Commits

bchesneau  committed ffec80f

[svn r23] fix authentification with python-openid 2.1.1

  • Participants
  • Parent commits a9b4fd7

Comments (0)

Files changed (1)

     redirect_url = auth_request.redirectURL(trust_root, redirect_to)
     return HttpResponseRedirect(redirect_url)
 
-def complete(request, on_success=None, on_failure=None):
+def complete(request, on_success=None, on_failure=None, return_to=None):
     on_success = on_success or default_on_success
     on_failure = on_failure or default_on_failure
     
     consumer = Consumer(request.session, DjangoOpenIDStore())
-    openid_response = consumer.complete(dict(request.GET.items()))
+    openid_response = consumer.complete(dict(request.GET.items()), return_to)
     
     if openid_response.status == SUCCESS:
         return on_success(request, openid_response.identity_url, openid_response)
 
 def complete_signin(request):
     """ in case of complete signin with openid """
-    return complete(request, signin_success, signin_failure)
+    return complete(request, signin_success, signin_failure, get_url_host(request) + reverse('user_complete_signin'))
 
 
 def signin_success(request, identity_url, openid_response):
  
     u = get_object_or_404(User, username=username) 
     
+    redirect_to = get_url_host(request) + reverse('user_changeemail',kwargs={'username':username})
+
     if request.POST:
         form = ChangeemailForm(request.POST)
         if form.is_valid():
                 redirect="%s?msg=%s" % (reverse('user_account_settings', kwargs={'username': request.user.username}),urlquote_plus(msg))
                 return HttpResponseRedirect(redirect)
             else:
-                redirect_to = "%s?new_email=%s" % (get_url_host(request) + reverse('user_changeemail',kwargs={'username':username}),form.cleaned_data['email'])
-                
+                request.session['new_email'] = form.cleaned_data['email']
                 return ask_openid(request, form.cleaned_data['password'], redirect_to, on_failure=emailopenid_failure)    
     elif not request.POST and 'openid.mode' in request.GET:
-        return complete(request, emailopenid_success, emailopenid_failure) 
+        return complete(request, emailopenid_success, emailopenid_failure, redirect_to) 
     else:
         form = ChangeemailForm(initial={
                                         'email': u.email,
     if o.user.username != request.user.username:
         return emailopenid_failure(request, _("The openid %s isn't associated to current logged user" % identity_url))
     
-    new_email=request.GET.get('new_email', '')
+    new_email=request.session.get('new_email', '')
     if new_email:
         u.email=new_email
         u.save()
+        del request.session['new_email']
     msg=_("Email Changed.")
 
     redirect="%s?msg=%s" % (reverse('user_account_settings',kwargs={'username': request.user.username}),urlquote_plus(msg))
         openid_url = uopenid.openid_url
     except:
         has_openid=False
-         
+    
+    redirect_to = get_url_host(request) + reverse('user_changeopenid',kwargs={'username':username})
     if request.POST and has_openid:
         form=ChangeopenidForm(request.POST)
         if form.is_valid():
-            redirect_to = get_url_host(request) + reverse('user_changeopenid',kwargs={'username':username})
             return ask_openid(request, form.cleaned_data['openid_url'], redirect_to, on_failure=changeopenid_failure)
     elif not request.POST and has_openid:
         if 'openid.mode' in request.GET:
-            return complete(request, changeopenid_success, changeopenid_failure)    
+            return complete(request, changeopenid_success, changeopenid_failure, redirect_to)    
 
     form = ChangeopenidForm(initial={'openid_url': openid_url, 'username':request.user.username })
     return render('authopenid/changeopenid.html', {'form': form,
     
     u = get_object_or_404(User, username=username)
 
+    redirect_to = get_url_host(request) + reverse('user_delete',kwargs={'username':username}) 
     if request.POST:
         form = DeleteForm(request.POST)
         if form.is_valid():
                 u.delete() 
                 return signout(request)
             else:
-                redirect_to = get_url_host(request) + reverse('user_delete',kwargs={'username':username})
                 return ask_openid(request, form.cleaned_data['password'], redirect_to, on_failure=deleteopenid_failure)
     elif not request.POST and 'openid.mode' in request.GET:
-        return complete(request, deleteopenid_success, deleteopenid_failure) 
+        return complete(request, deleteopenid_success, deleteopenid_failure, redirect_to) 
     
     form = DeleteForm(initial={'username': username})