0003-wip-keep-redirect-behaviour.patch
src/authentic2/forms/honeypot.py | ||
---|---|---|
29 | 29 |
class HoneypotForm(Form): |
30 | 30 |
robotcheck = BooleanField(widget=HoneypotInput, required=False) |
31 | 31 | |
32 |
def clean(self): |
|
33 |
if self.cleaned_data.get('robotcheck'): |
|
34 |
raise ValidationError( |
|
35 |
mark_safe( |
|
36 |
_('<b>Your registration request is refused.</b> Indeed your browser checked \ |
|
37 |
an hidden anti-robot checkbox on the registration form. A browser extension may produce \ |
|
38 |
this behaviour, in this case disable the extension and try agin.'))) |
|
39 |
return super().clean() |
|
32 |
def is_robot(self): |
|
33 |
return hasattr(self, 'cleaned_data') and self.cleaned_data.get('robotcheck') |
src/authentic2/forms/registration.py | ||
---|---|---|
19 | 19 |
from django.contrib.auth import get_user_model |
20 | 20 |
from django.core.exceptions import ValidationError |
21 | 21 |
from django.utils.translation import ugettext_lazy as _, ugettext |
22 |
from django.forms import Form |
|
23 | 22 | |
24 | 23 |
from django.contrib.auth.models import BaseUserManager, Group |
25 | 24 |
src/authentic2/templates/registration/registration_complete.html | ||
---|---|---|
6 | 6 |
{% endblock %} |
7 | 7 | |
8 | 8 |
{% block content %} |
9 |
{% if 'robot' in request.GET %} |
|
10 |
<p>{% blocktrans %}<strong>Your registration request is refused.</strong> Indeed your browser checked an hidden anti-robot checkbox on the registration form. A browser extension may produce this behaviour, in this case disable the extension and try again.{% endblocktrans %}</p> |
|
11 |
{% else %} |
|
9 | 12 |
{% block instructions %} |
10 |
<p><strong> |
|
11 | 13 |
{% blocktrans with email=request.session.registered_email %} |
12 | 14 |
An email was sent to {{ email }}. |
13 | 15 |
{% endblocktrans %} |
... | ... | |
33 | 35 |
{% endblocktrans %} |
34 | 36 |
</p> |
35 | 37 |
{% endblock %} |
38 |
{% endif %} |
|
36 | 39 |
{% block back %} |
37 | 40 |
<p><a href="{{ next_url }}">{% trans "Back" %}</a></p> |
38 | 41 |
{% endblock %} |
src/authentic2/views.py | ||
---|---|---|
829 | 829 |
return super(BaseRegistrationView, self).dispatch(request, *args, **kwargs) |
830 | 830 | |
831 | 831 |
def form_valid(self, form): |
832 |
if form.is_robot(): |
|
833 |
return utils.redirect(self.request, 'registration_complete', |
|
834 |
params={ |
|
835 |
REDIRECT_FIELD_NAME: self.next_url, |
|
836 |
'robot': 'on', |
|
837 |
}) |
|
832 | 838 |
email = form.cleaned_data.pop('email') |
833 | 839 | |
834 | 840 |
# if an email has already been sent, warn once before allowing resend |
tests/test_registration.py | ||
---|---|---|
830 | 830 |
'csrfmiddlewaretoken': response.context['csrf_token'], |
831 | 831 |
'robotcheck': 'a', |
832 | 832 |
}) |
833 |
assert len(mailoutbox) == 0
|
|
833 |
response = response.follow()
|
|
834 | 834 |
assert 'Your registration request is refused' in response |
835 |
- |