diff --git a/colab.spec b/colab.spec index b888bc8..07c82fb 100644 --- a/colab.spec +++ b/colab.spec @@ -131,8 +131,6 @@ ALLOWED_HOSTS: ## Disable indexing ROBOTS_NOINDEX: false -## Disable browser id authentication -# BROWSERID_ENABLED: true EOF chown root:colab /etc/colab/settings.yaml chmod 0640 /etc/colab/settings.yaml diff --git a/colab/accounts/auth.py b/colab/accounts/auth.py deleted file mode 100644 index 35cd40b..0000000 --- a/colab/accounts/auth.py +++ /dev/null @@ -1,7 +0,0 @@ - -from django_browserid.auth import BrowserIDBackend - - -class ColabBrowserIDBackend(BrowserIDBackend): - def filter_users_by_email(self, email): - return self.User.objects.filter(emails__address=email) diff --git a/colab/accounts/middleware.py b/colab/accounts/middleware.py deleted file mode 100644 index a5c0154..0000000 --- a/colab/accounts/middleware.py +++ /dev/null @@ -1,24 +0,0 @@ - -from django.shortcuts import redirect -from django.conf import settings - -VIEW_NAMES_ALLOWED = ('signup', 'Logout') - - -class UserRegisterMiddleware(object): - - def process_view(self, request, view_func, view_args, view_kwargs): - if not settings.BROWSERID_ENABLED: - return - - if request.is_ajax(): - return - - if not request.user.is_authenticated(): - return - - if not request.user.needs_update: - return - - if view_func.__name__ not in VIEW_NAMES_ALLOWED: - return redirect('signup') diff --git a/colab/accounts/templates/accounts/login.html b/colab/accounts/templates/accounts/login.html deleted file mode 100644 index 8fcc994..0000000 --- a/colab/accounts/templates/accounts/login.html +++ /dev/null @@ -1,12 +0,0 @@ -{% extends 'base.html' %} -{% load browserid i18n %} - -{% block main-content %} -


-
-

{% trans 'To login please click in the link below:'%}

- {% trans 'Login' as login_text %} - {% browserid_login text=login_text link_class='btn btn-primary btn-lg' %} -
-


-{% endblock %} diff --git a/colab/accounts/templates/accounts/user_update_form.html b/colab/accounts/templates/accounts/user_update_form.html index 4522902..595e245 100644 --- a/colab/accounts/templates/accounts/user_update_form.html +++ b/colab/accounts/templates/accounts/user_update_form.html @@ -178,20 +178,18 @@ $(function() { - {% if not BROWSERID_ENABLED %} -
-
-
-

- {% trans 'Change Password' %} -

-
-
- {% trans "Change Password" %} -
+
+
+
+

+ {% trans 'Change Password' %} +

+
+
+ {% trans "Change Password" %}
- {% endif %} +
diff --git a/colab/accounts/tests/test_view_signup.py b/colab/accounts/tests/test_view_signup.py index c09fd1c..aa28aaf 100644 --- a/colab/accounts/tests/test_view_signup.py +++ b/colab/accounts/tests/test_view_signup.py @@ -21,13 +21,6 @@ class TestSignUpView(TestCase): "usertest@colab.com.br", "123colab4") return user - def test_user_not_authenticated(self): - with self.settings(BROWSERID_ENABLED=True): - response = self.client.get("/account/register") - self.assertEquals(302, response.status_code) - url = "http://testserver/account/login" - self.assertEquals(url, response.url) - def test_user_authenticated_and_unregistered(self): self.client.login(username="usertestcolab", password="123colab4") response = self.client.get("/account/register/") diff --git a/colab/accounts/urls.py b/colab/accounts/urls.py index 5b3d522..335b0c2 100644 --- a/colab/accounts/urls.py +++ b/colab/accounts/urls.py @@ -2,48 +2,40 @@ from django.conf import settings from django.conf.urls import patterns, url -from .views import (UserProfileDetailView, UserProfileUpdateView, LoginView, +from .views import (UserProfileDetailView, UserProfileUpdateView, ManageUserSubscriptionsView) from colab.accounts import views from django.contrib.auth import views as auth_views -BROWSERID_ENABLED = getattr(settings, 'BROWSERID_ENABLED', False) +urlpatterns = patterns('', + url(r'^login/?$', 'django.contrib.auth.views.login', name='login'), + url(r'^logout/?$', 'django.contrib.auth.views.logout', + {'next_page':'home'}, name='logout'), -if not BROWSERID_ENABLED: - urlpatterns = patterns('', - url(r'^login/?$', 'django.contrib.auth.views.login', name='login'), + url(r'^password-reset-done/?$', 'colab.accounts.views.password_reset_done_custom', + name="password_reset_done"), + url(r'^password-reset-complete/$', 'colab.accounts.views.password_reset_complete_custom', + name="password_reset_complete"), - url(r'^logout/?$', 'django.contrib.auth.views.logout', - {'next_page':'home'}, name='logout'), + url(r'^password-reset-confirm/(?P[0-9A-Za-z]+)-(?P.+)/$', + auth_views.password_reset_confirm, + {'template_name':'registration/password_reset_confirm_custom.html'}, + name="password_reset_confirm"), - url(r'^password-reset-done/?$', 'colab.accounts.views.password_reset_done_custom', - name="password_reset_done"), - url(r'^password-reset-complete/$', 'colab.accounts.views.password_reset_complete_custom', - name="password_reset_complete"), + url(r'^password-reset/?$', auth_views.password_reset, + {'template_name':'registration/password_reset_form_custom.html'}, + name="password_reset"), - url(r'^password-reset-confirm/(?P[0-9A-Za-z]+)-(?P.+)/$', - auth_views.password_reset_confirm, - {'template_name':'registration/password_reset_confirm_custom.html'}, - name="password_reset_confirm"), + url(r'^change-password/?$',auth_views.password_change, + {'template_name':'registration/password_change_form_custom.html'}, + name='password_change'), - url(r'^password-reset/?$', auth_views.password_reset, - {'template_name':'registration/password_reset_form_custom.html'}, - name="password_reset"), - - url(r'^change-password/?$',auth_views.password_change, - {'template_name':'registration/password_change_form_custom.html'}, - name='password_change'), - - url(r'^change-password-done/?$', - 'colab.accounts.views.password_changed', name='password_change_done'), - ) -else: - urlpatterns = patterns('', - url(r'^login/?$', LoginView.as_view(), name='login'), - ) + url(r'^change-password-done/?$', + 'colab.accounts.views.password_changed', name='password_change_done'), +) urlpatterns += patterns('', url(r'^register/?