def auth_callback(request):
"""
单点登录后的回调(由SSO服务器发起)
:param request:
:return:
"""
auth_token = request.POST.get("auth_token")
redirect = request.GET.get("redirect", settings.LOGIN_REDIRECT_URL)
error, user, user_info = SSOAuthBackend.authenticate(auth_token)
if not error:
try:
if not user: # 这种情况表明用户在其他site注册,并且首次登陆本site
role = Contants.ROLE_USER
if user_info is not None and user_info[
'admin'] is not None and request.get_host().lower(
) in user_info['admin'].lower():
role = Contants.ROLE_ADMIN
user = UserProfile(username=user_info['username'],
email=user_info['email'],
role=role)
user.save()
auth.login(request, user) # create session, write cookies
logined_users[auth_token] = user # 存入全局变量中
request.session["auth_token"] = auth_token # 存入session
return HttpResponseRedirect(redirect)
except Exception as e:
logger.info(str(e))
return HttpResponse('sso authenticate failed')
else:
raise PermissionDenied
def join(request):
"""注册"""
if request.POST.get('_method', '') == 'put':
username = request.POST.get('username', '')
email = request.POST.get('email','')
password = request.POST.get('password', '')
try:
user = User.objects.create_user(username=username,email=email,password=password)
profile = UserProfile(
user_id=str(user.id),
nickname=username,
email = email
)
profile.save()
except:
get_trace.print_trace()
resp = jsonresponse.creat_response(200)
data = {
'url': '/login/'
}
resp.data = data
return resp.get_response()
else:
return render_to_response('join.html', {})
def recalculate_reputation(profile: UserProfile):
comments = Comment.objects.filter(author=profile)
photos = Photo.objects.filter(author=profile)
reactions = Reaction.objects.filter(author=profile).count()
reputation = 0
for comment in comments:
reputation += comment.experience
for photo in photos:
reputation += photo.experience
reputation += reactions
items = Item.objects.filter(author=profile)
for item in items:
reputation += 5
if item.ratings.count() > 5:
reputation += 5
if item.comments.count() > 5:
reputation += 5
if item.photos.count() > 5:
reputation += 5
if item.flags > 5:
reputation -= 15
if 0 < item.flags <= 5:
reputation -= 5
profile.reputation = reputation
profile.save()
def handle(self, *args, **options):
print('Loading users')
user_file = os.path.join(FIXTURES_PATH, 'users.json')
with open(user_file, 'r') as f:
jdata = json.loads(f.read())
UserProfile.objects.all().delete()
for user in jdata['administratiors']:
profile = UserProfile()
profile.username = user['username']
profile.set_password(user['password'])
profile.publicname = user['username']
profile.is_staff = True
profile.is_superuser = True
profile.is_superuser = True
profile.save()
print('Creating ... %s' % user['username'])
for user in jdata['female']:
rez = requests.post(API_URL + 'account/registration',
json=user)
print(json.loads(rez.text)['message'])
for user in jdata['male']:
rez = requests.post(API_URL + 'account/registration',
json=user)
print(json.loads(rez.text)['message'])
def form_valid(self, form): # create a new user for this sponsor try: sp = transaction.savepoint() user = User(username = form.cleaned_data["sponsorUsername"]) baseContact = form.cleaned_data["sponsorContact"] user.first_name = baseContact.contactPersonFirstname user.last_name = baseContact.contactPersonSurname user.email = baseContact.contactPersonEmail user.save() profile = UserProfile(user = user) profile.authToken = id_generator(24) profile.save() sponsoring = Sponsoring() sponsoring.owner = user sponsoring.contact = baseContact sponsoring.package = form.cleaned_data["sponsorPackage"] sponsoring.adminComment = form.cleaned_data["internalComment"] sponsoring.save() self.object = sponsoring transaction.savepoint_commit(sp) except Exception as e: transaction.savepoint_rollback(sp) raise e return HttpResponseRedirect(self.get_success_url())
def get_profile(userobj):
try:
profile = UserProfile.objects.get(user=userobj)
except UserProfile.DoesNotExist:
profile = UserProfile(user=userobj)
profile.save()
return profile
def post(self, request, *args, **kwargs):
if request.method == "POST":
username = request.POST["username"]
email = request.POST["email"]
phone = request.POST["phone"]
password = request.POST["password"]
# role = int(request.POST["role"])
role = request.POST["role"]
branch = request.POST["branch"]
city = request.POST["city"]
country = request.POST["country"]
address = request.POST["address"]
user_data = User.objects.create(username=username,
email=email,
password=password)
user_data.set_password(user_data.password)
user_data.save()
# get_role = get_object_or_404(Role, id=role)
userprofile = UserProfile(userx=user_data,
phone=phone,
role=role,
branch=branch,
city=city,
country=country,
address=address,
created_dt=datetime.now(),
created_by=request.user)
userprofile.save()
return HttpResponseRedirect(reverse('account:CreateUserView'))
def create_user(username='******', email='*****@*****.**', password='******', first_name='John', last_name='Doe', job_title='scrum master', office='opendream', has_image=False, timezone='Asia/Bangkok'):
user = User.objects.create_user(username, email, password)
account = UserProfile(first_name=first_name, last_name=last_name, user=user, job_title=job_title, office=office, timezone=timezone)
if has_image:
account.image = DjangoFile(open('static/tests/avatar.png'), 'avatar.png')
account.save()
return user
def retrieve(request):
''' note that this requires an authenticated user before we try calling it '''
try:
profile=request.user.profile
except UserProfile.DoesNotExist:
profile=UserProfile(user=request.user)
profile.save()
return profile
def create(self, validated_data): """ Create and return a new 'User' instance, given the validated data """ user = User.objects.create_user(validated_data['username'], validated_data['email'], validated_data['password']) user.save() profile = UserProfile(user=user) profile.save() return user
def setUp(self):
# Every test needs a client.
self.client = Client()
password = make_password('admin', salt=None, hasher='default')
user = User(username='******', password=password, email='*****@*****.**')
user.save();
userprofile = UserProfile(user=user, usertype='4', department='admin', phone='admin')
userprofile.save()
self.client.login(username='******', password='******')
def init():
admin = User.objects.create_user(username="******", password="******")
admin.is_staff = True
admin.is_superuser = True
admin.save()
admin_profile = UserProfile(user=admin,name="최고관리자")
admin_profile.save()
staff = User.objects.create_user(username="******", password="******")
staff.is_staff = True
staff.save()
staff_profile = UserProfile(user=staff,name="일반회원")
staff_profile.save()
user = User.objects.create_user(username="******", password="******")
user.save()
profile = UserProfile(user=user,name="비회원")
profile.save()
board = Board(name="board", order=0)
board.save()
for i in range(45):
article = Article(
author=staff_profile,
title='title'+str(i),
board=board,
contents='contents',
notice=False,
read=0)
article.save()
def register(request):
if request.POST:
username = request.POST.get('org.username',None)
password = request.POST.get('password',None)
confirmpwd = request.POST.get('confirmpwd',None)
password = username
confirmpwd = username
email = request.POST.get('org.email',None)
role_name_str = request.POST.get('org.role_name', None)
department = request.POST.get('org.parent_organization_name',None)
phone = request.POST.get('phone',None)
'''验证重复帐号名'''
usernames = User.objects.filter(username__iexact=username)
'''验证重复email'''
emails = User.objects.filter(email__iexact=email)
if usernames:
return HttpResponse(simplejson.dumps({"statusCode":302, "navTabId":request.POST.get('navTabId','accountindex'), "callbackType":request.POST.get('callbackType',None), "message":u'用户名已经存在不能添加', "info":u'用户名已经存在不能添加',"result":u'用户名已经存在不能添加'}), mimetype='application/json')
'''验证两次输入密码是否一致'''
if password != confirmpwd:
return HttpResponse(simplejson.dumps({"statusCode":302, "navTabId":request.POST.get('navTabId','accountindex'), "callbackType":request.POST.get('callbackType',None), "message":u'两次密码输入不一致', "info":u'两次密码输入不一致',"result":u'两次密码输入不一致'}), mimetype='application/json')
if emails:
return HttpResponse(simplejson.dumps({"statusCode":302, "navTabId":request.POST.get('navTabId','accountindex'), "callbackType":request.POST.get('callbackType',None), "message":u'EMAIL已经存在不能添加', "info":u'EMAIL已经存在不能添加',"result":u'EMAIL已经存在不能添加'}), mimetype='application/json')
if password != None and password != '':
password = make_password(password, salt=None, hasher='default')
user = User(username=username, password=password, email=email)
else:
user = User(username=username, email=email)
user.save()
userprofile = UserProfile(user=user, department=department, phone=phone)
userprofile.save()
if role_name_str != None and role_name_str != '':
role_name_list = role_name_str.split(',')
for role_name in role_name_list:
if role_name != None and role_name != '':
try:
role = Role.objects.get(role_name__exact=role_name)
role.users.add(user)
except:
return HttpResponse(simplejson.dumps({"statusCode":302, "navTabId":request.POST.get('navTabId','accountindex'), "callbackType":request.POST.get('callbackType',None), "message":u'存在无效角色名请重新选择或置空'}), mimetype='application/json')
Log(username=request.user.username, content=u"成功创建用户: " + username, level=1).save()
return HttpResponse(simplejson.dumps({"statusCode":200, "navTabId":request.POST.get('navTabId','accountindex'), "callbackType":request.POST.get('callbackType','closeCurrent'), "message":u'添加成功'}), mimetype='application/json')
else:
return render_to_response('account/register.html', {'account_usertype_dict':account_usertype_dict})
def setUp(self):
