chore: be more persuasive in deprecating twitter login backend

- always redirect user from map to their profile page when they used a deprecated backend to log in - change the Twitter image to make clear it is to be removed Co-authored-by: David Larlet <david@larlet.fr>
2025-04-28 19:42:36 +02:00 · 2025-03-03 18:21:02 +01:00 · 2025-03-03 18:21:02 +01:00 · 284ca8fd9c
commit 284ca8fd9c
parent 2cf3a4e6a3
5 changed files with 33 additions and 12 deletions
--- a/umap/middleware.py
+++ b/umap/middleware.py
@ -1,6 +1,12 @@
 from django.conf import settings
+from django.contrib import messages
+from django.contrib.auth import BACKEND_SESSION_KEY
 from django.core.exceptions import MiddlewareNotUsed
-from django.http import HttpResponseForbidden
+from django.http import (
+    HttpResponseForbidden,
+    HttpResponseRedirect,
+)
+from django.urls import reverse
 from django.utils.translation import gettext as _


@ -15,3 +21,26 @@ def readonly_middleware(get_response):
        return get_response(request)

    return middleware
+
+
+def deprecated_auth_backend(get_response):
+    def middleware(request):
+        backend = request.session.get(BACKEND_SESSION_KEY)
+        if backend in settings.DEPRECATED_AUTHENTICATION_BACKENDS:
+            name = backend.split(".")[-1]
+            messages.error(
+                request,
+                _(
+                    "Using “%(name)s” to authenticate is deprecated and will be "
+                    "removed soon. "
+                    "Please configure another provider below before losing access "
+                    "to your account and maps."
+                )
+                % {"name": name},
+            )
+            if "/map/" in request.path:
+                return HttpResponseRedirect(reverse("user_profile"))
+
+        return get_response(request)
+
+    return middleware
--- a/umap/settings/base.py
+++ b/umap/settings/base.py
@ -235,6 +235,7 @@ MIDDLEWARE = (
    "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
+    "umap.middleware.deprecated_auth_backend",
 )


--- a/umap/static/umap/img/providers/twitter-oauth2.png
+++ b/umap/static/umap/img/providers/twitter-oauth2.png
--- a/umap/templates/auth/user_form.html
+++ b/umap/templates/auth/user_form.html
@ -29,9 +29,9 @@
        <h3>
          {% trans "Your current providers" %}
        </h3>
-        <ul>
+        <ul class="login-grid block-grid">
          {% for name in providers %}
-            <li class="login-grid">
+            <li>
              {% with "umap/img/providers/"|add:name|add:".png" as path %}
               <img src="{% static path %}" width="92px" height="92px" alt="{{ name }}" />
              {% endwith %}
--- a/umap/views.py
+++ b/umap/views.py
@ -1423,14 +1423,5 @@ class LoginPopupEnd(TemplateView):
    def get(self, *args, **kwargs):
        backend = self.request.session[BACKEND_SESSION_KEY]
        if backend in settings.DEPRECATED_AUTHENTICATION_BACKENDS:
-            name = backend.split(".")[-1]
-            messages.error(
-                self.request,
-                _(
-                    "Using “%(name)s” to authenticate is deprecated. "
-                    "Please configure another provider in your profile page."
-                )
-                % {"name": name},
-            )
            return HttpResponseRedirect(reverse("user_profile"))
        return super().get(*args, **kwargs)