This repository has been archived by the owner on Oct 30, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 102
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fixes bug 921672 - Upgrade to django-browserid 0.9
- Loading branch information
Showing
12 changed files
with
183 additions
and
119 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,72 +1,51 @@ | ||
import logging | ||
from django.conf import settings | ||
from django.contrib import auth | ||
from django.shortcuts import redirect, render | ||
from django.views.decorators.http import require_POST | ||
from django.contrib import messages | ||
|
||
from django_browserid.base import get_audience | ||
from django_browserid.auth import verify | ||
from django_browserid.forms import BrowserIDForm | ||
from .mozillians import is_vouched, BadStatusCodeError | ||
from airmozilla.main.models import UserProfile | ||
|
||
from django_browserid.views import Verify | ||
|
||
@require_POST | ||
def mozilla_browserid_verify(request): | ||
"""Custom BrowserID verifier for mozilla addresses.""" | ||
form = BrowserIDForm(request.POST) | ||
if form.is_valid(): | ||
assertion = form.cleaned_data['assertion'] | ||
audience = get_audience(request) | ||
result = verify(assertion, audience) | ||
try: | ||
_ok_assertion = False | ||
_is_contributor = False | ||
if result: | ||
_domain = result['email'].split('@')[-1] | ||
if _domain in settings.ALLOWED_BID: | ||
_ok_assertion = True | ||
elif is_vouched(result['email']): | ||
_ok_assertion = True | ||
_is_contributor = True | ||
logger = logging.getLogger('auth') | ||
|
||
if _ok_assertion: | ||
user = auth.authenticate( | ||
assertion=assertion, | ||
audience=audience | ||
) | ||
auth.login(request, user) | ||
if _is_contributor: | ||
try: | ||
profile = user.get_profile() | ||
if not profile.contributor: | ||
profile.contributor = True | ||
profile.save() | ||
except UserProfile.DoesNotExist: | ||
profile = UserProfile.objects.create( | ||
user=user, | ||
contributor=True | ||
) | ||
return redirect(settings.LOGIN_REDIRECT_URL) | ||
elif result: | ||
|
||
class CustomBrowserIDVerify(Verify): | ||
|
||
def login_success(self): | ||
"""the user passed the BrowserID hurdle, but do they have a valid | ||
email address or vouched for in Mozillians""" | ||
domain = self.user.email.split('@')[-1] | ||
try: | ||
if domain in settings.ALLOWED_BID: | ||
# awesome! | ||
pass | ||
elif is_vouched(self.user.email): | ||
try: | ||
profile = self.user.get_profile() | ||
if not profile.contributor: | ||
profile.contributor = True | ||
profile.save() | ||
except UserProfile.DoesNotExist: | ||
profile = UserProfile.objects.create( | ||
user=self.user, | ||
contributor=True | ||
) | ||
else: | ||
messages.error( | ||
request, | ||
'Email (%s) authenticated but not vouched for' % | ||
result['email'] | ||
self.request, | ||
'Email {0} authenticated but not vouched for' | ||
.format(self.user.email) | ||
) | ||
return super(CustomBrowserIDVerify, self).login_failure() | ||
except BadStatusCodeError: | ||
logging.error('Unable to call out to mozillians', | ||
exc_info=True) | ||
logger.error('Unable to call out to mozillians', exc_info=True) | ||
messages.error( | ||
request, | ||
'Email (%s) authenticated but unable to connect to ' | ||
'Mozillians to see if are vouched. ' % | ||
result['email'] | ||
self.request, | ||
'Email {0} authenticated but unable to connect to ' | ||
'Mozillians to see if are vouched. ' | ||
.format(self.user.email) | ||
) | ||
return super(CustomBrowserIDVerify, self).login_failure() | ||
|
||
return redirect(settings.LOGIN_REDIRECT_URL_FAILURE) | ||
|
||
|
||
def login_failure(request): | ||
return render(request, 'auth/login_failure.html') | ||
return super(CustomBrowserIDVerify, self).login_success() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.