# Every test needs a client.
self.client = Client()
password = make_password('admin', salt=None, hasher='default')
user = User(username='******', password=password, email='*****@*****.**')
user.save();
userprofile = UserProfile(user=user, department='admin', phone='admin')
userprofile.save()
#系统自带的login函数,不会触发自定义的login函数
# self.client.login(username='******', password='******')
self.client.post('/account/login/', {'username':'******', 'password':'******'})
def setUp(self):
# Every test needs a client.
self.client = Client()
password = make_password('admin', salt=None, hasher='default')
user = User(username='******', password=password, email='*****@*****.**')
user.save();
userprofile = UserProfile(user=user, department='admin', phone='admin')
userprofile.save()
#系统自带的login函数,不会触发自定义的login函数
# self.client.login(username='******', password='******')
self.client.post('/account/login/', {'username':'******', 'password':'******'})
for i in range(10):
self.client.post('/authority/add_table/',{'table_name':'管理' + str(i), 'table_desc':'申请资源'})
def process_job(self): try: user = User.objects.get(pk=self.kwargs["pk"]) except User.DoesNotExist: raise Http404 try: up = UserProfile.objects.get(user=user) except UserProfile.DoesNotExist: up = UserProfile(user=user) up.authToken = id_generator(24) up.save() return True
def registration(request, register_success_url="login", template="account/registration.html"):
form = RegistrationForm()
if request.POST:
form = RegistrationForm(request.POST)
if form.is_valid():
first_name = form.cleaned_data['first_name']
last_name = form.cleaned_data['last_name']
email = form.cleaned_data['email']
password = form.cleaned_data['password']
user = User.objects.create_user(username=email,
email=email,
password=password)
user.first_name = first_name
user.last_name = last_name
user.save()
salt = sha.new(str(random.random())).hexdigest()[:5]
activation_key = sha.new(salt+user.username).hexdigest()
key_expires = datetime.datetime.today() + datetime.timedelta(2)
user_profile = UserProfile(
user=user,
activation_key=activation_key,
key_expires=key_expires)
user_profile.save()
current_site = Site.objects.get_current()
subject = "welcome to my blog"
message = ('Please click the link below to'
'activate your user account \n''%s%s%s') % (
current_site, "/account/confirm/", activation_key)
sender = EMAIL_HOST_USER
recipients = [email]
mail_sender(subject=subject, message=message,
sender=sender, recipients=recipients)
authenticate(email=email, password=password)
return redirect(register_success_url)
return render(request, template, {'form': form})
def test_bar_payment_user_uses_only_accepted_tabs(
self, mock_bar_models_charge_source, mock_bar_models_authorize_source
):
"""
Ensure that a payment only use tabs that have been accepted
For this test you need:
- A bar
- A user
- Another user
- A tab created by each user
"""
self.user.customer.default_source = "123"
self.user.customer.save()
mock_bar_models_authorize_source.return_value = {"id": "jnsdflkgj34r"}
mock_bar_models_charge_source.return_value = {"id": "jnsdflkgj34r"}
# Create another user
user = UserProfile.new("*****@*****.**", "password", "Ryan", "Frahm", datetime.datetime.now())
user.groups.add(Group.objects.filter(name="Drinkers")[0])
# Create a 2 tabs
# This one should not be accepted
tab2 = Tab.new(20.00, self.user.email, "ijbwflgkbsdf", user)
# This one should be automatically accepted
tab1 = Tab.new(20.00, self.user.email, "ijbwflgkbsdf", self.user)
url = reverse("api:bar-pay", args=(1,))
amount = 10
d = {"amount": amount}
response = self.client.post(url, d, format="json")
self.assertEqual(len(response.data.get("transactions")), 1)
self.assertIsNotNone(response.data.get("sale"))
# The user's tab should now be $10
self.assertEqual(response.data.get("tab"), 10)
transactions = response.data.get("transactions")
self.assertEqual(transactions[0]["status"], "authorized")
self.assertEqual(transactions[0]["amount"], 10.00)
self.assertEqual(transactions[0]["tab_id"], tab1.pk)
def setUp(self, mock_bar_models_authorize_source, mock_bar_models_charge_source, mock_account_models_stripe):
# mock_account_models_customer.default_source = '123'
mock_account_models_stripe.Customer.create.return_value = {"id": "13542lknlknlkn"}
mock_bar_models_authorize_source.return_value = {"id": "jnsdflkgj34r"}
# Create groups
group = Group(name="Bar Owners")
group.save()
g = Group(name="Drinkers")
g.save()
# Create a user
email = "*****@*****.**"
password = "******"
self.firstname = "Bob"
self.lastname = "Dyllan"
self.dob = datetime.datetime.now()
self.user = UserProfile.new(email, password, self.firstname, self.lastname, self.dob)
self.user.groups.add(group)
self.client = APIClient(enforce_csrf_checks=True)
self.client.force_authenticate(user=self.user)
