From c53bd058a525f34222f3a861e16bff3097a373ca Mon Sep 17 00:00:00 2001 From: Arron Schaar Date: Mon, 9 Jan 2012 11:55:50 -0800 Subject: [PATCH 1/2] bug fix to handle when email address changes on amo --- apps/person/views.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/apps/person/views.py b/apps/person/views.py index b42adc39..8ce50ba4 100644 --- a/apps/person/views.py +++ b/apps/person/views.py @@ -120,10 +120,11 @@ def browserid_authenticate(request, assertion): email = result['email'] amouser = AMOAuthentication.auth_browserid_authenticate(email) + if amouser == None: return (None,None) - - users = User.objects.filter(email=email) + + users = User.objects.filter(username=amouser['id']) if len(users) == 1: try: profile = users[0].get_profile() @@ -131,9 +132,8 @@ def browserid_authenticate(request, assertion): profile = Profile(user=users[0]) profile.user.backend = 'django_browserid.auth.BrowserIDBackend' return (profile, None) - - username = amouser['id'] - user = User.objects.create(username=username, email=email) + + user = User.objects.create(username=amouser['id'], email=email) profile = Profile(user=user) profile.user.backend = 'django_browserid.auth.BrowserIDBackend' From 1aa0b0276c1cc7fc66fd05d6fa21d3fd9f44178a Mon Sep 17 00:00:00 2001 From: Arron Schaar Date: Mon, 9 Jan 2012 13:54:50 -0800 Subject: [PATCH 2/2] merged zaluns code that had tests and change to update_from_AMO --- apps/person/models.py | 8 +++++++- apps/person/tests.py | 47 +++++++++++++++++++++++++++++++++++++++++++ apps/person/views.py | 21 +++++++++---------- 3 files changed, 64 insertions(+), 12 deletions(-) diff --git a/apps/person/models.py b/apps/person/models.py index 1b8eba23..c1b1c920 100644 --- a/apps/person/models.py +++ b/apps/person/models.py @@ -69,7 +69,13 @@ class Profile(models.Model): if row: for i in range(len(row)): data[columns[i]] = row[i] - + + if 'email' in data and self.user.email != data['email']: + log.info('User (%s) updated email (%s)' % ( + self.user.username, self.user.email)) + self.user.email = data['email'] + self.user.save() + if 'display_name' in data: if data['display_name']: names = data['display_name'].split(' ') diff --git a/apps/person/tests.py b/apps/person/tests.py index 89755f95..064c2923 100644 --- a/apps/person/tests.py +++ b/apps/person/tests.py @@ -5,8 +5,12 @@ person.urls from django.contrib.auth.models import User from django.core.urlresolvers import reverse from django.test import TestCase +from mock import Mock from nose.tools import eq_ +from waffle.models import Switch +from amo.authentication import AMOAuthentication +from django_browserid import auth from person.models import Profile @@ -43,3 +47,46 @@ class ProfileTest(TestCase): def test_fake_profile(self): resp = self.client.get(reverse('person_public_profile', args=['xxx'])) eq_(404, resp.status_code) + + +class BrowserIDLoginTest(TestCase): + + TESTEMAIL = 'jdoe@example.com' + + def setUp(self): + Switch.objects.create( + name='browserid-login', + active=True) + self.user = User.objects.create( + username='123', email=self.TESTEMAIL) + Profile.objects.create(user=self.user, nickname='jdoe') + + # Mocking BrowserIDBackend + class BIDBackend(): + def verify(self, assertion, site): + return {'email': assertion} + self.BIDBackend = auth.BrowserIDBackend + auth.BrowserIDBackend = BIDBackend + + def tearDown(self): + auth.BrowserIDBackend = self.BIDBackend + + def test_existing_user_login(self): + AMOAuthentication.auth_browserid_authenticate = Mock( + return_value={'id': '123'}) + response = self.client.post(reverse('browserid_login'), + {'assertion': self.TESTEMAIL}) + eq_(response.status_code, 200) + assert self.user.is_authenticated() + + def test_user_changed_email_on_AMO(self): + auth.BrowserIDBackend.verify = Mock(return_value={'email': 'some@example.com'}) + AMOAuthentication.auth_browserid_authenticate = Mock( + return_value={'id': '123', 'email': 'some@example.com'}) + response = self.client.post(reverse('browserid_login'), + {'assertion': 'some-assertion'}) + eq_(response.status_code, 200) + assert self.user.is_authenticated() + assert User.objects.filter(email='some@example.com') + self.assertRaises(User.DoesNotExist, + User.objects.get, email=self.TESTEMAIL) \ No newline at end of file diff --git a/apps/person/views.py b/apps/person/views.py index 8ce50ba4..9187c954 100644 --- a/apps/person/views.py +++ b/apps/person/views.py @@ -10,7 +10,7 @@ from django.http import Http404 from django import http from amo.authentication import AMOAuthentication -from django_browserid.auth import BrowserIDBackend +from django_browserid import auth as browserid_auth import waffle @@ -111,7 +111,7 @@ def browserid_authenticate(request, assertion): Verify a BrowserID login attempt. If the BrowserID assertion is good, but no account exists on flightdeck, create one. """ - backend = BrowserIDBackend() + backend = browserid_auth.BrowserIDBackend() result = backend.verify(assertion, settings.SITE_URL) if not result: @@ -120,24 +120,23 @@ def browserid_authenticate(request, assertion): email = result['email'] amouser = AMOAuthentication.auth_browserid_authenticate(email) - + if amouser == None: return (None,None) - - users = User.objects.filter(username=amouser['id']) + + users = User.objects.filter(username=amouser['id']) if len(users) == 1: try: profile = users[0].get_profile() except Profile.DoesNotExist: profile = Profile(user=users[0]) - profile.user.backend = 'django_browserid.auth.BrowserIDBackend' - return (profile, None) + profile.user.save() + else: + user = User.objects.create(username=amouser['id'], email=email) + profile = Profile(user=user) + profile.user.save() - user = User.objects.create(username=amouser['id'], email=email) - - profile = Profile(user=user) profile.user.backend = 'django_browserid.auth.BrowserIDBackend' - profile.user.save() profile.update_from_AMO(amouser) return (profile, None)