def test_anon_decorator(self):
decorated_function = decorators.anonymous_required(
lambda request: request)
# anon
request = mock.Mock()
request.user.is_authenticated.return_value = False
response = decorated_function(request)
self.assertEqual(request,
response) # our "view" just returns the request
self.assertTrue(request.user.is_authenticated.called)
# logged in
request = mock.Mock()
request.user.is_authenticated.return_value = True
response = decorated_function(request)
self.assertEqual(response["Location"], reverse("user-home"))
self.assertTrue(request.user.is_authenticated.called)
# logged in & custom url
decorated_function = decorators.anonymous_required(
lambda request: request, "/some/url/")
request = mock.Mock()
request.user.is_authenticated.return_value = True
response = decorated_function(request)
self.assertEqual(response["Location"], "/some/url/")
def test_anon_decorator(self):
decorated_function = decorators.anonymous_required(lambda request: request)
# anon
request = mock.Mock()
request.user.is_authenticated.return_value = False
response = decorated_function(request)
self.assertEqual(request, response) # our "view" just returns the request
self.assertTrue(request.user.is_authenticated.called)
# logged in
request = mock.Mock()
request.user.is_authenticated.return_value = True
response = decorated_function(request)
self.assertEqual(response["Location"], reverse("user-home"))
self.assertTrue(request.user.is_authenticated.called)
# logged in & custom url
decorated_function = decorators.anonymous_required(lambda request: request, "/some/url/")
request = mock.Mock()
request.user.is_authenticated.return_value = True
response = decorated_function(request)
self.assertEqual(response["Location"], "/some/url/")
name='user-delete'),
urls.url(r'^username/$',
settings.UsernameChangeView.as_view(),
name='user-username'),
urls.url(r'^login/$', otp.login, name='user-login'),
urls.url(r'^logout/$',
auth_views.logout, {'next_page': '/'},
name='user-logout'),
# liberation app
urls.url(r'^liberate/', urls.include("liberation.urls")),
]
if dj_settings.ENABLE_REGISTRATION:
urlpatterns += [
urls.url(
r'^register/status/$',
anonymous_required(
TemplateView.as_view(
template_name='account/register/software-status.html')),
name='user-status'),
urls.url(r'^register/success/$',
anonymous_required(
TemplateView.as_view(
template_name='account/register/success.html')),
name='user-success'),
urls.url(r'^register/$',
anonymous_required(register.UserRegistrationView.as_view()),
name='user-registration'),
]
def get_context_data(self, **kwargs):
context = super(TwoFactorSetupView, self).get_context_data(**kwargs)
if self.steps.current == 'generator':
context["secret"] = self.request.session[self.session_key_name]
return context
def post(self, *args, **kwargs):
try:
return super(TwoFactorSetupView, self).post(*args, **kwargs)
except ValidationError:
raise SuspiciousOperation(
"ManagementForm data is missing or has been tampered.")
backup_view = elevate_required(
core.BackupTokensView.as_view(
template_name="account/twofactor-backup.html",
success_url="user-twofactor-backup"))
disable_view = elevate_required(
otp_required(
profile.DisableView.as_view(
template_name="account/twofactor-disable.html",
success_url="user-security")))
login = anonymous_required(LoginView.as_view())
setup_view = elevate_required(TwoFactorSetupView.as_view())
qrcode_view = elevate_required(core.QRGeneratorView.as_view())
twofactor_view = profile.ProfileView.as_view(
template_name="account/security.html")
urls.url(r'^security/password$', auth_views.password_change,
{
'template_name': 'account/password.html',
'post_change_redirect': reverse_lazy('user-security'),
'password_change_form': PlaceHolderPasswordChangeForm,
},
name='user-password',
),
urls.url(r'^security/sudo/$', sudo.views.sudo, {'form_class': PlaceHolderSudoForm}, name='user-sudo'),
urls.url(r'^security/setup/$', otp.setup_view, name='user-twofactor-setup'),
urls.url(r'^security/backup/$', otp.backup_view, name='user-twofactor-backup'),
urls.url(r'^security/disable/$', otp.disable_view, name='user-twofactor-disable'),
urls.url(r'^security/qrcode/$', otp.qrcode_view, name='user-twofactor-qrcode'),
urls.url(r'^security/$', otp.twofactor_view, name='user-security'),
urls.url(r'^delete/$', delete.AccountDeletionView.as_view(), name='user-delete'),
urls.url(r'^username/$', settings.UsernameChangeView.as_view(), name='user-username'),
urls.url(r'^login/$', otp.login, name='user-login'),
urls.url(r'^logout/$', auth_views.logout, {'next_page': '/'}, name='user-logout'),
# liberation app
urls.url(r'^liberate/', urls.include("liberation.urls")),
]
if dj_settings.ENABLE_REGISTRATION:
urlpatterns += [
urls.url(r'^register/status/$', anonymous_required(TemplateView.as_view(template_name='account/register/software-status.html')), name='user-status'),
urls.url(r'^register/success/$', anonymous_required(TemplateView.as_view(template_name='account/register/success.html')), name='user-success'),
urls.url(r'^register/$', anonymous_required(register.UserRegistrationView.as_view()), name='user-registration'),
]
qrcode_url = "user-twofactor-qrcode"
def done(self, *args, **kwargs):
out = super(TwoFactorSetupView, self).done(*args, **kwargs)
messages.success(self.request, _("Two factor authentication has been enabled on your account."))
return out
def get(self, request, *args, **kwargs):
"""A special GET request won't reset the wizard"""
if "qr" in request.GET:
return self.render(self.get_form())
else:
return super(TwoFactorSetupView, self).get(request, *args, **kwargs)
def get_context_data(self, **kwargs):
context = super(TwoFactorSetupView, self).get_context_data(**kwargs)
if self.steps.current == 'generator':
context["secret"] = self.request.session[self.session_key_name]
context["qr"] = int(self.request.GET.get("qr", "1"))
return context
backup_view = sudo_required(core.BackupTokensView.as_view(template_name="account/twofactor-backup.html", redirect_url="user-twofactor-backup"))
disable_view = sudo_required(profile.DisableView.as_view(template_name="account/twofactor-disable.html", redirect_url="user-security"))
login = anonymous_required(LoginView.as_view())
setup_view = sudo_required(TwoFactorSetupView.as_view())
qrcode_view = sudo_required(core.QRGeneratorView.as_view())
twofactor_view = profile.ProfileView.as_view(template_name="account/security.html")
