Commit 7c02ad7e authored by Linus Lewandowski's avatar Linus Lewandowski

Allow passing state thru the registration form.

parent babbc4d6
Pipeline #12255186 passed with stages
in 4 minutes 15 seconds
from django.conf import settings
from django.contrib.auth import REDIRECT_FIELD_NAME
from django.urls import reverse
......@@ -6,12 +7,20 @@ from six.moves.urllib.parse import urlencode
from ..token import auth_token
def password_reset_link(site, email, user):
def password_reset_link(site, email, user, **kwargs):
url = reverse('extauth:settings', args=[user.id])
if kwargs:
url += '?' + urlencode(kwargs)
url += "#reset"
token = auth_token(email)
return 'https://' + site.domain + reverse('extauth:login-by-email', args=[token]) + '?' + urlencode({
REDIRECT_FIELD_NAME: reverse('extauth:settings', args=[user.id]) + "#reset",
return settings.BASE_HOST + reverse('extauth:login-by-email', args=[token]) + '?' + urlencode({
REDIRECT_FIELD_NAME: url,
})
def finish_registration_by_email_link(site, email, user):
def finish_registration_by_email_link(site, email, user, **kwargs):
token = auth_token(email, user_id = str(user.id))
return 'https://' + site.domain + reverse('extauth:finish-registration-by-email', args=[token])
url = settings.BASE_HOST + reverse('extauth:finish-registration-by-email', args=[token])
if kwargs:
url += '?' + urlencode(kwargs)
return url
......@@ -21,6 +21,8 @@ class AuthRegisterForm(forms.Form):
given_name = forms.CharField(label=_("Given name"), required=False)
family_name = forms.CharField(label=_("Family name"), required=False)
state = forms.CharField(widget=forms.HiddenInput, required=False)
def process(self, request):
email = self.cleaned_data['email']
password = self.cleaned_data['password']
......@@ -32,6 +34,10 @@ class AuthRegisterForm(forms.Form):
site = get_current_site(request)
query = {}
if self.cleaned_data['state']:
query['state'] = self.cleaned_data['state']
try:
ei = ExternalIdentity.objects.get(email=email)
except ExternalIdentity.DoesNotExist:
......@@ -45,7 +51,7 @@ class AuthRegisterForm(forms.Form):
send_mail(email, 'registration/email/welcome', {
'user': user,
'email': email,
'confirm_email': finish_registration_by_email_link(site, email, user),
'confirm_email': finish_registration_by_email_link(site, email, user, **query),
}, request=request)
# Note: We can't log in here, as we can't log in in the 'else' case,
# and it would tell the attacker if this e-mail is in the database
......@@ -54,7 +60,7 @@ class AuthRegisterForm(forms.Form):
if ei.trusted:
send_mail(ei.email, 'registration/email/welcome-back', {
'user': ei.user,
'reset_password': password_reset_link(site, ei.email, ei.user),
'reset_password': password_reset_link(site, ei.email, ei.user, **query),
}, request=request)
else:
send_mail(ei.email, 'registration/email/welcome-back', {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment