Commit Graph

182 Commits

Author SHA1 Message Date
Umair Khan 80b019629c remote_user_sso: Improve invalid email message.
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."
2017-04-13 12:48:13 -07:00
Umair Khan 93aa478efb api_fetch_api_key: Improve invalid email message.
Show a user friendly message to the user if email is invalid.
Currently we show a generic message:
"Your username or password is incorrect."

The only backend which can accept a non-email username is LDAP.
So we check if it is enabled before showing the custom message.
2017-04-13 12:48:13 -07:00
Elliott Jin 1c0d58f897 test-backend: Raise zerver/views/auth.py test coverage to 100%. 2017-03-25 18:16:16 -07:00
Umair Khan 4442703011 jinja2: No need for custom render_to_response.
Django 1.10 has changed the implementation of this function to
match our custom implementation; in addition to this, we prefer
render().

Fixes #1914 via #4093.
2017-03-17 13:57:34 -07:00
Umair Khan 4e2311544f auth: Change render_to_response to render.
Related to #4093
2017-03-17 13:52:59 -07:00
Tim Abbott c2bee5a89b auth: Fix fetch_auth_backends to properly report supported methods.
This fixes 2 related issues:
* We incorrectly would report authentication methods that are
  supported by a server (but have been disabled for a given
  realm/subdomain) as supported.
* We did not return an error with an invalid subdomain on a valid
  Zulip server.
* We did not return an error when requesting auth backends for the
  homepage if SUBDOMAINS_HOMEPAGE is set.

Comes with complete tests.
2017-03-09 21:37:00 -08:00
Raghav Jajodia a3a03bd6a5 mypy: Added Dict, List and Set imports.
Fixed mypy errors associated with the upgrade.
2017-03-04 14:33:44 -08:00
K.Kanakhin d9b10727fa server-version: Add server version to api endpoints.
- Add server version to `fetch_initial_state_data`.
- Add server version to register event queue api endpoint.
- Add server version to `get_auth_backends` api endpoint.
- Change source for server version in `home` endpoint.
- Fix tests.

Fixes #3663
2017-02-28 14:22:01 -08:00
Tim Abbott eeca69cb4b mypy: Clean up more optional types. 2017-02-10 23:53:44 -08:00
Harshit Bansal 9f67f1ada7 DevAuthBackend: Improve the query for dev users.
This changes the query for DevAuthBackend so that the shakespearian
users are not omitted while limiting the number of extra users to be
rendered to something reasonable.

Fixes: #3578.
2017-02-06 21:59:31 -08:00
Rishi Gupta 92e8cad42a dev login page: Add all non-zulip users as community users.
We create a new realm and user when running populate_analytics_db.py, in a
realm that is neither 'zulip' nor 'simple'.
2017-02-01 16:10:11 -08:00
avisrivastava254084 762b84710e auth: Redirect users to home from /login if already logged in.
This makes various links in Zulip work a bit more reasonably for
already-logged-in users.

Fixes #3316.
2017-01-28 16:10:19 -08:00
Steve Howell 4be2d6577d Add a new community realm to our test databases.
The realm with string_id of "simple" just has three users
named alice, bob, and cindy for now.  It is useful for testing
scenarios where realms don't have special zulip.com exception
handling.
2017-01-26 19:25:34 -08:00
Tim Abbott 9640a9e864 lint: Clean up E712 PEP-8 rule. 2017-01-23 21:11:18 -08:00
Umair Khan 9fecbcecf5 subdomains: Don't show login page on root aliases. 2017-01-17 15:29:24 -08:00
Tim Abbott f3b5683e77 views: Rename __init__.py to zerver.views.registration.
This completes the cleanup process of eliminating functions in the
root zerver/views/__init__.py module.
2017-01-08 16:21:15 -08:00
Rishi Gupta 757297b72f Move find_my_team functions out of views/auth.py
The general __init__ file is a more natural home, and where other endpoints
(e.g. create_realm, etc) live.

Also changes forms.ValidationError to django.core.exceptions.ValidationError
to match the rest of the file/codebase.
2017-01-06 10:42:28 -08:00
Rishi Gupta e481fef9e1 Move find_team_email subject to a templates/ file. 2017-01-06 10:42:28 -08:00
Rishi Gupta 7cb5d26999 Rename find_team_email_html.txt to find_team_email.html. 2017-01-06 10:42:28 -08:00
Umair Khan f208813ea3 Add Find My Team feature. 2017-01-03 21:33:42 -08:00
Rishi Gupta d6e7014f06 Refactor views.create_homepage_form into its callers.
The indirection is no longer that useful, and obscures Django's conventional
style for calling a form.
2016-12-26 17:50:23 -08:00
Juan Verhook 535ce90272 mypy: Convert zerver/views to use typing.Text. 2016-12-26 13:43:09 -08:00
Umair Khan 8e30530cc5 subdomains: Make GitHub login work with subdomains.
Fixes #2501.
2016-12-14 11:09:39 -08:00
Umair Khan c7ec5a14ee Create redirect_to_main_site function.
This function is used in OAuth logins so that we can redirect first to
the root domain (e.g. zulipdev.com if subdomains are *.zulipdev.com).
2016-12-13 21:06:52 -08:00
AZtheAsian f7582f0050 pep8: Fix E124 violations 2016-12-01 14:18:11 -08:00
Umair Khan 1e91b946d9 Django 1.10: Sign google oauth requests using csrf token.
In Django 1.10, the get_token function returns a salted version of
csrf token which changes whenever get_token is called. This gives
us wrong result when we compare the state after returning from
Google authentication servers. The solution is to unsalt the token
and use that token to find the HMAC so that we get the same value
as long as t he token is same.
2016-11-10 16:20:03 +05:00
Rishi Gupta 64bcd71d6e models.Realm: Rename subdomain to string_id.
Does a database migration to rename Realm.subdomain to
Realm.string_id, and makes Realm.subdomain a property.  Eventually,
Realm.string_id will replace Realm.domain as the handle by which we
retrieve Realm objects.
2016-11-02 22:46:34 -07:00
Umair Khan 26646abe8c Authenticate subdomains using single Google OAuth entry.
Previously, we used to create one Google OAuth callback url entry
per subdomain. This commit allows us to authenticate subdomain users
against a single Google OAuth callback url entry.
2016-10-28 11:04:08 -07:00
Umair Khan 52acdd28bd Fix JWT code in the auth backend.
For some reason, we use 'load' function but it doesn't exist in the JWT
library code. This commit updates the code to use the correct interface
of the JWT library.

The signature verification is done by the decode function.
2016-10-26 14:40:56 -07:00
Tim Abbott 7b9d1a7824 auth: Simplify REALMS_HAVE_SUBDOMAINS redirect code.
This logic was just a duplicate on realm.uri, except that in the case
that subdomains are disabled, it preserves the host in the request.
2016-10-25 13:55:17 -07:00
hackerkid b5816bf99e Don't use zulipdev.com when subdomain support is disabled. 2016-10-25 13:52:13 -07:00
Tim Abbott 67d9e19ccf views: Split views/auth.py out of core views file. 2016-10-11 21:27:06 -07:00