From 284ca8fd9c295e5724601334bd9fbd8b2199edc3 Mon Sep 17 00:00:00 2001
From: Yohan Boniface <yohanboniface@free.fr>
Date: Mon, 3 Mar 2025 18:21:02 +0100
Subject: [PATCH] chore: be more persuasive in deprecating twitter login
 backend

- always redirect user from map to their profile page when they
  used a deprecated backend to log in
- change the Twitter image to make clear it is to be removed

Co-authored-by: David Larlet <david@larlet.fr>
---
 umap/middleware.py                            |  31 +++++++++++++++++-
 umap/settings/base.py                         |   1 +
 .../umap/img/providers/twitter-oauth2.png     | Bin 545 -> 1589 bytes
 umap/templates/auth/user_form.html            |   4 +--
 umap/views.py                                 |   9 -----
 5 files changed, 33 insertions(+), 12 deletions(-)

diff --git a/umap/middleware.py b/umap/middleware.py
index ffe01ebf..5312c551 100644
--- a/umap/middleware.py
+++ b/umap/middleware.py
@@ -1,6 +1,12 @@
 from django.conf import settings
+from django.contrib import messages
+from django.contrib.auth import BACKEND_SESSION_KEY
 from django.core.exceptions import MiddlewareNotUsed
-from django.http import HttpResponseForbidden
+from django.http import (
+    HttpResponseForbidden,
+    HttpResponseRedirect,
+)
+from django.urls import reverse
 from django.utils.translation import gettext as _
 
 
@@ -15,3 +21,26 @@ def readonly_middleware(get_response):
         return get_response(request)
 
     return middleware
+
+
+def deprecated_auth_backend(get_response):
+    def middleware(request):
+        backend = request.session.get(BACKEND_SESSION_KEY)
+        if backend in settings.DEPRECATED_AUTHENTICATION_BACKENDS:
+            name = backend.split(".")[-1]
+            messages.error(
+                request,
+                _(
+                    "Using “%(name)s” to authenticate is deprecated and will be "
+                    "removed soon. "
+                    "Please configure another provider below before losing access "
+                    "to your account and maps."
+                )
+                % {"name": name},
+            )
+            if "/map/" in request.path:
+                return HttpResponseRedirect(reverse("user_profile"))
+
+        return get_response(request)
+
+    return middleware
diff --git a/umap/settings/base.py b/umap/settings/base.py
index 5d6c5930..ecb51326 100644
--- a/umap/settings/base.py
+++ b/umap/settings/base.py
@@ -235,6 +235,7 @@ MIDDLEWARE = (
     "django.middleware.csrf.CsrfViewMiddleware",
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
+    "umap.middleware.deprecated_auth_backend",
 )
 
 
diff --git a/umap/static/umap/img/providers/twitter-oauth2.png b/umap/static/umap/img/providers/twitter-oauth2.png
index b263eac1a33fc36727230b12642e000c4d3c4f3a..93a90fc3224d0d92a9dfff33518406d6a909fb0b 100644
GIT binary patch
delta 1551
zcmV+q2Jrcz1hov1Bnkm@Qb$4nuFf3kks%m=bx=%HMMrQ<fe;je5ESVgBmw{c=o};n
z0RieACF2|;>K!Ev0Rib8Bpd?-=o};f008M6Bmn>bAOr=j6&vXsBsc~LQ3?!^5*O$k
zBxno}dJhxo9VLqq7Qz=Em=YN293-k08@(4E>K!G{86fH%CD<Aw<s2mH9VN0CF$MsC
z001U*QchC<1`Zt{E<Zp_S6X3eZgzTrh>DGoo1LSit+uwiy~)Yd-sA1<_?zuXfdBvn
zCrLy>RCwC$nCp(SDins*dZq|gsi1=(!n*%U+@j-r?Ht-^_TKsa_#{o6HhEaQT`r8l
z!NI}7!NI}7-zJRWIF7>qLmj1M<tfvD=+A1el=k4Kw4yubG+e)m%k%|z8vj^!NpC5m
zF!meqm7nrvoSNvFJFd?06Zg)!^czW|jPw(DQ1FD5((mnIO21OGOSg!prYAXp?y=gJ
z=k4EaiGHGG$^yVVHYi7=$>%A0B0tlGD*h@jKb0(va{$xZ^@=gU*{MJyWKZOO@Aajh
zi-@Z`v2|dzmRt<-lAnCzB$xnsTKPu#srYmk56XZuR!hMLDMed`?^`1U^bgE;yRXvt
zv%D3`I;*u7On5P?Y318}0~hmrdfF}D>BBQu#sPp)gAiN}yrmx8jC;^I>LGvD=XaeP
z`|N!u8vyWGh+z@eTSBxoZtRkOVB<sxG*5H6r8=LNPM)EEdlw6~n%SVN<F&o1HN*vs
z;qOat`P#`&zg;fkLtHb}8gL+6`gYqOsF<FG9;Ulk8f)AZ^00;MVa8h9GH!uWdWD{R
zM3LnAV|NrsVOp)1h;>HFRV+7g&A6AtVqK6<Qd;)&*zHk7C?WWv+=u*sW&xa4lKW2H
zvhXhs##@bB<-!?C(|*c=4+w$>6Ch0TH|vbnnzJ<vFZLp>HKVn0tuNV1vFKZ)+bV9R
zo6w7*hvZwapUFM$0F2;5$US6lXU=M{HPue|m8=E5ylcm+xPbAL@4^H(fWHy@nLNXs
z=NEqS@72;8NvT?-76cuCR%z=%_$4LCb9kEE49#w7kn2BZfxB@L_XHIMB3JIS*pOf}
z@U>zE%J0DcWMB=QgDr!w=|~o>mJAb=%;TLqA6?&IL{N?wdlv0OL=S%FEz^t+T2k&b
zt*vA0l8Ux9t({4OAlf#L2`&oUjAL^rpXRQ}GqlcRU%{zdq+qpw14b3-)~}^(+gj67
z?S`#n<3Dh^%?3mWDiG=C8C;*;$-6N@1m{V(r8f0VNx9NgfTYZVm8}m#P~(JeKQ^%1
zT0OMu5uFr-U@xAg3HlCu%PnLsn$sSC4}CW`X{{~gi;%Y3fniiRMU|D50e}-elZBRF
z7I9v5;|MVK*hl|=89b9>m!IZ7%%Klr<Mg`oRj>U&$utbK)@tjcma#!zmykQ0_j6Bv
zy6%&C%=2A7_DM8NdE9~1)=AnbP7SnFgLAsx4<q4EAfd(?pf7@x&*BHd(G__A+|4NH
z;93bVlvz_VFv6IY)?Dz-yk1^n&=wp_9SVcTbb!eo7ja#GfZZG2dSiJh>zw!)z=Pn7
zGp6jK)_D>IPeHCjNwAT*DNLs6Obtj0J_yF!ck!@|ULl<|imwOrb58SApnWKgE(`i8
zuM~ha>?Y)abETwSM^F3Z*5*;@i2TW@St>upweMulDi%U2ZNN&l&xR@uen;a7Ieqlb
z+|M`&;&RP@LU1qE$^a<k&y1Zk{G~jH9%aF9$3^1bV|0~1WVIdpir4qI&%rM_&2yIB
z1?2|<D)2>H05D4UieGi_^ix5?4{?DqR1~D2*OCWDzfi`(@4+KM+eFL~yogaZ0l=)~
zKG`4C{giCPMG>ttIm5UE05^7*nto6EiraVhls9>Lo}tE{NYm6^%5z1($KQFrMh7Iv
zxB+llU+b!(KT-L(Uj$7PIDd*}X<5-n>M(ej2#q7&W^x#p)eGvEiGBHB%;~QF_x@#p
zbM?-75qtB0N4Pygcz=oz9#2#b4h{|u4i5ez{{YW@sPkcJ^pOAn002ovPDHLkV1ih!
B@E-sG

delta 501
zcmdnWvyf$i%0xradi4OG5LfpC9|j^oU9T1!P#I52kY6wZ_ZMm76@mLEJj%Tk%-NC3
zz`)qy>EaktaqI03&%DD1JgfnJk5umc-;>KMk}Gg~;v1HmFLd|*P|~=>eQ=Y`X&_pz
z*v+9_zlU)-t6;0@|G8|B1<DfL{=Vwm?tiOD>9%ND!Rr4~i<bl%@C3iwG&#3)y>w{k
zA&d35{M^^;_8IW3ExR=Jm7r;wZ=2zr*U>Mot&~0!&EM)M^R;=-!+8O@GqSC|-=8J&
zE+tp__|AFvTTcIV&0ln6XXeeW<6+T#zy9WEEYg&3Gq<S!l%utxnoIdW=ZA%r%ktip
z+0{IF6(?}+)QgbCHF`F?mS0^lhx`5Zz0xjR!BM^(jhd0dR)<RB)82iqU8?PKC~R?4
zqS*G2qO*?sJ#Mz}&sDi6@N8j61<%^&HfBnzmiIjDsYyQGxOQGP$8(RK|6$KE*C$UY
zn776135WQHhilB+va<uWTzn%E_kIs&Ov|TjyDGP<K26{Jk=?uMes|xI%{OnJsS0?z
zP_1B|*{ax-t^(Gq?!Bu-9~ya9pWyd)tl$mIw{6<z`sJC{k5B3?(#O8efrM;&En_RM
Vvyas0uv}2Adb;|#taD0e0sv_K+>-zR

diff --git a/umap/templates/auth/user_form.html b/umap/templates/auth/user_form.html
index 3ffe9852..6870e4db 100644
--- a/umap/templates/auth/user_form.html
+++ b/umap/templates/auth/user_form.html
@@ -29,9 +29,9 @@
         <h3>
           {% trans "Your current providers" %}
         </h3>
-        <ul>
+        <ul class="login-grid block-grid">
           {% for name in providers %}
-            <li class="login-grid">
+            <li>
               {% with "umap/img/providers/"|add:name|add:".png" as path %}
                <img src="{% static path %}" width="92px" height="92px" alt="{{ name }}" />
               {% endwith %}
diff --git a/umap/views.py b/umap/views.py
index deeffb6e..a5c67dca 100644
--- a/umap/views.py
+++ b/umap/views.py
@@ -1423,14 +1423,5 @@ class LoginPopupEnd(TemplateView):
     def get(self, *args, **kwargs):
         backend = self.request.session[BACKEND_SESSION_KEY]
         if backend in settings.DEPRECATED_AUTHENTICATION_BACKENDS:
-            name = backend.split(".")[-1]
-            messages.error(
-                self.request,
-                _(
-                    "Using “%(name)s” to authenticate is deprecated. "
-                    "Please configure another provider in your profile page."
-                )
-                % {"name": name},
-            )
             return HttpResponseRedirect(reverse("user_profile"))
         return super().get(*args, **kwargs)