django-lazysignup is a package designed to allow users to interact with a site as if they were authenticated users, but without signing up. At any time, they can convert their temporary user account to a real user account.

danfairs, updated 🕥 2023-01-25 03:56:50

.. image:: https://img.shields.io/badge/build-passing-brightgreen.svg

Introduction

django-lazysignup is a package designed to allow users to interact with a site as if they were authenticated users, but without signing up. At any time, they can convert their temporary user account to a real user account.

Read the full documentation_.

.. _Read the full documentation: http://django-lazysignup.readthedocs.org/

Issues

Make package work for Django 4.0 w/ compatibility code

opened on 2023-01-25 03:56:49 by bittner

django-lazysignup fails to run (at least) since Django 4.0, mostly due to code removed from the Django code base, what was announced since Django 3.1. This PR provides the fixes.

The changes are almost certainly backward-compatible. Ideally, tests should confirm that, though. You may want to use a modernized CI setup for that, like the one contributed with #69.

Update to Django 4.0

opened on 2021-12-20 10:47:50 by blag

This PR removes a few features deprecated and removed in Django 4.0, and updates the Travis configuration.

Django 3.0.5 compatibility problem

opened on 2020-04-12 11:52:19 by silvioBi

Hello I'm using Django 3.0.5 and django.utils.decorators.available_attrs is not supported anymore but it is used in lazysignup/decorators.py. I have substituted it with WRAPPER_ASSIGNMENTS as suggested in the docs and this it works fine: ```python from functools import wraps

from django.conf import settings from django.contrib.auth import SESSION_KEY from django.contrib.auth import authenticate from django.contrib.auth import get_user from django.contrib.auth import login from django.shortcuts import redirect from functools import WRAPPER_ASSIGNMENTS

from lazysignup.constants import USER_AGENT_BLACKLIST from lazysignup.utils import is_lazy_user

ALLOW_LAZY_REGISTRY = {}

def allow_lazy_user(func): def wrapped(request, args, *kwargs): assert hasattr(request, 'session'), ("You need to have the session " "app installed") if getattr(settings, 'LAZYSIGNUP_ENABLE', True): # If the user agent is one we ignore, bail early ignore = False request_user_agent = request.META.get('HTTP_USER_AGENT', '') for user_agent in USER_AGENT_BLACKLIST: if user_agent.search(request_user_agent): ignore = True break

        # If there's already a key in the session for a valid user, then
        # we don't need to do anything. If the user isn't valid, then
        # get_user will return an anonymous user
        if get_user(request).is_anonymous and not ignore:
            # If not, then we have to create a user, and log them in.
            from lazysignup.models import LazyUser
            user, username = LazyUser.objects.create_lazy_user()
            request.user = None
            user = authenticate(username=username)
            assert user, ("Lazy user creation and authentication "
                          "failed. Have you got "
                          "lazysignup.backends.LazySignupBackend in "
                          "AUTHENTICATION_BACKENDS?")
            # Set the user id in the session here to prevent the login
            # call cycling the session key.
            request.session[SESSION_KEY] = user.id
            login(request, user)
    return func(request, *args, **kwargs)

return wraps(func)(wrapped)

def require_lazy_user(redirect_args, redirect_kwargs): def decorator(func): @wraps(func, assigned=WRAPPER_ASSIGNMENTS) def inner(request, args, kwargs): if is_lazy_user(request.user): return func(request, *args, kwargs) else: return redirect(redirect_args, *redirect_kwargs) return inner return decorator

def require_nonlazy_user(redirect_args, redirect_kwargs): def decorator(func): @wraps(func, assigned=WRAPPER_ASSIGNMENTS) def inner(request, args, kwargs): if not is_lazy_user(request.user): return func(request, *args, kwargs) else: return redirect(redirect_args, *redirect_kwargs) return inner return decorator

``` Sorry if I might have missed something or not used the right format but be patient this is the first issue that I open. Hope it helped :)

Wrong user-agent check in LAZYSIGNUP_USER_AGENT_BLACKLIST for Yandex

opened on 2019-08-01 10:36:12 by LosYear

django-lazysignup uses LAZYSIGNUP_USER_AGENT_BLACKLIST with default value: DEFAULT_BLACKLIST = ( 'slurp', 'googlebot', 'yandex', 'msnbot', 'baiduspider', ) and it works good with all search engines except Yandex. According to yandex documentation it has a lot of search bots and all of user-agents start with Yandex but this company also has own browser and search app. And on Android its user-agent looks like: 'Mozilla/5.0 (Linux; Android 7.1.1; ONEPLUS A5000 Build/NMF26X; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/70.0.3538.110 Safari/537.36 YandexSearch/8.70/apad YandexSearchBrowser/8.70' and contains the word Yandex. So its wrongly interpreted as search bot and the user doesn't get an authorization. I think you should replace yandex with yandexbot

authenticate passing the current request to the backends that need it

opened on 2019-06-25 21:05:13 by nschlemm

e.g. https://django-axes.readthedocs.io/en/latest/3_usage.html#authenticating-users

Otherwise that will fail with AxesBackendRequestParameterRequired('AxesBackend requires a request as an argument to authenticate')

Avoid username collision

opened on 2019-03-03 20:46:33 by MattFanto

avoid possible username collisions when creating lazy users

Dan Fairs

CTO @ Condense

GitHub Repository