Ensure we send the CSRF token cookie on login.

Summary:
Before diff, a new user would be unable to perform any POST requests.

Added a login_success view to which we redirect right after login.
This approach also has the benefit that we can now redirect to the
page the user was on before logging in.

Test Plan: Cleared cookies, logged in, logging out now works

Reviewers: bmatican

Reviewed By: bmatican

Differential Revision: http://phab.code4fun.de/D10

.arcconfig

@@ -6,7 +6,6 @@
   ],
   "lint.engine": "DefaultLintEngine",
 
-  "lint.jshint.prefix": "/usr/local/bin",
   "lint.jshint.bin": "jshint",
   "lint.jshint.config": ".jshintconfig",
 

CodeStreak/contests/utils/tasks.py

@@ -50,15 +50,15 @@ def from_raw(cls, contest_id, user_id):
     instance.visible_tasks = instance.get_visible_tasks()
     return instance
 
-  
+
   def get_visible_tasks(self):
     if self.visible_tasks != []:
       return self.visible_tasks
     else:
       ids = self.get_visible_task_ids()
       return [self.task_by_id[id] for id in ids]
 
-    
+
   def get_visible_task_ids(self):
     if self.visible_task_ids != []:
       return self.visible_task_ids

CodeStreak/contests/views.py

@@ -5,6 +5,7 @@
 from django.http import HttpResponse, HttpResponseRedirect, Http404
 from django.shortcuts import render_to_response
 from django.utils.timezone import now
+from django.views.decorators.csrf import ensure_csrf_cookie
 
 import json
 
@@ -355,6 +356,12 @@ def login_view(request):
     messages.error(request, 'You need to login first.')
   return HttpResponseRedirect(url_reverse('contest-list'))
 
+@ensure_csrf_cookie
+def login_success_view(request):
+  url = url_reverse('contest-list')
+  if 'HTTP_REFERER' in request.META:
+    url = request.META['HTTP_REFERER']
+  return HttpResponseRedirect(url)
 
 @require_POST
 def logout_view(request):

CodeStreak/static/base/css/facebook.css

@@ -13,14 +13,14 @@
 
 #facebook_lightbox {
     position            : relative;
-    width               : 300px; 
-    background-color    : #fff; 
-    margin              : 200px auto; 
-    text-align          : center; 
-    padding             : 30px 20px;        
+    width               : 300px;
+    background-color    : #fff;
+    margin              : 200px auto;
+    text-align          : center;
+    padding             : 30px 20px;
     -moz-box-shadow     : 0px 0px 8px #000;
     -webkit-box-shadow  : 0px 0px 8px #000;
-    box-shadow          : 0px 0px 8px #000;    
+    box-shadow          : 0px 0px 8px #000;
     moz-border-radius   : 2px;
     border-radius       : 2px;
     z-index             : 1001;

CodeStreak/urls.py

@@ -14,6 +14,9 @@
   url(r'^facebook/', include('django_facebook.urls')),
   url(r'^accounts/login/$', 'CodeStreak.contests.views.login_view',
       name='auth_login'),
+  url(r'^accounts/login/success/$',
+      'CodeStreak.contests.views.login_success_view',
+      name='auth_login_success'),
   url(r'^accounts/logout/$', 'CodeStreak.contests.views.logout_view',
       name='auth_logout'),
 

CodeStreak/xhpy/base.py

@@ -1,6 +1,7 @@
 # Copyright 2012 Bogdan-Cristian Tataroiu
 
 from django.core.context_processors import csrf
+from django.core.urlresolvers import reverse as url_reverse
 from django.conf import settings
 from django.contrib import messages
 from django_facebook.models import FacebookProfile
@@ -145,7 +146,9 @@ def render(self):
             <li>
                 <form action="/facebook/connect/?facebook_login=1"
                     method="post">
-                    <input type="hidden" value="/" name="next" />
+                    <input type="hidden"
+                        value={url_reverse('auth_login_success')}
+                        name="next" />
                     <button id="facebook-button" type="button"
                         class="btn btn-primary pull-right"
                         data-loading-text="Loading..."

README.md

@@ -1,2 +1,2 @@
 CodeStreak
-==========
+==========

TODO

@@ -1,3 +0,0 @@
--- Ajax for contest status (refresh page on state change)
-
--- ticks for log entries for shots