d = {
"street": "123 Street",
"city": "Des Moines",
"province": "IA",
"postal": "50305",
"country": "US",
"lat": 41.0,
"lng": -91.0,
}
bar = Bar.new("Test Bar 1", d, self.user)
bar.save()
self.bar = bar
m = StripeMerchant(user=self.user, account_id="123", pub_key="123", refresh_token="123", access_token="123")
m.save()
def authenticate(self, openid_response):
if openid_response is None:
return None
if openid_response.status != SUCCESS:
return None
google_email = openid_response.getSigned(
'http://openid.net/srv/ax/1.0', 'value.email')
google_firstname = openid_response.getSigned(
'http://openid.net/srv/ax/1.0', 'value.firstname')
google_lastname = openid_response.getSigned(
'http://openid.net/srv/ax/1.0', 'value.lastname')
username = google_email.split('@')[0]
print username
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = User.objects.create_user(username=username,
password='******',
email=google_email)
user.first_name = google_firstname
user.last_name = google_lastname
user.save()
gravatar_url = "http://www.gravatar.com/avatar/" + hashlib.md5(
google_email).hexdigest()
userprofile = UserProfile(user=user,
gravatar_url=gravatar_url).save()
return user
return user
def handle(self, *args, **options):
fn = options['input']
csv_reader = csv.reader(open(fn))
group = Group.objects.get(name='students')
for row in csv_reader:
sn = row[0]
name = row[1]
try:
u = User.objects.create_user(sn, '', sn)
u.groups.add(group)
profile = UserProfile(real_name=name, student_number=sn, user=u)
profile.save()
except IntegrityError:
pass
self.stdout.write(name.decode('utf-8').encode('cp936'))
def register(request):
if request.user.is_authenticated():
redirect(reverse('home'))
context = {}
if request.method == 'GET':
context['form'] = RegisterForm()
return render(request, 'account/register.html', context)
form = RegisterForm(request.POST)
context['form'] = form
if not form.is_valid():
return render(request, 'account/register.html', context)
new_user = User.objects.create_user(username=form.cleaned_data['email'], password=form.cleaned_data['password1'])
new_user.is_active = False
new_user.first_name = form.cleaned_data['fname']
new_user.last_name = form.cleaned_data['lname']
new_user.save()
token = default_token_generator.make_token(new_user)
if form.cleaned_data['user_type'] == 'c':
is_customer = True
else:
is_customer = False
user_profile = UserProfile(is_customer=is_customer, token=token, user=new_user)
try:
user_profile.save()
except IntegrityError:
context['errors'] = 'another user has already used this email address'
return render(request, 'account/register.html', context)
subject = 'Confirmation from Yummy'
message = 'Click this link to activate your account: ' + "http://128.237.180.208:8000" + \
reverse('activate', kwargs={'token': token})
from_addr = '*****@*****.**'
recipients = [form.cleaned_data['email']]
# send the activation email to the registered email address asynchronously by starting a daemon thread
t = threading.Thread(target=send_mail, args=[subject, message, from_addr, recipients], kwargs={'fail_silently': True})
t.setDaemon(True)
t.start()
context['email'] = form.cleaned_data['email']
return render(request, 'account/activate-required.html', context)
def save(self):
email = self.cleaned_data["email"]
first_name = self.cleaned_data["first_name"]
last_name = self.cleaned_data["last_name"]
password = self.cleaned_data["password"]
password_c = self.cleaned_data["password_c"]
bio = self.cleaned_data["bio"]
random_username = hashlib.sha224(email).hexdigest()[:30]
activation_code = hashlib.sha224(email).hexdigest()[:50]
user = User()
user.username = random_username
user.email = email
user.first_name = first_name
user.last_name = last_name
user.is_active = False
user.set_password(password)
user.save()
user_profile = UserProfile()
user_profile.bio = bio
user_profile.user = user
user_profile.activation_code = activation_code
user_profile.save()
send_user_activation_mail.delay(activation_code, email)
def PNewUser(request):
json_data=status.objects.filter(status='ERR',MSG='PD')
errors=""
if request.method == 'POST':
#userprofile_form = UserProfileForm(request.POST)
user_form = UserForm(request.POST)
#if userprofile_form.is_valid() and user_form.is_valid():
if user_form.is_valid():
user_clean_data = user_form.cleaned_data
created_user = User.objects.create_user(user_clean_data['username'], user_clean_data['email'], user_clean_data['password1'])
created_user.first_name=request.POST['firstname']
created_user.last_name=request.POST['lastname']
created_user.is_active = False
created_user.save()
pinHash = str(hash("CLT"+ created_user.username + created_user.email))[3:9]
userprofile = UserProfile(user=created_user, hash=pinHash, pwdhash=0) #hash=hashlib.sha224("CLT" + created_user.username + created_user.email).hexdigest())
