(request)) |
|
176 |
|
b/snf-astakos-app/astakos/im/target/google.py | ||
---|---|---|
55 | 55 |
from astakos.im import settings |
56 | 56 |
from astakos.im import auth_providers |
57 | 57 |
from astakos.im.target import add_pending_auth_provider, get_pending_key, \ |
58 |
handle_third_party_signup |
|
58 |
handle_third_party_signup, handle_third_party_login
|
|
59 | 59 |
|
60 | 60 |
import logging |
61 | 61 |
import time |
... | ... | |
156 | 156 |
provider_info = access_token_data |
157 | 157 |
affiliation = 'Google.com' |
158 | 158 |
|
159 |
third_party_key = get_pending_key(request) |
|
160 |
|
|
161 |
# an existing user accessed the view |
|
162 |
if request.user.is_authenticated(): |
|
163 |
if request.user.has_auth_provider('google', identifier=userid): |
|
164 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
165 |
|
|
166 |
# automatically add eppn provider to user |
|
167 |
user = request.user |
|
168 |
if not request.user.can_add_auth_provider('google', |
|
169 |
identifier=userid): |
|
170 |
# TODO: handle existing uuid message separately |
|
171 |
messages.error(request, _(astakos_messages.AUTH_PROVIDER_ADD_FAILED) + |
|
172 |
u' ' + _(astakos_messages.AUTH_PROVIDER_ADD_EXISTS)) |
|
173 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
174 |
|
|
175 |
user.add_auth_provider('google', identifier=userid, |
|
176 |
affiliation=affiliation, |
|
177 |
provider_info=provider_info) |
|
178 |
messages.success(request, astakos_messages.AUTH_PROVIDER_ADDED) |
|
179 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
180 |
|
|
181 | 159 |
try: |
182 |
# astakos user exists ? |
|
183 |
user = AstakosUser.objects.get_auth_provider_user( |
|
184 |
'google', |
|
185 |
identifier=userid |
|
186 |
) |
|
187 |
if user.is_active: |
|
188 |
# authenticate user |
|
189 |
response = prepare_response(request, |
|
190 |
user, |
|
191 |
next_url, |
|
192 |
'renew' in request.GET) |
|
193 |
|
|
194 |
provider = auth_providers.get_provider('google') |
|
195 |
messages.success(request, _(astakos_messages.LOGIN_SUCCESS) % |
|
196 |
_(provider.get_login_message_display)) |
|
197 |
add_pending_auth_provider(request, third_party_key) |
|
198 |
response.set_cookie('astakos_last_login_method', 'google') |
|
199 |
return response |
|
200 |
else: |
|
201 |
message = user.get_inactive_message() |
|
202 |
messages.error(request, message) |
|
203 |
return HttpResponseRedirect(login_url(request)) |
|
204 |
|
|
160 |
return handle_third_party_login(request, 'google', userid, |
|
161 |
provider_info, affiliation) |
|
205 | 162 |
except AstakosUser.DoesNotExist, e: |
163 |
third_party_key = get_pending_key(request) |
|
206 | 164 |
user_info = {'affiliation': affiliation} |
207 | 165 |
return handle_third_party_signup(request, userid, 'google', |
208 | 166 |
third_party_key, |
b/snf-astakos-app/astakos/im/target/linkedin.py | ||
---|---|---|
55 | 55 |
from astakos.im import settings |
56 | 56 |
from astakos.im import auth_providers |
57 | 57 |
from astakos.im.target import add_pending_auth_provider, get_pending_key, \ |
58 |
handle_third_party_signup |
|
58 |
handle_third_party_signup, handle_third_party_login
|
|
59 | 59 |
|
60 | 60 |
import astakos.im.messages as astakos_messages |
61 | 61 |
|
... | ... | |
149 | 149 |
provider_info = profile_data |
150 | 150 |
affiliation = 'LinkedIn.com' |
151 | 151 |
|
152 |
third_party_key = get_pending_key(request) |
|
153 |
|
|
154 |
# an existing user accessed the view |
|
155 |
if request.user.is_authenticated(): |
|
156 |
if request.user.has_auth_provider('linkedin', identifier=userid): |
|
157 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
158 |
|
|
159 |
# automatically add eppn provider to user |
|
160 |
user = request.user |
|
161 |
if not request.user.can_add_auth_provider('linkedin', |
|
162 |
identifier=userid): |
|
163 |
# TODO: handle existing uuid message separately |
|
164 |
messages.error(request, _(astakos_messages.AUTH_PROVIDER_ADD_FAILED) + |
|
165 |
u' ' + _(astakos_messages.AUTH_PROVIDER_ADD_EXISTS)) |
|
166 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
167 |
|
|
168 |
user.add_auth_provider('linkedin', identifier=userid, |
|
169 |
affiliation=affiliation, |
|
170 |
provider_info=provider_info) |
|
171 |
messages.success(request, astakos_messages.AUTH_PROVIDER_ADDED) |
|
172 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
173 | 152 |
|
174 | 153 |
try: |
175 |
# astakos user exists ? |
|
176 |
user = AstakosUser.objects.get_auth_provider_user( |
|
177 |
'linkedin', |
|
178 |
identifier=userid |
|
179 |
) |
|
180 |
if user.is_active: |
|
181 |
# authenticate user |
|
182 |
response = prepare_response(request, |
|
183 |
user, |
|
184 |
next_url, |
|
185 |
'renew' in request.GET) |
|
186 |
provider = auth_providers.get_provider('linkedin') |
|
187 |
messages.success(request, _(astakos_messages.LOGIN_SUCCESS) % |
|
188 |
_(provider.get_login_message_display)) |
|
189 |
add_pending_auth_provider(request, third_party_key) |
|
190 |
response.set_cookie('astakos_last_login_method', 'linkedin') |
|
191 |
return response |
|
192 |
else: |
|
193 |
message = user.get_inactive_message() |
|
194 |
messages.error(request, message) |
|
195 |
return HttpResponseRedirect(login_url(request)) |
|
196 |
|
|
154 |
return handle_third_party_login(request, 'linkedin', userid, |
|
155 |
provider_info, affiliation) |
|
197 | 156 |
except AstakosUser.DoesNotExist, e: |
157 |
third_party_key = get_pending_key(request) |
|
198 | 158 |
user_info = {'affiliation': affiliation, 'realname': realname} |
199 | 159 |
return handle_third_party_signup(request, userid, 'linkedin', |
200 | 160 |
third_party_key, |
b/snf-astakos-app/astakos/im/target/shibboleth.py | ||
---|---|---|
55 | 55 |
from astakos.im import auth_providers |
56 | 56 |
from astakos.im import settings |
57 | 57 |
from astakos.im.target import add_pending_auth_provider, get_pending_key, \ |
58 |
handle_third_party_signup |
|
58 |
handle_third_party_signup, handle_third_party_login
|
|
59 | 59 |
|
60 | 60 |
import astakos.im.messages as astakos_messages |
61 | 61 |
import logging |
... | ... | |
118 | 118 |
provider_info = {'eppn': eppn, 'email': email, 'name': realname} |
119 | 119 |
userid = eppn |
120 | 120 |
|
121 |
# an existing user accessed the view |
|
122 |
if request.user.is_authenticated(): |
|
123 |
|
|
124 |
if request.user.has_auth_provider('shibboleth', identifier=eppn): |
|
125 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
126 |
|
|
127 |
# automatically add eppn provider to user |
|
128 |
user = request.user |
|
129 |
if not request.user.can_add_auth_provider('shibboleth', |
|
130 |
identifier=eppn): |
|
131 |
# TODO: handle existing uuid message separately |
|
132 |
messages.error(request, _(astakos_messages.AUTH_PROVIDER_ADD_FAILED) + |
|
133 |
u' ' + _(astakos_messages.AUTH_PROVIDER_ADD_EXISTS)) |
|
134 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
135 |
|
|
136 |
user.add_auth_provider('shibboleth', identifier=eppn, |
|
137 |
affiliation=affiliation, |
|
138 |
provider_info=provider_info) |
|
139 |
messages.success(request, astakos_messages.AUTH_PROVIDER_ADDED) |
|
140 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
141 |
|
|
142 | 121 |
try: |
143 |
# astakos user exists ? |
|
144 |
user = AstakosUser.objects.get_auth_provider_user( |
|
145 |
'shibboleth', |
|
146 |
identifier=eppn |
|
147 |
) |
|
148 |
if user.is_active: |
|
149 |
|
|
150 |
# authenticate user |
|
151 |
response = prepare_response(request, |
|
152 |
user, |
|
153 |
request.GET.get('next'), |
|
154 |
'renew' in request.GET) |
|
155 |
provider = auth_providers.get_provider('shibboleth') |
|
156 |
messages.success(request, _(astakos_messages.LOGIN_SUCCESS) % |
|
157 |
_(provider.get_login_message_display)) |
|
158 |
add_pending_auth_provider(request, third_party_key) |
|
159 |
response.set_cookie('astakos_last_login_method', 'local') |
|
160 |
return response |
|
161 |
else: |
|
162 |
message = user.get_inactive_message() |
|
163 |
messages.error(request, message) |
|
164 |
return HttpResponseRedirect(login_url(request)) |
|
165 |
|
|
122 |
return handle_third_party_login(request, 'shibboleth', |
|
123 |
eppn, provider_info, |
|
124 |
affiliation, third_party_key) |
|
166 | 125 |
except AstakosUser.DoesNotExist, e: |
126 |
third_party_key = get_pending_key(request) |
|
167 | 127 |
user_info = {'affiliation': affiliation, 'realname': realname} |
168 | 128 |
return handle_third_party_signup(request, userid, 'shibboleth', |
169 | 129 |
third_party_key, |
b/snf-astakos-app/astakos/im/target/twitter.py | ||
---|---|---|
32 | 32 |
# or implied, of GRNET S.A. |
33 | 33 |
|
34 | 34 |
import json |
35 |
import logging |
|
35 | 36 |
|
36 | 37 |
from django.http import HttpResponseBadRequest |
37 | 38 |
from django.utils.translation import ugettext as _ |
... | ... | |
55 | 56 |
from astakos.im import settings |
56 | 57 |
from astakos.im import auth_providers |
57 | 58 |
from astakos.im.target import add_pending_auth_provider, get_pending_key, \ |
58 |
handle_third_party_signup |
|
59 |
handle_third_party_signup, handle_third_party_login
|
|
59 | 60 |
|
60 | 61 |
import astakos.im.messages as astakos_messages |
61 | 62 |
|
62 |
import logging |
|
63 | 63 |
|
64 | 64 |
logger = logging.getLogger(__name__) |
65 | 65 |
|
... | ... | |
140 | 140 |
provider_info = {'screen_name': username} |
141 | 141 |
affiliation = 'Twitter.com' |
142 | 142 |
|
143 |
third_party_key = get_pending_key(request) |
|
144 |
|
|
145 |
# an existing user accessed the view |
|
146 |
if request.user.is_authenticated(): |
|
147 |
if request.user.has_auth_provider('twitter', identifier=userid): |
|
148 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
149 |
|
|
150 |
# automatically add eppn provider to user |
|
151 |
user = request.user |
|
152 |
if not request.user.can_add_auth_provider('twitter', |
|
153 |
identifier=userid): |
|
154 |
# TODO: handle existing uuid message separately |
|
155 |
messages.error(request, _(astakos_messages.AUTH_PROVIDER_ADD_FAILED) + |
|
156 |
u' ' + _(astakos_messages.AUTH_PROVIDER_ADD_EXISTS)) |
|
157 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
158 |
|
|
159 |
user.add_auth_provider('twitter', identifier=userid, |
|
160 |
affiliation=affiliation, |
|
161 |
provider_info=provider_info) |
|
162 |
messages.success(request, astakos_messages.AUTH_PROVIDER_ADDED) |
|
163 |
return HttpResponseRedirect(reverse('edit_profile')) |
|
164 | 143 |
|
165 | 144 |
try: |
166 |
# astakos user exists ? |
|
167 |
user = AstakosUser.objects.get_auth_provider_user( |
|
168 |
'twitter', |
|
169 |
identifier=userid |
|
170 |
) |
|
171 |
if user.is_active: |
|
172 |
# authenticate user |
|
173 |
response = prepare_response(request, |
|
174 |
user, |
|
175 |
next_url, |
|
176 |
'renew' in request.GET) |
|
177 |
provider = auth_providers.get_provider('twitter') |
|
178 |
messages.success(request, _(astakos_messages.LOGIN_SUCCESS) % |
|
179 |
_(provider.get_login_message_display)) |
|
180 |
add_pending_auth_provider(request, third_party_key) |
|
181 |
response.set_cookie('astakos_last_login_method', 'twitter') |
|
182 |
return response |
|
183 |
else: |
|
184 |
message = user.get_inactive_message() |
|
185 |
messages.error(request, message) |
|
186 |
return HttpResponseRedirect(login_url(request)) |
|
187 |
|
|
145 |
return handle_third_party_login(request, 'google', userid, |
|
146 |
provider_info, affiliation) |
|
188 | 147 |
except AstakosUser.DoesNotExist, e: |
148 |
third_party_key = get_pending_key(request) |
|
189 | 149 |
user_info = {'affiliation': affiliation} |
190 | 150 |
return handle_third_party_signup(request, userid, 'twitter', |
191 | 151 |
third_party_key, |
b/snf-astakos-app/astakos/im/templates/im/signup.html | ||
---|---|---|
26 | 26 |
{% for provider_obj in auth_providers %} |
27 | 27 |
{% if provider_obj.is_available_for_create %} |
28 | 28 |
{% if provider_obj.module == 'local' %} |
29 |
<a href="#" class="submit standalone" id="signup-classic">CLASSIC SIGN UP</a>
|
|
29 |
<a href="#" class="submit standalone" id="signup-classic">CLASSIC</a> |
|
30 | 30 |
{% if "local" in im_modules %} |
31 | 31 |
{% include "im/auth/signup_form.html" %} |
32 | 32 |
{% endif %} |
33 | 33 |
{% else %} |
34 | 34 |
{% if provider_obj.module == 'shibboleth' %} |
35 |
<a href="{% provider_login_url provider_obj %}" class="submit standalone">ACADEMIC SIGN UP</a>
|
|
35 |
<a href="{% provider_login_url provider_obj %}" class="submit standalone">ACADEMIC</a> |
|
36 | 36 |
{% else %} |
37 | 37 |
<a href="{% provider_login_url provider_obj %}" title="{{ provider_obj.get_title_display }}" class="icons"> |
38 | 38 |
<img src=" {{ provider_obj.get_icon_url_display }}" alt="{{ provider_obj.get_title_display }}"> |
Also available in: Unified diff