Commit 2098c20d authored by Julien Cristau's avatar Julien Cristau
Browse files

[views] Convert registration_confirm controller to cubicweb 3.19 API

Session handling was reworked.  Instead of replacing the anonymous
session with an authenticated one mid-way through request processing,
just check if we can log in using the provided credentials and throw the
connection away.  Closes #3444010.
parent 6e5203500ce9
......@@ -19,7 +19,7 @@ classifiers = [
'Programming Language :: JavaScript',
]
__depends__ = {'cubicweb': '>= 3.15.0',
__depends__ = {'cubicweb': '>= 3.19.0',
'pycrypto': None,
'PIL': None,
}
......
......@@ -10,7 +10,7 @@ XS-Python-Version: >= 2.6
Package: cubicweb-registration
Architecture: all
Depends:
cubicweb-common (>= 3.15.0),
cubicweb-common (>= 3.19.0),
python-crypto,
python-imaging,
${python:Depends},
......
......@@ -135,7 +135,7 @@ class RegistrationConfirmController(controller.Controller):
raise Redirect(req.build_url(u'register', __message=msg))
if self._cw.user.login == login:
# already logged in (e.g. regstration link replayed twice in the browser)
raise Redirect(self.success_redirect_url())
raise Redirect(self.success_redirect_url(self._cw.user.name()))
req.form = data # hijack for proper validation error handling
err_raised = False
try:
......@@ -152,29 +152,24 @@ class RegistrationConfirmController(controller.Controller):
# default browser) based on the mimetype.
if err.errors.keys() != ['login-subject']:
raise
# force new authentication (anon until there)
clear_cache(req, 'get_authorization')
req.form['__login'] = login
req.form['__password'] = password
if req.cnx:
req.cnx.close()
req.cnx = None
# try to connect using the provided credentials
try:
self.appli.session_handler.set_session(req)
except Redirect:
pass
if req.user.login != 'login' and err_raised:
# if both authentication and register_user() failed, the problem
# is probably that we do have a true login conflict, just re-raise
# the original validation error
from cubicweb import repoapi
cnx = repoapi.connect(self.appli.repo, login, password=password)
with cnx:
name = cnx.user.name()
raise Redirect(self.success_redirect_url(name))
except:
if err_raised:
# both registration and login failed, re-raise the previous
# ValidationError
raise err
raise
assert req.user.login == login
raise Redirect(self.success_redirect_url())
def success_redirect_url(self):
def success_redirect_url(self, name):
msg = self._cw._(u'Congratulations, your registration is complete. '
'Welcome %s !')
return self._cw.build_url('', __message=msg % self._cw.user.name())
return self._cw.build_url('', __message=msg % name)
class RegisterLink(basecomponents.HeaderComponent):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment