Merge branch 'login_options'

Conflicts:
	requirements.txt

apostello/decorators.py

@@ -43,6 +43,9 @@ def f(*args, **kwargs):
             if request.user.is_staff:
                 return view(*args, **kwargs)
         else:
+            # check approval status:
+            if not request.user.profile.approved:
+                return redirect(reverse('not_approved'))
             # check user has required permissions
             tested_perms = [request.user.profile.__getattribute__(x) for x in require]
             if all(tested_perms):

apostello/models.py

@@ -430,7 +430,12 @@ class Meta:
 
 class UserProfile(models.Model):
     """Primarily used to change user permissions, can extend for other uses too"""
-    user = models.ForeignKey(User, unique=True)
+    user = models.OneToOneField(User, unique=True)
+
+    approved = models.BooleanField(
+        default=False,
+        help_text='This must be true to grant users access to the site.'
+    )
 
     can_see_groups = models.BooleanField(default=True)
     can_see_contact_names = models.BooleanField(default=True)
@@ -445,5 +450,15 @@ class UserProfile(models.Model):
     def __str__(self):
         return "Profile: " + str(self.user)
 
+    def save(self, *args, **kwargs):
+        if self.pk is None:
+            # on first save, approve whitelisted domains
+            email = self.user.email
+            email_domain = email.split('@')[1]
+            safe_domains = settings.WHITELISTED_LOGIN_DOMAINS
+            if email_domain in safe_domains:
+                self.approved = True
+        super(UserProfile, self).save(*args, **kwargs)
+
 
 User.profile = property(lambda u: UserProfile.objects.get_or_create(user=u)[0])

apostello/templates/account/base_apsotello.html

@@ -0,0 +1,36 @@
+{% load compress %}
+<!DOCTYPE html>
+<html lang="en">
+<head>
+{% include 'apostello/includes/head.html' %}
+{% compress css %}
+<style>
+body {
+    color: #ffffff;
+    background-color: #222222;
+    padding: 50px;
+}
+a {
+    color: #ffffff;
+    font-weight: bold;
+}
+a:hover {
+    color: #ffffff;
+    font-weight: bold;
+}
+div {
+    border-radius: 5px;
+}
+</style>
+{% endcompress %}
+</head>
+<body>
+  <div class="container-fluid">
+    <div class="row">
+      <div class="col-sm-4 col-sm-offset-4" style="background-color: #5c569c; padding: 10px">
+        {% block content %}
+        {% endblock %}
+      </div>
+    </div>
+  </div>
+</body>

apostello/templates/account/email_confirm.html

@@ -0,0 +1,26 @@
+{% extends 'account/base_apsotello.html' %}
+{% load i18n %}
+{% load account %}
+{% block content %}
+<h1>{% trans "Confirm E-mail Address" %}</h1>
+
+{% if confirmation %}
+
+{% user_display confirmation.email_address.user as user_display %}
+
+<p>{% blocktrans with confirmation.email_address.email as email %}Please confirm that <a href="mailto:{{ email }}">{{ email }}</a> is an e-mail address for user {{ user_display }}.{% endblocktrans %}</p>
+
+<form method="post" action="{% url 'account_confirm_email' confirmation.key %}">
+{% csrf_token %}
+    <button class="btn btn-primary" type="submit">{% trans 'Confirm' %}</button>
+</form>
+
+{% else %}
+
+{% url 'account_email' as email_url %}
+
+<p>{% blocktrans %}This e-mail confirmation link expired or is invalid. Please <a href="{{ email_url }}">issue a new e-mail confirmation request</a>.{% endblocktrans %}</p>
+
+{% endif %}
+
+{% endblock %}