$', 'colab.accounts.views.signup', name='signup'), diff --git a/colab/accounts/views.py b/colab/accounts/views.py index 0e6a83d..70202f1 100644 --- a/colab/accounts/views.py +++ b/colab/accounts/views.py @@ -23,10 +23,6 @@ from .forms import (UserCreationForm, UserForm, ListsForm, from .utils import mailman -class LoginView(TemplateView): - template_name = "accounts/login.html" - - class UserProfileBaseMixin(object): model = get_user_model() slug_field = 'username' @@ -86,37 +82,19 @@ class UserProfileDetailView(UserProfileBaseMixin, DetailView): def signup(request): - BROWSERID_ENABLED = getattr(settings, 'BROWSERID_ENABLED', False) - - if BROWSERID_ENABLED: - # If the user is not authenticated, redirect to login - if not request.user.is_authenticated(): - return redirect('login') if request.user.is_authenticated(): - # If the user doesn't need to update its main data, - # redirect to its profile - # It happens when user is created by browserid - # and didn't set his/her main data if not request.user.needs_update: return redirect('user_profile', username=request.user.username) - # If the user is authenticated in Persona, but not in the Colab then he - # will be redirected to the register form. if request.method == 'GET': - if BROWSERID_ENABLED: - user_form = UserForm() - else: - user_form = UserCreationForm() + user_form = UserCreationForm() lists_form = ListsForm() return render(request, 'accounts/user_create_form.html', {'user_form': user_form, 'lists_form': lists_form}) - if BROWSERID_ENABLED: - user_form = UserForm(request.POST, instance=request.user) - else: - user_form = UserCreationForm(request.POST) + user_form = UserCreationForm(request.POST) lists_form = ListsForm(request.POST) if not user_form.is_valid() or not lists_form.is_valid(): @@ -126,12 +104,9 @@ def signup(request): user = user_form.save(commit=False) user.needs_update = False - if not BROWSERID_ENABLED: - user.is_active = False - user.save() - EmailAddressValidation.create(user.email, user) - else: - user.save() + user.is_active = False + user.save() + EmailAddressValidation.create(user.email, user) # Check if the user's email have been used previously # in the mainling lists to link the user to old messages diff --git a/colab/home/context_processors.py b/colab/home/context_processors.py index 5d38487..7630cb8 100644 --- a/colab/home/context_processors.py +++ b/colab/home/context_processors.py @@ -26,6 +26,3 @@ def ribbon(request): } } - -def browserid_enabled(request): - return {'BROWSERID_ENABLED': getattr(settings, 'BROWSERID_ENABLED', False)} diff --git a/colab/management/initconfig.py b/colab/management/initconfig.py index 2df29e3..2f8420f 100644 --- a/colab/management/initconfig.py +++ b/colab/management/initconfig.py @@ -21,15 +21,6 @@ EMAIL_SUBJECT_PREFIX = '[colab]' SECRET_KEY = '{secret_key}' -# Must use it without trailing slash -SITE_URL = 'http://localhost:8000' -BROWSERID_AUDIENCES = [ - 'http://localhost:8000', -# 'http://example.com', -# 'https://example.org', -# 'http://example.net', -] - ALLOWED_HOSTS = [ 'localhost', # 'example.com', @@ -37,9 +28,6 @@ ALLOWED_HOSTS = [ # 'example.net', ] -### Uncomment to enable Broswer ID protocol for authentication -# BROWSERID_ENABLED = True - ### Uncomment to enable social networks fields profile # SOCIAL_NETWORK_ENABLED = True diff --git a/colab/settings.py b/colab/settings.py index 5433388..5fd6e97 100644 --- a/colab/settings.py +++ b/colab/settings.py @@ -44,7 +44,6 @@ INSTALLED_APPS = ( # Not standard apps 'cliauth', 'django_mobile', - 'django_browserid', 'haystack', 'hitcounter', 'i18n_model', @@ -196,7 +195,6 @@ TEMPLATE_CONTEXT_PROCESSORS = ( 'colab.home.context_processors.robots', 'colab.home.context_processors.ribbon', 'colab.home.context_processors.google_analytics', - 'colab.home.context_processors.browserid_enabled', ) MIDDLEWARE_CLASSES = ( @@ -211,13 +209,10 @@ MIDDLEWARE_CLASSES = ( 