| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269 |
- import json
- from django.contrib.auth import get_user_model
- from django.db import IntegrityError
- from django.http import JsonResponse
- from django.shortcuts import render
- from django.urls import reverse
- from django.utils.translation import gettext as _
- from social_core.pipeline.partial import partial
- from misago.core.exceptions import SocialAuthFailed, SocialAuthBanned
- from misago.legal.models import Agreement
- from misago.users.bans import get_request_ip_ban, get_user_ban
- from misago.users.forms.register import SocialAuthRegisterForm
- from misago.users.models import Ban
- from misago.users.registration import (
- get_registration_result_json, save_user_agreements, send_welcome_email
- )
- from misago.users.setupnewuser import setup_new_user
- from misago.users.validators import (
- ValidationError, validate_new_registration, validate_email, validate_username
- )
- from .utils import get_social_auth_backend_name, perpare_username
- UserModel = get_user_model()
- def validate_ip_not_banned(strategy, details, backend, user=None, *args, **kwargs):
- """Pipeline step that interrupts pipeline if found user is non-staff and IP banned"""
- if not user or user.is_staff:
- return None
-
- ban = get_request_ip_ban(strategy.request)
- if ban:
- hydrated_ban = Ban(
- check_type=Ban.IP,
- user_message=ban['message'],
- expires_on=ban['expires_on'],
- )
- raise SocialAuthBanned(backend, hydrated_ban)
- def validate_user_not_banned(strategy, details, backend, user=None, *args, **kwargs):
- """Pipeline step that interrupts pipeline if found user is non-staff and banned"""
- if not user or user.is_staff:
- return None
- user_ban = get_user_ban(user, strategy.request.cache_versions)
- if user_ban:
- raise SocialAuthBanned(backend, user_ban)
- def associate_by_email(strategy, details, backend, user=None, *args, **kwargs):
- """If user with e-mail from provider exists in database and is active,
- this step authenticates them.
- """
- if user:
- return None
- email = details.get('email')
- if not email:
- return None
- try:
- user = UserModel.objects.get_by_email(email)
- except UserModel.DoesNotExist:
- return None
- backend_name = get_social_auth_backend_name(backend.name)
- if not user.is_active:
- raise SocialAuthFailed(
- backend,
- _(
- "The e-mail address associated with your %(backend)s account is "
- "not available for use on this site."
- ) % {'backend': backend_name}
- )
- if user.requires_activation_by_admin:
- raise SocialAuthFailed(
- backend,
- _(
- "Your account has to be activated by site administrator before you will be able to "
- "sign in with %(backend)s."
- ) % {'backend': backend_name}
- )
- return {'user': user, 'is_new': False}
- def get_username(strategy, details, backend, user=None, *args, **kwargs):
- """Resolve valid username for use in new account"""
- if user:
- return None
- settings = strategy.request.settings
- username = perpare_username(details.get('username', ''))
- full_name = perpare_username(details.get('full_name', ''))
- first_name = perpare_username(details.get('first_name', ''))
- last_name = perpare_username(details.get('last_name', ''))
- names_to_try = [
- username,
- first_name,
- ]
- if username:
- names_to_try.append(username)
- if first_name:
- names_to_try.append(first_name)
- if last_name:
- # if first name is taken, try first name + first char of last name
- names_to_try.append(first_name + last_name[0])
- if full_name:
- names_to_try.append(full_name)
- username_length_max = settings.username_length_max
- for name in names_to_try:
- if len(name) > username_length_max:
- names_to_try.append(name[:username_length_max])
- for name in filter(bool, names_to_try):
- try:
- validate_username(settings, name)
- return {'clean_username': name}
- except ValidationError:
- pass
- def create_user(strategy, details, backend, user=None, *args, **kwargs):
- """Aggressively attempt to register and sign in new user"""
- if user:
- return None
-
- request = strategy.request
- settings = request.settings
- email = details.get('email')
- username = kwargs.get('clean_username')
-
- if not email or not username:
- return None
- try:
- validate_email(email)
- validate_new_registration(request, {
- 'email': email,
- 'username': username,
- })
- except ValidationError:
- return None
- activation_kwargs = {}
- if settings.account_activation == 'admin':
- activation_kwargs = {'requires_activation': UserModel.ACTIVATION_ADMIN}
- new_user = UserModel.objects.create_user(
- username,
- email,
- joined_from_ip=request.user_ip,
- **activation_kwargs
- )
- setup_new_user(settings, new_user)
- send_welcome_email(request, new_user)
- return {'user': new_user, 'is_new': True}
- @partial
- def create_user_with_form(strategy, details, backend, user=None, *args, **kwargs):
- """Alternatively to create_user lets user confirm account creation before authenticating"""
- if user:
- return None
- request = strategy.request
- settings = request.settings
- backend_name = get_social_auth_backend_name(backend.name)
- if request.method == 'POST':
- try:
- request_data = json.loads(request.body)
- except (TypeError, ValueError):
- request_data = request.POST.copy()
-
- form = SocialAuthRegisterForm(
- request_data,
- request=request,
- agreements=Agreement.objects.get_agreements(),
- )
-
- if not form.is_valid():
- return JsonResponse(form.errors, status=400)
- email_verified = form.cleaned_data['email'] == details.get('email')
- activation_kwargs = {}
- if settings.account_activation == 'admin':
- activation_kwargs = {'requires_activation': UserModel.ACTIVATION_ADMIN}
- elif settings.account_activation == 'user' and not email_verified:
- activation_kwargs = {'requires_activation': UserModel.ACTIVATION_USER}
- try:
- new_user = UserModel.objects.create_user(
- form.cleaned_data['username'],
- form.cleaned_data['email'],
- joined_from_ip=request.user_ip,
- **activation_kwargs
- )
- setup_new_user(settings, new_user)
- except IntegrityError:
- return JsonResponse({'__all__': _("Please try resubmitting the form.")}, status=400)
- save_user_agreements(new_user, form)
- send_welcome_email(request, new_user)
- return {'user': new_user, 'is_new': True}
- request.frontend_context['SOCIAL_AUTH'] = {
- 'backend_name': backend_name,
- 'step': 'register',
- 'email': details.get('email'),
- 'username': kwargs.get('clean_username'),
- 'url': reverse('social:complete', kwargs={'backend': backend.name}),
- }
- return render(request, 'misago/socialauth.html', {
- 'backend_name': backend_name,
- })
- @partial
- def require_activation(strategy, details, backend, user=None, is_new=False, *args, **kwargs):
- if not user:
- # Social auth pipeline has entered corrupted state
- # Remove partial auth state and redirect user to beginning
- partial_token = strategy.session.get('partial_pipeline_token')
- if partial_token:
- strategy.clean_partial_pipeline(partial_token)
- return None
-
- if not user.requires_activation:
- return None
- request = strategy.request
- backend_name = get_social_auth_backend_name(backend.name)
- response_data = get_registration_result_json(user)
- response_data.update({'step': 'done', 'backend_name': backend_name})
- if request.method == 'POST':
- # we are carrying on from requestration request
- return JsonResponse(response_data)
- request.frontend_context['SOCIAL_AUTH'] = response_data
- request.frontend_context['SOCIAL_AUTH'].update({
- 'url': reverse('social:complete', kwargs={'backend': backend.name}),
- })
- return render(request, 'misago/socialauth.html', {
- 'backend_name': backend_name,
- })
|
