refactor(account): Extract login

Author: pennersr

allauth/account/authentication.py

@@ -38,3 +38,7 @@ def record_authentication(request, method, **extra_data):
     }
     methods.append(data)
     request.session[AUTHENTICATION_METHODS_SESSION_KEY] = methods
+
+
+def get_authentication_records(request):
+    return request.session.get(AUTHENTICATION_METHODS_SESSION_KEY, [])

allauth/account/forms.py

@@ -8,7 +8,6 @@
 from django.utils.safestring import mark_safe
 from django.utils.translation import gettext, gettext_lazy as _, pgettext
 
-from allauth.account.authentication import record_authentication
 from allauth.account.internal import flows
 
 from ..utils import (
@@ -19,12 +18,11 @@
 from . import app_settings
 from .adapter import get_adapter
 from .app_settings import AuthenticationMethod
-from .models import EmailAddress
+from .models import EmailAddress, Login
 from .utils import (
     assess_unique_email,
     filter_users_by_email,
     get_user_model,
-    perform_login,
     setup_user_email,
     sync_user_email_addresses,
     url_str_to_user_pk,
@@ -202,18 +200,12 @@ def clean(self):
 
     def login(self, request, redirect_url=None):
         credentials = self.user_credentials()
-        extra_data = {
-            field: credentials.get(field)
-            for field in ["email", "username"]
-            if field in credentials
-        }
-        record_authentication(request, method="password", **extra_data)
-        ret = perform_login(
-            request,
-            self.user,
+        login = Login(
+            user=self.user,
             redirect_url=redirect_url,
             email=credentials.get("email"),
         )
+        ret = flows.login.perform_password_login(request, credentials, login)
         remember = app_settings.SESSION_REMEMBER
         if remember is None:
             remember = self.cleaned_data["remember"]

allauth/account/internal/flows/__init__.py

@@ -1,4 +1,8 @@
-from allauth.account.internal.flows import password_change, password_reset
+from allauth.account.internal.flows import (
+    login,
+    password_change,
+    password_reset,
+)
 
 
-__all__ = ["password_reset", "password_change"]
+__all__ = ["password_reset", "password_change", "login"]

allauth/account/internal/flows/login.py

@@ -0,0 +1,55 @@
+from allauth.account.adapter import get_adapter
+from allauth.account.authentication import record_authentication
+from allauth.core.exceptions import ImmediateHttpResponse
+
+
+def _get_login_hook_kwargs(login):
+    """
+    TODO: Just break backwards compatibility and pass only `login` to
+    `pre/post_login()`.
+    """
+    return dict(
+        email_verification=login.email_verification,
+        redirect_url=login.redirect_url,
+        signal_kwargs=login.signal_kwargs,
+        signup=login.signup,
+        email=login.email,
+    )
+
+
+def perform_password_login(request, credentials, login):
+    extra_data = {
+        field: credentials.get(field)
+        for field in ["email", "username"]
+        if credentials.get(field)
+    }
+    record_authentication(request, method="password", **extra_data)
+    return perform_login(request, login)
+
+
+def perform_login(request, login):
+    adapter = get_adapter()
+    hook_kwargs = _get_login_hook_kwargs(login)
+    response = adapter.pre_login(request, login.user, **hook_kwargs)
+    if response:
+        return response
+    return resume_login(request, login)
+
+
+def resume_login(request, login):
+    from allauth.account.stages import LoginStageController
+
+    adapter = get_adapter()
+    ctrl = LoginStageController(request, login)
+    try:
+        response = ctrl.handle()
+        if response:
+            return response
+        adapter.login(request, login.user)
+        hook_kwargs = _get_login_hook_kwargs(login)
+        response = adapter.post_login(request, login.user, **hook_kwargs)
+        if response:
+            return response
+    except ImmediateHttpResponse as e:
+        response = e.response
+    return response

allauth/account/internal/flows/password_change.py

@@ -1,8 +1,8 @@
 from django.contrib import messages
+from django.contrib.auth import update_session_auth_hash
 
-from allauth.account import signals
+from allauth.account import app_settings, signals
 from allauth.account.adapter import get_adapter
-from allauth.account.utils import logout_on_password_change
 
 
 def change_password(user, password):
@@ -35,3 +35,11 @@ def finalize_password_set(request, user):
         request=request,
         user=user,
     )
+
+
+def logout_on_password_change(request, user):
+    # Since it is the default behavior of Django to invalidate all sessions on
+    # password change, this function actually has to preserve the session when
+    # logout isn't desired.
+    if not app_settings.LOGOUT_ON_PASSWORD_CHANGE:
+        update_session_auth_hash(request, user)

allauth/account/models.py

@@ -209,19 +209,27 @@ def from_key(cls, key):
 class Login:
     """
     Represents a user that is in the process of logging in.
+
+    Keyword arguments:
+
+    signup -- Indicates whether or not sending the
+    email is essential (during signup), or if it can be skipped (e.g. in
+    case email verification is optional and we are only logging in).
     """
 
     def __init__(
         self,
         user,
-        email_verification,
+        email_verification=None,
         redirect_url=None,
         signal_kwargs=None,
         signup=False,
         email=None,
         state=None,
     ):
         self.user = user
+        if not email_verification:
+            email_verification = app_settings.EMAIL_VERIFICATION
         self.email_verification = email_verification
         self.redirect_url = redirect_url
         self.signal_kwargs = signal_kwargs

allauth/account/utils.py

@@ -4,7 +4,7 @@
 
 from django.conf import settings
 from django.contrib import messages
-from django.contrib.auth import get_user_model, update_session_auth_hash
+from django.contrib.auth import get_user_model
 from django.core.exceptions import FieldDoesNotExist
 from django.db import models
 from django.db.models import Q
@@ -13,8 +13,8 @@
 
 from allauth.account import app_settings, signals
 from allauth.account.adapter import get_adapter
+from allauth.account.internal import flows
 from allauth.account.models import Login
-from allauth.core.exceptions import ImmediateHttpResponse
 from allauth.utils import (
     get_request_param,
     import_callable,
@@ -63,14 +63,6 @@ def get_login_redirect_url(request, url=None, redirect_field_name="next", signup
 _user_display_callable = None
 
 
-def logout_on_password_change(request, user):
-    # Since it is the default behavior of Django to invalidate all sessions on
-    # password change, this function actually has to preserve the session when
-    # logout isn't desired.
-    if not app_settings.LOGOUT_ON_PASSWORD_CHANGE:
-        update_session_auth_hash(request, user)
-
-
 def default_user_display(user):
     if app_settings.USER_MODEL_USERNAME_FIELD:
         return getattr(user, app_settings.USER_MODEL_USERNAME_FIELD)
@@ -148,15 +140,6 @@ def perform_login(
     signup=False,
     email=None,
 ):
-    """
-    Keyword arguments:
-
-    signup -- Indicates whether or not sending the
-    email is essential (during signup), or if it can be skipped (e.g. in
-    case email verification is optional and we are only logging in).
-    """
-    if not email_verification:
-        email_verification = app_settings.EMAIL_VERIFICATION
     login = Login(
         user=user,
         email_verification=email_verification,
@@ -165,53 +148,11 @@ def perform_login(
         signup=signup,
         email=email,
     )
-    return _perform_login(request, login)
-
-
-def _perform_login(request, login):
-    # Local users are stopped due to form validation checking
-    # is_active, yet, adapter methods could toy with is_active in a
-    # `user_signed_up` signal. Furthermore, social users should be
-    # stopped anyway.
-    adapter = get_adapter()
-    hook_kwargs = _get_login_hook_kwargs(login)
-    response = adapter.pre_login(request, login.user, **hook_kwargs)
-    if response:
-        return response
-    return resume_login(request, login)
-
-
-def _get_login_hook_kwargs(login):
-    """
-    TODO: Just break backwards compatibility and pass only `login` to
-    `pre/post_login()`.
-    """
-    return dict(
-        email_verification=login.email_verification,
-        redirect_url=login.redirect_url,
-        signal_kwargs=login.signal_kwargs,
-        signup=login.signup,
-        email=login.email,
-    )
+    return flows.login.perform_login(request, login)
 
 
 def resume_login(request, login):
-    from allauth.account.stages import LoginStageController
-
-    adapter = get_adapter()
-    ctrl = LoginStageController(request, login)
-    try:
-        response = ctrl.handle()
-        if response:
-            return response
-        adapter.login(request, login.user)
-        hook_kwargs = _get_login_hook_kwargs(login)
-        response = adapter.post_login(request, login.user, **hook_kwargs)
-        if response:
-            return response
-    except ImmediateHttpResponse as e:
-        response = e.response
-    return response
+    return flows.login.resume_login(request, login)
 
 
 def unstash_login(request, peek=False):

allauth/socialaccount/helpers.py

@@ -106,6 +106,7 @@ def record_authentication(request, sociallogin):
 
 def _login_social_account(request, sociallogin):
     sociallogin._accept_login()
+    record_authentication(request, sociallogin)
     return perform_login(
         request,
         sociallogin.user,
@@ -232,7 +233,6 @@ def _complete_social_login(request, sociallogin):
     if request.user.is_authenticated:
         get_account_adapter(request).logout(request)
     if sociallogin.is_existing:
-        record_authentication(request, sociallogin)
         # Login existing user
         ret = _login_social_account(request, sociallogin)
     else: