Source

django-publicauth / publicauth / views.py

Diff from to

publicauth/views.py

 
 from publicauth.utils import str_to_class, get_backend
 from publicauth import settings
+from publicauth import lang
 
 
 def logout(request):
     auth.logout(request)
-    messages.add_message(request, messages.SUCCESS, publicauth.lang.SUCCESS_LOGOUT)
-    return redirect("/")
+    messages.add_message(request, messages.SUCCESS, lang.SUCCESS_LOGOUT)
+    return redirect(global_settings.LOGOUT_URL)
 
 
 def begin(request, provider):
     data = request.GET.copy()
     data.update(request.POST)
 
-    request.session['next_url'] = request.GET.get("next") or global_settings.LOGIN_REDIRECT_URL
+    # store url to where user will be redirected 
+    # after successfull authentication.
+    request.session['next_url'] = request.GET.get("next") or \
+                                    global_settings.LOGIN_REDIRECT_URL
         
     # start the authentication process 
     backend = get_backend(provider)
-    backend.begin(request, data)
-
-    return {}
+    return backend.begin(request, data)
 
 
 def complete(request, provider):
     """
-    Complete PublicID authorization process.
-    If PublicID was successfuly authenticated:
-     * if no user with such ID exists and current user is authenticated then
-       assign PublicID to this user.
-     * if user with such ID exists and current user is anonimouse then login 
-       as this user.
-     * if no user with such ID exists and user must fill extra fields, 
-       redirect him to registration form.
+    After first step of public authentication, we must validate the response. 
+    If everything is ok, we must do the following:
+    1. If user is already authenticated:
+        a. Try to login him again (strange variation but we must take it to account).
+        b. Create new PublicID record in database.
+        c. Merge authenticated account with newly created PublicID record.
+        d. Redirect user to 'next' url stored in session.
+    2. If user is anonymouse:
+        a. Try to log him by identity and redirect to 'next' url.
+        b. Create new  PublicID record in database.
+        c. Try to automaticaly fill all extra fields with information returned form 
+           server. If successfull, login the user and redirect to 'next' url.
+        d. Redirect user to extra page where he can fill all extra fields by hand.
     """
+    # merge data from POST and GET methods
+    data = request.GET.copy()
+    data.update(request.POST)
+
     backend = get_backend(provider)
-    response = backend.validate_response(request)
+    response = backend.validate(request, data)
+
     if request.user.is_authenticated():
         backend.login_user(request)
-        backend.attach_account(request, request.user)
+        backend.merge_accounts(request)
     else:
         backend.login_user(request)
         if not settings.REGISTRATION_ALLOWED:
             messages.add_message(request, messages.WARNING, lang.REGISTRATION_DISABLED)
             return redirect(settings.REGISTRATION_DISABLED_REDIRECT)
-    backend.complete(request, response)
+
+    return backend.complete(request, response)
 
 
 @render_to('publicauth/extra.html')
         raise Http404
 
     if request.method == "POST":
-        form = str_to_class(settings.PUBLICID_EXTRA_FORM)(request.POST)
+        form = str_to_class(settings.EXTRA_FORM)(request.POST)
         if form.is_valid():
             user = form.save(identity, provider)
             del request.session['identity']
                 return redirect(next_url)
     else:
         initial = request.session['extra']
-        form = str_to_class(settings.PUBLICID_EXTRA_FORM)(initial=initial)
+        form = str_to_class(settings.EXTRA_FORM)(initial=initial)
 
     return {'form': form}