'django_mobile.middleware.MobileDetectionMiddleware', 'django_mobile.middleware.SetFlavourMiddleware', 'colab.tz.middleware.TimezoneMiddleware', - 'colab.accounts.middleware.UserRegisterMiddleware', ) -# Add the django_browserid authentication backend. AUTHENTICATION_BACKENDS = ( 'django.contrib.auth.backends.ModelBackend', - 'colab.accounts.auth.ColabBrowserIDBackend', ) LOCALE_PATHS = ( @@ -245,16 +240,10 @@ SUPER_ARCHIVES_LOCK_FILE = '/var/lock/colab/import_emails.lock' # Mailman API settings MAILMAN_API_URL = 'http://localhost:8124' -# BrowserID / Persona -SITE_URL = 'http://localhost:8000' -BROWSERID_AUDIENCES = [SITE_URL, SITE_URL.replace('https', 'http')] - - LOGIN_URL = '/user/login' LOGIN_REDIRECT_URL = '/' LOGIN_REDIRECT_URL_FAILURE = '/?bid_login_failed=true' LOGOUT_REDIRECT_URL = '/' -BROWSERID_CREATE_USER = True REVPROXY_ADD_REMOTE_USER = True @@ -269,7 +258,6 @@ if locals().get('RAVEN_DSN', False): } INSTALLED_APPS += ('raven.contrib.django.raven_compat',) -BROWSERID_ENABLED = locals().get('BROWSERID_ENABLED') or False SOCIAL_NETWORK_ENABLED = locals().get('SOCIAL_NETWORK_ENABLED') or False locals().update(load_colab_apps()) diff --git a/colab/templates/base.html b/colab/templates/base.html index 29d6e45..e7da58f 100644 --- a/colab/templates/base.html +++ b/colab/templates/base.html @@ -1,5 +1,5 @@ -{% load i18n browserid gravatar plugins %} +{% load i18n gravatar plugins %} {% load static from staticfiles %} @@ -50,10 +50,7 @@ - - {% if BROWSERID_ENABLED %} - {% browserid_info %} - {% endif %} + {% block ribbon %} {% if ribbon %} @@ -66,8 +63,82 @@ {% endblock %} {% block navbar %} - - {% include "header.html" %} + {% endblock %} @@ -105,12 +176,6 @@ {% include "tz/set_utc_offset.html" %} - {% if BROWSERID_ENABLED %} - - - - {% endif %} - {% block footer_js %}{% endblock %} diff --git a/colab/urls.py b/colab/urls.py index f80e525..888607e 100644 --- a/colab/urls.py +++ b/colab/urls.py @@ -30,8 +30,6 @@ urlpatterns = patterns('', url(r'^myaccount/(?P.*)$', 'colab.accounts.views.myaccount_redirect', name='myaccount'), - url(r'', include('django_browserid.urls')), - # Uncomment the next line to enable the admin: url(r'^colab/admin/', include(admin.site.urls)), diff --git a/docs/source/user.rst b/docs/source/user.rst index f5b8d55..e4574bb 100644 --- a/docs/source/user.rst +++ b/docs/source/user.rst @@ -139,31 +139,6 @@ Social Networks When this variable is True, the social networks fields, like Facebook and Twitter, are added in user profile. By default, this fields are disabled. -Auth -++++ -.. attribute:: BROWSERID_ENABLED - - :default: False - - When this variable is True, Colab use BrowserID authentication. By default, - django authentication system is used. - -.. attribute:: BROWSERID_AUDIENCES - - :default: No default - - List of audiences that your site accepts. An audience is the protocol, - domain name, and (optionally) port that users access your site from. This - list is used to determine the audience a user is part of (how they are - accessing your site), which is used during verification to ensure that the - assertion given to you by the user was intended for your site. - - Without this, other sites that the user has authenticated with via Persona - could use their assertions to impersonate the user on your site. - - Note that this does not have to be a publicly accessible URL, so local URLs - like ``http://localhost:8000`` or ``http://127.0.0.1`` are acceptable as - long as they match what you are using to access your site. Customization ------------- diff --git a/setup.py b/setup.py index 90adc31..a2e4fbb 100644 --- a/setup.py +++ b/setup.py @@ -29,8 +29,6 @@ REQUIREMENTS = [ 'raven==3.5.2', 'tornado==3.1.1', - # Deps for Single SignOn (SSO) - Replaced with django-browserid==0.9 - 'django-browserid==0.11', 'django-revproxy==0.9.0', # Feedzilla (planet) and deps -- libgit2 0.21.2