Enhanced login flow

[soyapark]

No description provided.

[lukesmurray]

Enhanced Login Flow

Updates from #191

• enhanced login flow
  • editor should redirect to login if user is not logged in
  • login should redirect to editor if user is logged in
    • find a way to pass "?next=/editor" to login
  • STRETCH would be nice if after activation user was just logged in
  • After login user should be redirected to email auth screen
  • once email auth is given user should be taken to the editor
  • Should we add some help text to the auth screen? What would it be?
  • What is a good place for _is_imap_authenticated in views.py

Design Decisions

I added one url to http_handler/urls.py, r'^email_auth'. This url is
attachhed to browser.views.authorize_email and renders browser/templates/youps/authorize_email.html.

The new url solely exists to authorize imap. The user must grant oauth or
plain text password permissions.

I added two redirects to the editor. If the user is not logged in the editor
redirects to the url name='auth_login'. If the user is logged in but does
not have an imap account or their imap account is not authenticated then the
editor redirects to name='email_auth'.

Because the user is always redirected to the correct place almost any code
can now redirect to the editor and the user should end up in the correct place.
The simplest example is the user clicking the YouPS logo.

Future Work

We should remove some of the old code for email authorization. The following
url is deprecated along with its view.
url(r'^login_imap', 'browser.views.login_imap'),

Any javascript code referencing btn_login or btn-login is now deprecated.

The <form id="login-email-form"> in browser/templates/youps/login_email.html
is now deprecated.