apostello/templates/account/login.html

@@ -0,0 +1,34 @@
+{% extends 'account/base_apsotello.html' %}
+{% load i18n %}
+{% load account socialaccount %}
+{% load bootstrap3 %}
+{% load url from future %}
+{% block content %}
+{% get_providers as socialaccount_providers %}
+<h3>{% trans "Sign In" %}</h3>
+{% if socialaccount_providers %}
+<p>{% blocktrans with site.name as site_name %}Please sign in with one of your existing third party accounts. Or, <a href="{{ signup_url }}">sign up</a>
+for an {{site_name}} account and sign in below:{% endblocktrans %}</p>
+<div class="socialaccount_ballot">
+  <ul class="socialaccount_providers">
+    {% include "socialaccount/snippets/provider_list.html" with process="login" %}
+  </ul>
+  <div class="login-or">{% trans 'or' %}</div><br>
+</div>
+{% include "socialaccount/snippets/login_extra.html" %}
+{% else %}
+<p>{% blocktrans %}If you have not created an account yet, then please
+<a href="{{ signup_url }}">sign up</a> first.{% endblocktrans %}</p>
+{% endif %}
+
+<form class="login" method="POST" action="{% url 'account_login' %}">
+  {% csrf_token %}
+  {% bootstrap_form form %}
+  {% if redirect_field_value %}
+  <input type="hidden" name="{{ redirect_field_name }}" value="{{ redirect_field_value }}" />
+  {% endif %}
+  <button class="btn btn-primary" type="submit">{% trans "Sign In" %}</button>
+  <br><br>
+  <p><a href="{% url 'account_reset_password' %}">{% trans "Forgot Password?" %}</a></p>
+</form>
+{% endblock %}

apostello/templates/account/logout.html

@@ -0,0 +1,14 @@
+{% extends 'account/base_apsotello.html' %}
+{% load i18n %}
+{% load url from future %}
+{% block content %}
+<h3>{% trans "Sign Out" %}</h3>
+<p>{% trans 'Are you sure you want to sign out?' %}</p>
+<form method="post" action="{% url 'account_logout' %}">
+  {% csrf_token %}
+  {% if redirect_field_value %}
+  <input type="hidden" name="{{redirect_field_name}}" value="{{redirect_field_value}}"/>
+  {% endif %}
+  <button class="btn btn-warning" type="submit">{% trans 'Sign Out' %}</button>
+</form>
+{% endblock %}

apostello/templates/account/password_reset.html

@@ -0,0 +1,20 @@
+{% extends 'account/base_apsotello.html' %}
+{% load i18n %}
+{% load bootstrap3 %}
+{% load account %}
+{% block content %}
+<h3>{% trans "Password Reset" %}</h3>
+{% if user.is_authenticated %}
+{% include "account/snippets/already_logged_in.html" %}
+{% endif %}
+
+<p>{% trans "Forgotten your password? Enter your e-mail address below, and we'll send you an e-mail allowing you to reset it." %}</p>
+
+<form method="POST" action="{% url 'account_reset_password' %}" class="password_reset">
+  {% csrf_token %}
+  {% bootstrap_form form %}
+  <button class="btn btn-primary" type="submit">{% trans "Reset My Password" %}</button>
+</form>
+
+<p>{% blocktrans %}Please contact us if you have any trouble resetting your password.{% endblocktrans %}</p>
+{% endblock %}

apostello/templates/account/password_reset_done.html

@@ -0,0 +1,10 @@
+{% extends 'account/base_apsotello.html' %}
+{% load i18n %}
+{% load account %}
+{% block content %}
+<h3>{% trans "Password Reset" %}</h3>
+{% if user.is_authenticated %}
+{% include "account/snippets/already_logged_in.html" %}
+{% endif %}
+<p>{% blocktrans %}We have sent you an e-mail. Please contact us if you do not receive it within a few minutes.{% endblocktrans %}</p>
+{% endblock %}

