auth: Extract register_remote_user function.

This commit is contained in:
Mateusz Mandera 2020-01-18 13:47:08 +01:00 committed by Tim Abbott
parent 27b9eafcac
commit f00a852697
1 changed files with 17 additions and 8 deletions

View File

@ -179,6 +179,19 @@ def redirect_to_subdomain_login_url() -> HttpResponseRedirect:
redirect_url = login_url + '?subdomain=1' redirect_url = login_url + '?subdomain=1'
return HttpResponseRedirect(redirect_url) return HttpResponseRedirect(redirect_url)
def register_remote_user(request: HttpRequest, remote_username: str,
full_name: str='',
is_signup: bool=False,
multiuse_object_key: str='',
full_name_validated: bool=False) -> HttpResponse:
email = remote_user_to_email(remote_username)
# We have verified the user controls an email address, but
# there's no associated Zulip user account. Consider sending
# the request to registration.
return maybe_send_to_registration(request, email, full_name, password_required=False,
is_signup=is_signup, multiuse_object_key=multiuse_object_key,
full_name_validated=full_name_validated)
def login_or_register_remote_user(request: HttpRequest, remote_username: str, def login_or_register_remote_user(request: HttpRequest, remote_username: str,
user_profile: Optional[UserProfile], full_name: str='', user_profile: Optional[UserProfile], full_name: str='',
mobile_flow_otp: Optional[str]=None, mobile_flow_otp: Optional[str]=None,
@ -203,14 +216,10 @@ def login_or_register_remote_user(request: HttpRequest, remote_username: str,
* A zulip:// URL to send control back to the mobile apps if they * A zulip:// URL to send control back to the mobile apps if they
are doing authentication using the mobile_flow_otp flow. are doing authentication using the mobile_flow_otp flow.
""" """
email = remote_user_to_email(remote_username)
if user_profile is None or user_profile.is_mirror_dummy: if user_profile is None or user_profile.is_mirror_dummy:
# We have verified the user controls an email address, but return register_remote_user(request, remote_username, full_name,
# there's no associated Zulip user account. Consider sending is_signup=is_signup, multiuse_object_key=multiuse_object_key,
# the request to registration. full_name_validated=full_name_validated)
return maybe_send_to_registration(request, email, full_name, password_required=False,
is_signup=is_signup, multiuse_object_key=multiuse_object_key,
full_name_validated=full_name_validated)
# Otherwise, the user has successfully authenticated to an # Otherwise, the user has successfully authenticated to an
# account, and we need to do the right thing depending whether # account, and we need to do the right thing depending whether
@ -221,7 +230,7 @@ def login_or_register_remote_user(request: HttpRequest, remote_username: str,
api_key = get_api_key(user_profile) api_key = get_api_key(user_profile)
params = { params = {
'otp_encrypted_api_key': otp_encrypt_api_key(api_key, mobile_flow_otp), 'otp_encrypted_api_key': otp_encrypt_api_key(api_key, mobile_flow_otp),
'email': email, 'email': user_profile.delivery_email,
'realm': user_profile.realm.uri, 'realm': user_profile.realm.uri,
} }
# We can't use HttpResponseRedirect, since it only allows HTTP(S) URLs # We can't use HttpResponseRedirect, since it only allows HTTP(S) URLs