From a3f412b19329fc7ff8942f3095f04c8f66dfc539 Mon Sep 17 00:00:00 2001 From: Luke Faraone Date: Wed, 16 Jan 2013 16:32:50 -0500 Subject: [PATCH] Add functions for CUSTOMER30 registration. (imported from commit c4b6f744ffa5b41df4170735f081bbe5655a54fe) --- humbug/urls.py | 2 + templates/zephyr/accounts_customer30.html | 81 +++++++++++++++++++++++ zephyr/views.py | 53 ++++++++++++++- 3 files changed, 134 insertions(+), 2 deletions(-) create mode 100644 templates/zephyr/accounts_customer30.html diff --git a/humbug/urls.py b/humbug/urls.py index 40566b3288..e2efa09395 100644 --- a/humbug/urls.py +++ b/humbug/urls.py @@ -24,6 +24,8 @@ urlpatterns = patterns('', url(r'^accounts/password/done/$', 'django.contrib.auth.views.password_reset_complete', {'template_name': 'zephyr/reset_done.html'}), + url(r'^accounts/customer30/', 'zephyr.views.accounts_customer30'), + url(r'^activity$', 'zephyr.views.get_activity'), diff --git a/templates/zephyr/accounts_customer30.html b/templates/zephyr/accounts_customer30.html new file mode 100644 index 0000000000..0fb92a7089 --- /dev/null +++ b/templates/zephyr/accounts_customer30.html @@ -0,0 +1,81 @@ +{% extends "zephyr/portico_signup.html" %} + +{% comment %} +Get ToS acceptance and handle account creation for CUSTOMER30 users + +Form is validated both client-side using jquery-validate (see signup.js) and server-side. +{% endcomment %} + +{% block for_you %}for {% if company_name %} {{company_name}} {% else %} __________ {% endif %} {% endblock %} +{% block portico_content %} + +

(Welcome! We think you'll like it here.)

+ +
+
+

You're almost there. We just need you to do one last thing.

+

Confirm your registration

+
+ +
+{% csrf_token %} +
+ +
+ +

{{ username }}@{{ company_name }}

+

+
+
+ +
+ +

{{ realname }}

+

+
+
+ +
+ Your password is set by your domain administrator. +
+
+ +
+
+ + {% if form.terms.errors %} + {% for error in form.terms.errors %} +
{{ error }}
+ {% endfor %} + {% endif %} +
+
+
+
+
+
+ +
+
+
+ + + +{% endblock %} diff --git a/zephyr/views.py b/zephyr/views.py index e4ea39dfe0..80811e9486 100644 --- a/zephyr/views.py +++ b/zephyr/views.py @@ -2,7 +2,7 @@ from django.conf import settings from django.contrib.auth import authenticate, login from django.contrib.auth.decorators import login_required from django.core.urlresolvers import reverse -from django.http import HttpResponse, HttpResponseRedirect +from django.http import HttpResponse, HttpResponseRedirect, HttpResponseBadRequest from django.shortcuts import render_to_response, redirect from django.template import RequestContext, loader from django.utils.timezone import utc, now @@ -23,7 +23,7 @@ from zephyr.lib.actions import do_add_subscription, do_remove_subscription, \ create_stream_if_needed from zephyr.forms import RegistrationForm, HomepageForm, ToSForm, is_unique, \ is_active, isnt_mit -from django.views.decorators.csrf import csrf_exempt +from django.views.decorators.csrf import csrf_exempt, requires_csrf_token from zephyr.decorator import require_post, \ authenticated_api_view, authenticated_json_post_view, \ @@ -98,6 +98,55 @@ def principal_to_user_profile(agent, principal): return principal_user_profile +# This view is both CSRF exempt and requires the token. This is because +# depending on whether the user arrived here via a redirect from Thymes +# or is submitting the form we either want to validate CSRF or not. +# +# See also: +# +@require_post +@csrf_exempt +@requires_csrf_token +def accounts_customer30(request): + domain = 'customer30.invalid' + + # support a username, realname via either GET or POST + try: + username = request.POST['username'] + realname = request.POST['realname'] + except KeyError: + return HttpResponseBadRequest('You must POST with username and realname parameters.') + + if not username.isalnum(): + return HttpResponseBadRequest("Your username was non-alphanumeric and is not allowed.") + email = username + '@' + domain + try: + is_unique(email) + except ValidationError: + return HttpResponseBadRequest("That username is already registered with Humbug.") + + try: + request.POST['terms'] + except KeyError: + return render_to_response('zephyr/accounts_customer30.html', + {'username': username, + 'realname': realname, + 'company_name': domain}, + context_instance=RequestContext(request)) + + # We want CSRF protection if you're actually registering, not if you're just displaying the form + return accounts_customer30_register(request, username, realname, email, domain) + +def accounts_customer30_register(request, username, realname, email, domain): + user_profile = do_create_user(email, + "xxxxxxxxxxx", + Realm.objects.get_or_create(domain=domain)[0], + realname, + username) + add_default_subs(user_profile) + login(request, authenticate(username=email, password="xxxxxxxxxxx")) + return HttpResponseRedirect(reverse('zephyr.views.home')) + @require_post def accounts_register(request): key = request.POST['key']