apostello/templates/account/password_reset_from_key.html

@@ -0,0 +1,20 @@
+{% extends 'account/base_apsotello.html' %}
+{% load i18n %}
+{% load bootstrap3 %}
+{% block content %}
+    <h3>{% if token_fail %}{% trans "Bad Token" %}{% else %}{% trans "Change Password" %}{% endif %}</h3>
+    {% if token_fail %}
+        {% url 'account_reset_password' as passwd_reset_url %}
+        <p>{% blocktrans %}The password reset link was invalid, possibly because it has already been used.  Please request a <a href="{{ passwd_reset_url }}">new password reset</a>.{% endblocktrans %}</p>
+    {% else %}
+        {% if form %}
+            <form method="POST" action=".">
+                {% csrf_token %}
+                 bootstrap_form form %}
+                <button class="btn btn-primary" type="submit" name="action">{% trans "change password" %}</button>
+            </form>
+        {% else %}
+            <p>{% trans 'Your password is now changed.' %}</p>
+        {% endif %}
+    {% endif %}
+{% endblock %}

apostello/templates/account/password_reset_from_key_done.html

@@ -0,0 +1,6 @@
+{% extends "apostello/base.html" %}
+{% load i18n %}
+{% block content %}
+    <h3>{% trans "Change Password" %}</h3>
+    <p>{% trans 'Your password is now changed.' %}</p>
+{% endblock %}

apostello/templates/account/password_set.html

@@ -0,0 +1,11 @@
+{% extends 'account/base_apsotello.html' %}
+{% load i18n %}
+{% load bootstrap3 %}
+{% block content %}
+    <h3>{% trans "Set Password" %}</h3>
+    <form method="POST" action="{% url 'account_set_password' %}" class="password_set">
+        {% csrf_token %}
+        {% bootstrap_form form %}
+        <input type="submit" name="action" value="{% trans "Set Password" %}"/>
+    </form>
+{% endblock %}

apostello/templates/account/signup.html

@@ -0,0 +1,17 @@
+{% extends 'account/base_apsotello.html' %}
+{% load i18n %}
+{% load account %}
+{% load bootstrap3 %}
+{% load url from future %}
+{% block content %}
+<h3>{% trans "Sign Up" %}</h3>
+<p>{% blocktrans %}Already have an account? Then please <a href="{{ login_url }}">sign in</a>.{% endblocktrans %}</p>
+<form class="signup" id="signup_form" method="post" action="{% url 'account_signup' %}">
+  {% csrf_token %}
+  {% bootstrap_form form %}
+  {% if redirect_field_value %}
+  <input type="hidden" name="{{ redirect_field_name }}" value="{{ redirect_field_value }}" />
+  {% endif %}
+  <button class="btn btn-primary" type="submit">{% trans "Sign Up" %} &raquo;</button>
+</form>
+{% endblock %}

apostello/templates/apostello/includes/navbar.html

@@ -37,7 +37,12 @@
         </li>{% endif %}
       </ul>
       <ul class="nav navbar-nav navbar-right">
-        <li><p class="navbar-text">{{ user.username }}</p></li>
+        <li class="dropdown"><a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-expanded="false">{{ user.email }}<span class="caret"></span></a>
+          <ul class="dropdown-menu" role="menu">
+          {% if request.user.is_staff %}<li><a href="/admin/">Admin</a></li>{% endif %}
+          <li><a href="/accounts/logout/">Logout</a></li>
+        </ul>
+        </li>
       </ul>
     </div>
     <!-- /.navbar-collapse -->

apostello/templates/apostello/not_approved.html

@@ -0,0 +1,13 @@
+{% extends "apostello/base.html" %}
+{% load bootstrap3 %}
+{% block content %}
+
+<h3>Account Not Approved</h3>
+
+<p>Your account has not yet been approved.</p>
+
+<p>All new accounts require approval to help prevent abuse. Someone should approve your account soon.</p>
+
+<p>Please get in touch if you believe you are seeing this in error.</p>
+
+{% endblock %}

apostello/urls.py

@@ -1,6 +1,7 @@
 # -*- coding: utf-8 -*-
 from django.conf.urls import include, url
 from django.contrib import admin
+from django.views.generic import TemplateView
 
 from apostello.decorators import keyword_access_check
 from apostello.forms import (KeywordForm, ManageRecipientGroupForm,
@@ -14,6 +15,7 @@
 # index and two sending views, dashboard
 urlpatterns = [
     url(r'^$', SimpleView.as_view(template_name="apostello/index.html", required_perms=[]), name='index'),
+    url(r'not_approved/$', TemplateView.as_view(template_name='apostello/not_approved.html'), name='not_approved'),
     url(r'^help/$', SimpleView.as_view(template_name="apostello/help.html", required_perms=[]), name='help'),
     url(r'^send/adhoc/', SendAdhoc.as_view(required_perms=['can_send_sms']), name='send_adhoc'),
     url(r'^send/group/', SendGroup.as_view(required_perms=['can_send_sms']), name='send_group'),
@@ -110,7 +112,7 @@
 urlpatterns += [
     url(r'^admin/doc/', include('django.contrib.admindocs.urls')),
     url(r'^admin/', include(admin.site.urls)),
-    url('', include('social.apps.django_app.urls', namespace='social')),
+    url(r'^accounts/', include('allauth.urls')),
 ]
 # apps etc
 urlpatterns += [

requirements.in

@@ -3,6 +3,7 @@ anyjson
 billiard
 celery
 Django<1.9
+django-allauth
 django-appconf
 django-bootstrap3
 django-celery
@@ -31,6 +32,5 @@ pytest-pep8
 pytest-xdist
 python-dotenv
 python3-memcached
-python-social-auth
 requests
 twilio

requirements.txt

@@ -13,12 +13,13 @@ click==5.1                # via python-dotenv
 coverage==4.0             # via pytest-cov
 decorator==4.0.4          # via ipython, traitlets
 defusedxml==0.4.1         # via python3-openid
+django-allauth==0.23.0
 django-appconf==1.0.1
 django-bootstrap3==6.2.2
 django-celery==3.1.16
 django-compressor==1.5
 django-datetime-widget==0.9.3
-django-debug-toolbar==1.3.2
+django-debug-toolbar==1.4
 django-extensions==1.5.7
 django-phonenumber-field==0.7.2
 django-solo==1.1.0
@@ -34,38 +35,36 @@ ipython-genutils==0.1.0   # via traitlets
 ipython==4.0.0
 isort==4.2.2              # via pytest-isort
 kombu==3.0.26             # via celery
-oauthlib==1.0.3           # via python-social-auth, requests-oauthlib
+oauthlib==1.0.3           # via requests-oauthlib
 opbeat==3.1.1
 path.py==8.1.2            # via pickleshare
 pep8==1.6.2               # via pytest-pep8
-pexpect==4.0              # via ipython
+pexpect==4.0.1            # via ipython
 phonenumbers==7.0.11      # via django-phonenumber-field
 pickleshare==0.5          # via ipython
 psycopg2==2.6.1
 ptyprocess==0.5           # via pexpect
 py==1.4.30                # via pytest, pytest-xdist
 pyflakes==1.0.0           # via pytest-flakes
 pygal==2.0.7
-pyjwt==1.4.0              # via python-social-auth
 pysocks==1.5.6            # via twilio
 pytest-cache==1.0         # via pytest-flakes, pytest-isort, pytest-pep8
 pytest-cov==2.2.0
-pytest-django==2.8.0
+pytest-django==2.9.0
 pytest-env==0.5.1
 pytest-flakes==1.0.1
 pytest-isort==0.1.0
 pytest-pep8==1.0.6
 pytest-xdist==1.13.1
 pytest==2.8.1
 python-dotenv==0.1.3
-python-social-auth==0.2.13
 python3-memcached==1.51
-python3-openid==3.0.7     # via python-social-auth
+python3-openid==3.0.7     # via django-allauth
 pytz==2015.6              # via celery, django-datetime-widget, twilio
-requests-oauthlib==0.5.0  # via python-social-auth
-requests==2.7.0
+requests-oauthlib==0.5.0  # via django-allauth
+requests==2.8.0
 simplegeneric==0.8.1      # via ipython
-six==1.9.0                # via django-appconf, django-extensions, python-social-auth, twilio
+six==1.9.0                # via django-appconf, django-extensions, twilio
 sqlparse==0.1.16          # via django-debug-toolbar
 traitlets==4.0.0          # via ipython
 twilio==4.6.0