Commit 2098c20d authored by Julien Cristau's avatar Julien Cristau
Browse files

[views] Convert registration_confirm controller to cubicweb 3.19 API

Session handling was reworked.  Instead of replacing the anonymous
session with an authenticated one mid-way through request processing,
just check if we can log in using the provided credentials and throw the
connection away.  Closes #3444010.
parent 6e5203500ce9
...@@ -19,7 +19,7 @@ classifiers = [ ...@@ -19,7 +19,7 @@ classifiers = [
'Programming Language :: JavaScript', 'Programming Language :: JavaScript',
] ]
__depends__ = {'cubicweb': '>= 3.15.0', __depends__ = {'cubicweb': '>= 3.19.0',
'pycrypto': None, 'pycrypto': None,
'PIL': None, 'PIL': None,
} }
......
...@@ -10,7 +10,7 @@ XS-Python-Version: >= 2.6 ...@@ -10,7 +10,7 @@ XS-Python-Version: >= 2.6
Package: cubicweb-registration Package: cubicweb-registration
Architecture: all Architecture: all
Depends: Depends:
cubicweb-common (>= 3.15.0), cubicweb-common (>= 3.19.0),
python-crypto, python-crypto,
python-imaging, python-imaging,
${python:Depends}, ${python:Depends},
......
...@@ -135,7 +135,7 @@ class RegistrationConfirmController(controller.Controller): ...@@ -135,7 +135,7 @@ class RegistrationConfirmController(controller.Controller):
raise Redirect(req.build_url(u'register', __message=msg)) raise Redirect(req.build_url(u'register', __message=msg))
if self._cw.user.login == login: if self._cw.user.login == login:
# already logged in (e.g. regstration link replayed twice in the browser) # already logged in (e.g. regstration link replayed twice in the browser)
raise Redirect(self.success_redirect_url()) raise Redirect(self.success_redirect_url(self._cw.user.name()))
req.form = data # hijack for proper validation error handling req.form = data # hijack for proper validation error handling
err_raised = False err_raised = False
try: try:
...@@ -152,29 +152,24 @@ class RegistrationConfirmController(controller.Controller): ...@@ -152,29 +152,24 @@ class RegistrationConfirmController(controller.Controller):
# default browser) based on the mimetype. # default browser) based on the mimetype.
if err.errors.keys() != ['login-subject']: if err.errors.keys() != ['login-subject']:
raise raise
# force new authentication (anon until there) # try to connect using the provided credentials
clear_cache(req, 'get_authorization')
req.form['__login'] = login
req.form['__password'] = password
if req.cnx:
req.cnx.close()
req.cnx = None
try: try:
self.appli.session_handler.set_session(req) from cubicweb import repoapi
except Redirect: cnx = repoapi.connect(self.appli.repo, login, password=password)
pass with cnx:
if req.user.login != 'login' and err_raised: name = cnx.user.name()
# if both authentication and register_user() failed, the problem raise Redirect(self.success_redirect_url(name))
# is probably that we do have a true login conflict, just re-raise except:
# the original validation error if err_raised:
# both registration and login failed, re-raise the previous
# ValidationError
raise err
raise raise
assert req.user.login == login
raise Redirect(self.success_redirect_url())
def success_redirect_url(self): def success_redirect_url(self, name):
msg = self._cw._(u'Congratulations, your registration is complete. ' msg = self._cw._(u'Congratulations, your registration is complete. '
'Welcome %s !') 'Welcome %s !')
return self._cw.build_url('', __message=msg % self._cw.user.name()) return self._cw.build_url('', __message=msg % name)
class RegisterLink(basecomponents.HeaderComponent): class RegisterLink(basecomponents.HeaderComponent):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment