This callback can prevent new users from being created based on specific
criteria. The plugin is defined in settings.py, so it can be any python
code. For example, it can look up in a specific table if this user is
supposed to be allowed to log in at all.
This sample is used across most of our other sites, so add functionality
to install without having a local master repo.
Back-patch of pgeu commit 3e4d8c9101c2d309b134c2f5638aa40db8ef2cf5
This has been in standard python since 2.6, and we don't really care
about supporting anything older than that (even our old and soon to
be upgraded environments use 2.7)
Instead of raising an exception which will cause both a server log
and an email to be sent, return a proper http 400 message when the
incoming authentication request is bad. This will also show the
proper error message to the client, instead of a generic internal
server error.
This lets downstream systems securely search for users that are in
the system, so they can populate their local database with users
before they have logged in if necessary. This can be used for example
for the commitfest management system to be able to flag users as
authors and reviewers even before they have logged in.
This makes it possible to pass URLs that will fail when they end up being double
escaped in some cases, since they contain non-url-safe characters. Instead, they'd
be base64-encoded, and thus safe.
Also update the django community auth provider to do just this, including encrypting
the data with the site secret key to make sure it can't be changed/injected by
tricking the user to go directly to the wrong URL.
In order to provide a consistent user experience, we must sign the
user out from the main website if the community site provides a logout
button - else that button will appear not to work...