#userprofile.user = created_user
#userprofile.phone_num1 = userprofile_form.cleaned_data['phone_num1']
#userprofile.hash = hashlib.sha224("CLT" + created_user.username + created_user.email).hexdigest()
userprofile.save()
#subject = "new provider notice"
#accept_link = 'http://cl.kazav.net/account/validate_prov/' + str(created_user.id) + '/' + userprofile.hash + '/'
#html_message = '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">Welcome to CLT<BR> Name: ' + created_user.first_name + ' ' + created_user.last_name + '<BR> <a href="' + accept_link + '"> Validate Me </a> '
#text_message = 'Welcome to CLT. Name: ' + created_user.first_name + ' ' + created_user.last_name + ' Validate yourself at: ' + accept_link
#user_mail=created_user.email
#msg = EmailMultiAlternatives(subject, text_message, 'CLT Server<*****@*****.**>', [user_mail])
#msg.attach_alternative(html_message,"text/html")
#msg.send()
textmessage="Hi " + request.POST['firstname'] + " and welcome to CLT. This is your PIN code for activating your account: " + pinHash
account_sid = "AC442a538b44777e2897d4edff57437a24"
auth_token = "be3a4e5fbf058c5b27a2904efd05d726"
client = TwilioRestClient(account_sid, auth_token)
#DEL COMMENT TO ENABLE SMS message = client.sms.messages.create(body=textmessage,to="+"+created_user.username,from_="+16698005705")
#new_user = authenticate(username=request.POST['username'], password=request.POST['password1'])
#login(request, new_user)
json_data = status.objects.filter(status='OK')
else:
json_data = status.objects.filter(status='WRN')
if user_form.errors.items() :
errors = ",[" + str(dict([(k, v[0].__str__()) for k, v in user_form.errors.items()])) + "]"
#if userprofile_form.errors.items():
# errors += ",[" + str(dict([(k, v[0].__str__()) for k, v in userprofile_form.errors.items()])) + "]"
json_dump = "[" + serializers.serialize("json", json_data)
json_dump += errors + "]"
return HttpResponse(json_dump.replace('\'','"'))
def register(request, tmpl):
syserr = False
if request.user.is_authenticated():
return HttpResponseRedirect('/account/home/')
if request.method == 'POST':
form = UserForm(request.POST)
if form.is_valid():
try:
new_user = User.objects.create_user(
username=form.cleaned_data['username'],
email=form.cleaned_data['email']
)
new_user.set_password(form.cleaned_data['password'])
new_user.first_name = form.cleaned_data['first_name']
new_user.last_name = form.cleaned_data['last_name']
new_user.save()
badge = form.cleaned_data['badge_type']
if not badge.userchoice:
badge = Badge.objects.filter(default=True)[0]
if request.session.get('register_data'):
notes = "REGISTER_DATA:%s\n" % (request.session.get('register_data'))
else:
notes = ""
new_profile = UserProfile(
user=new_user,
gender=form.cleaned_data['gender'],
address=form.cleaned_data['address'],
zipcode=form.cleaned_data['zipcode'],
city=form.cleaned_data['city'],
country=form.cleaned_data['country'],
language=form.cleaned_data['language'],
badge_type = badge,
badge_text=form.cleaned_data['badge_text'],
comments=form.cleaned_data['comments'],
fingerprint=form.cleaned_data['fingerprint'],
notes = notes
)
new_profile.save()
except Exception, e:
print e
syserr = True
else:
return HttpResponseRedirect('/account/register/complete/')
def register_user(request):
"""
User sign up form
:param request:
"""
if request.method == "POST":
data = request.POST.copy()
data['username'] = ''.join([choice(letters) for i in xrange(30)])
user_register_form = UserRegisterForm(data)
if user_register_form.is_valid():
# creating activation code for new user
activation_key = tasks.generate_activation_key(
data["username"]
)
# creating expired date for new activation key
key_expires = tasks.generate_key_expires_date()
tasks.send_activation_code.delay(
activation_key,
data["email"]
)
user_register_form.save()
user = User.objects.get(username=data['username'])
url = data["url"]
birth_date = data["birth_date"]
user_profile = UserProfile(user=user,
url=url,
birth_date=birth_date,
activation_key=activation_key,
key_expires=key_expires)
user_profile.save()
messages.success(
request,
_('Registration successful. You need to confirm your account.'),
fail_silently=True
)
return render(request, "login.html")
else:
user_register_form = UserRegisterForm()
c = {"form": user_register_form}
c.update(csrf(request))
return render(request, "register.html", c)
def create(self, validated_data):
profile_data = validated_data.pop('profile', None)
username = validated_data['username']
email = validated_data['email']
password = validated_data['password']
user = User(username=username, email=email)
user.set_password(password)
user.save()
avatar = profile_data.get('avatar') or None
if not avatar:
avatar = 'http://api.adorable.io/avatar/200/' + username
profile = UserProfile(user=user,
bio=profile_data.get('bio', ''),
avatar=avatar,
name=profile_data.get('name', ''),
status=profile_data.get('status', 'Member'))
profile.save()
return user
def add(request):
role_list = Role.objects.all()
if request.POST:
username = request.POST.get("username")
realname = request.POST.get("realname")
email = request.POST.get("email")
roles = request.POST.getlist("role")
department = request.POST.get("department")
phone = request.POST.get("phone")
# 验证重复的帐号名
usernames = User.objects.filter(username__iexact=username)
# 验证重复的邮件地址
emails = User.objects.filter(email__iexact=email)
if usernames:
return HttpResponse(simplejson.dumps({"statusCode":403, "message":u'用户名已经存在不能添加'}), mimetype='application/json')
if emails:
return HttpResponse(simplejson.dumps({"statusCode":403, "message":u'邮件地址已经存在不能添加'}), mimetype='application/json')
# 验证用户名是否存在于LDAP中
if not validate_ldap(username):
return HttpResponse(simplejson.dumps({"statusCode":403, "message":u'用户名无效不能添加'}), mimetype='application/json')
# 保存用户信息
# 密码由用户名单向散列得到,实际登录时使用LADP 验证真正的用户名和密码
password = make_password(username, salt=None, hasher='default')
user = User(username=username, email=email,password=password)
user.save()
userprofile = UserProfile(user=user, department=department, phone=phone,realname=realname)
userprofile.save()
# 保存角色信息
for item in roles:
user.role_set.add(int(item))
# 日志
Log(username=request.user.username,log_type=1,relate_id=user.id,content="execute add user " + user.username + " success!", level=1).save()
return HttpResponse(simplejson.dumps({"statusCode":200,"url": "/account/index", "message":u'添加成功'}), mimetype='application/json')
return render_to_response('account/add.html',{'role_list':role_list},context_instance=RequestContext(request))
def signup_callback(request):
"""
注册成功后的回调(由SSO服务器发起)
:param request:
:return:
"""
auth_token = request.POST.get("auth_token")
redirect = request.GET.get("redirect", settings.LOGIN_REDIRECT_URL)
error, user, user_info = SSOAuthBackend.authenticate(auth_token)
if error or user or not user_info:
raise PermissionDenied
else:
user = UserProfile(username=user_info['username'],
email=user_info['email'])
user.save()
auth.login(request, user) # create session, write cookies
logined_users[auth_token] = user # 存入全局变量中
request.session["auth_token"] = auth_token # 存入session
return HttpResponseRedirect(redirect)
def changepwd_callback(request):
"""
修改密码后的回调(由SSO服务器发起)
:param request:
:return:
"""
auth_token = request.POST.get("auth_token")
redirect = request.GET.get("redirect", settings.LOGIN_REDIRECT_URL)
error, user, user_info = SSOAuthBackend.authenticate(auth_token)
if not error:
if not user: # 这种情况表明用户在其他site注册,并且首次登陆本site
user = UserProfile(username=user_info['username'],
email=user_info['email'])
user.save()
auth.login(request, user) # create session, write cookies
logined_users[auth_token] = user # 存入全局变量中
request.session["auth_token"] = auth_token # 存入session
return HttpResponseRedirect(redirect)
else:
raise PermissionDenied
def save(self):
email = self.cleaned_data["email"]
first_name = self.cleaned_data["first_name"]
last_name = self.cleaned_data["last_name"]
password = self.cleaned_data["password"]
password_c = self.cleaned_data["password_c"]
bio = self.cleaned_data["bio"]
random_username = hashlib.sha224(email).hexdigest()[:30]
activation_code = hashlib.sha224(email).hexdigest()[:50]
user = User()
user.username = random_username
user.email = email
user.first_name = first_name
user.last_name = last_name
user.is_active = False
user.set_password(password)
user.save()
user_profile = UserProfile()
user_profile.bio = bio
user_profile.user = user
user_profile.activation_code = activation_code
user_profile.save()
send_user_activation_mail.delay(activation_code, email)
def register(request):
form = RegisterForm()
if (request.method == 'POST'):
form = RegisterForm(request.POST)
if (form.is_valid()):
form.save()
username = form.cleaned_data.get('username')
password = form.cleaned_data.get('password1')
email = form.cleaned_data.get('email')
user = authenticate(username=username, password=password)
user_profile = UserProfile(user=user)
user_profile.email_confirmed = False
varification_code = id_generator()
user_profile.hashcode = varification_code
user_profile.save()
##send_mail(subject, msg, from, to_list, fail_silently=True)
subject = "Account info of mushroom firm"
msg = "Dear " + user.first_name + ", \nCongratulations! your account has been created. Please varify your email from your account option. Use this code while varifying your email: " + varification_code
from_email = settings.EMAIL_HOST_USER
to_email = [email, settings.EMAIL_HOST_USER]
send_mail(subject, msg, from_email, to_email, fail_silently=True)
messages.success = (request,
"Your account has ben created successfully!")
return HttpResponseRedirect(reverse('login'))
context = {'form': form}
template = 'account/register.html'
return render(request, template, context)
def my_signup(request):
# if the user is already logged in, send them to the current_courses page
if request.user.is_authenticated():
return HttpResponseRedirect('/gradebook/current_courses/')
if request.is_ajax():
get_action = request.GET['get_action']
if get_action == 'is_email_unique':
email = request.GET['email_in_question']
unique = User.objects.filter(username=email).count() == 0
return HttpResponse(json.dumps({'is_unique': unique}), mimetype='application/json')
if request.method == 'POST':
form = MyUserCreationForm(request.POST)
if form.is_valid():
password1 = form.cleaned_data.get('password1')
#password2 = form.cleaned_data.get('password2')
#if password1 != password2:
# form.errors.setdefault('password1', ErrorList()).append(form.error_messages['password_mismatch'])
#else:
email = form.cleaned_data.get('email')
user = User.objects.create_user(username=email,
password=password1,
email=email)
user.first_name = form.cleaned_data.get('first_name')
user.last_name = form.cleaned_data.get('last_name')
user.is_active = False # user is inactive until email is validated
user.save()
prof = UserProfile(user=user)
prof.save()
send_validation_email(user)
login(request, authenticate(username=email, password=password1))
return HttpResponseRedirect('/account/settings/')
else:
form = MyUserCreationForm()
return HttpResponseRedirect('/')
def save(self):
username = self.cleaned_data['username']
password = self.cleaned_data['password']
user = User(
username=username,
email=username,
is_active=False,
)
user.set_password(password)
user.save()
profile = UserProfile(
user=user,
username=username,
nickname=username,
email=username,
is_mail_verified=False,
)
profile.save()
INFO_LOG.info(gen_info_msg(self._request, action=u'注册成功'))
return profile
def save(self):
username = self.cleaned_data['username']
password = self.cleaned_data['password']
user = User(
username=username,
email=username,
is_active=False,
)
user.set_password(password)
user.save()
profile = UserProfile(
user=user,
username=username,
nickname=username,
email=username,
is_mail_verified=False,
)
profile.save()
INFO_LOG.info(gen_info_msg(self._request, action=u'注册成功'))
return profile
def join_form(request):
if request.method == 'POST':
user_id = request.POST.get('mb_id', '')
password = request.POST.get('mb_password', '')
question = int(request.POST.get('mb_password_q', '0'))
answer = request.POST.get('mb_password_a', '')
name = request.POST.get('mb_name', '')
nick = request.POST.get('mb_nick', '')
email = request.POST.get('mb_email', '')
birth = request.POST.get('mb_birth', '')
sex = request.POST.get('mb_sex', '')
phone = request.POST.get('mb_hp', '')
profile_text = request.POST.get('mb_profile', '')
is_mailing = request.POST.get('mb_mailing', '')
is_sms = request.POST.get('mb_sms', '')
is_open = request.POST.get('mb_open', '')
user = User.objects.create_user(username=user_id,
password=password,
email=email)
profile = UserProfile(user=user,
question=question,
answer=answer,
name=name,
nick=nick,
birth=birth,
sex=sex,
phone=phone,
text=profile_text,
mailing=(len(is_mailing) > 0),
sms=(len(is_sms) > 0),
info_open=(len(is_open) > 0))
profile.save()
return HttpResponseRedirect('/account/join_success/?name=' + name +
'&id=' + user_id)
else:
return render_to_response('account/join_form.html', {},
context_instance=RequestContext(request))
def test_role_create(self):
"""
Ensure that we can create a role
"""
url = reverse("api:bar-roles", args=(1,))
# Create another user
user = UserProfile.new("*****@*****.**", "password", "Ryan", "Frahm", datetime.datetime.now())
user.groups.add(Group.objects.filter(name="Drinkers")[0])
role = "admin,bartender,manager"
d = {"uid": user.pk, "role": role}
response = self.client.post(url, d, format="json")
self.assertEqual(response.data.get("role"), role)
self.assertTrue(Role.objects.filter().exists())
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
def sign_up_user(request):
if request.method == 'GET':
context = {
'form': SignUpForm(),
}
return render(request, 'accounts/sign_up.html', context)
else:
form = SignUpForm(request.POST)
if form.is_valid():
user = form.save()
profile = UserProfile(user=user, )
profile.user.groups.add(Group.objects.get(name='UserGroup'))
profile.save()
login(request, user)
return redirect('index')
context = {
'form': form,
}
return render(request, 'accounts/sign_up.html', context)
def PNewUser(request):
json_data=status.objects.filter(status='ERR',MSG='PD')
errors=""
if request.method == 'POST':
#userprofile_form = UserProfileForm(request.POST)
user_form = UserForm(request.POST)
#if userprofile_form.is_valid() and user_form.is_valid():
if user_form.is_valid():
user_clean_data = user_form.cleaned_data
created_user = User.objects.create_user(user_clean_data['username'], user_clean_data['email'], user_clean_data['password1'])
created_user.first_name=request.POST['firstname']
created_user.last_name=request.POST['lastname']
#created_user.is_active = False
created_user.save()
pinHash = str(hash("CLT"+ created_user.username + created_user.email))[3:9]
userprofile = UserProfile(user=created_user, hash=pinHash, pwdhash=0) #hash=hashlib.sha224("CLT" + created_user.username + created_user.email).hexdigest())
#userprofile.user = created_user
#userprofile.phone_num1 = userprofile_form.cleaned_data['phone_num1']
#userprofile.hash = hashlib.sha224("CLT" + created_user.username + created_user.email).hexdigest()
userprofile.save()
textmessage="Hi " + request.POST['firstname'] + " and welcome to Cofix. This is your PIN code for activating your account: " + pinHash
account_sid = "AC442a538b44777e2897d4edff57437a24"
auth_token = "be3a4e5fbf058c5b27a2904efd05d726"
client = TwilioRestClient(account_sid, auth_token)
message = client.sms.messages.create(body=textmessage,to="+"+created_user.username,from_="+16698005705")
#new_user = authenticate(username=request.POST['username'], password=request.POST['password1'])
#login(request, new_user)
json_data = status.objects.filter(status='OK')
else:
json_data = status.objects.filter(status='WRN')
if user_form.errors.items() :
errors = ",[" + str(dict([(k, v[0].__str__()) for k, v in user_form.errors.items()])) + "]"
#if userprofile_form.errors.items():
# errors += ",[" + str(dict([(k, v[0].__str__()) for k, v in userprofile_form.errors.items()])) + "]"
json_dump = "[" + serializers.serialize("json", json_data)
json_dump += errors + "]"
return HttpResponse(json_dump.replace('\'','"'))
def join_form(request):
if request.method == 'POST':
user_id = request.POST.get('mb_id','')
password = request.POST.get('mb_password','')
question = int(request.POST.get('mb_password_q','0'))
answer = request.POST.get('mb_password_a','')
name = request.POST.get('mb_name','')
nick = request.POST.get('mb_nick','')
email = request.POST.get('mb_email','')
birth = request.POST.get('mb_birth','')
sex = request.POST.get('mb_sex','')
phone = request.POST.get('mb_hp','')
profile_text = request.POST.get('mb_profile','')
is_mailing = request.POST.get('mb_mailing','')
is_sms = request.POST.get('mb_sms','')
is_open = request.POST.get('mb_open','')
user = User.objects.create_user(username=user_id, password=password, email=email)
profile = UserProfile(
user=user,
question=question,
answer=answer,
name=name,
nick=nick,
birth=birth,
sex=sex,
phone=phone,
text=profile_text,
mailing=(len(is_mailing)>0),
sms=(len(is_sms)>0),
info_open=(len(is_open)>0)
)
profile.save()
return HttpResponseRedirect('/account/join_success/?name='+name+'&id='+user_id)
else:
return render_to_response('account/join_form.html',{
}, context_instance=RequestContext(request))
def create(request, tmpl):
syserr = False
create_success = False
user_obj = None
if request.method == 'POST':
form = UserFormManagerCreate(request.POST)
if form.is_valid():
try:
user_obj = User(
username = form.cleaned_data['username'],
email = form.cleaned_data['email'],
first_name = form.cleaned_data['first_name'],
last_name = form.cleaned_data['last_name'])
user_obj.set_password(form.cleaned_data['password'])
user_obj.save()
p = UserProfile(
user=user_obj,
gender = form.cleaned_data['gender'],
address = form.cleaned_data['address'],
country = form.cleaned_data['country'],
zipcode = form.cleaned_data['zipcode'],
city = form.cleaned_data['city'],
language = form.cleaned_data['language'],
badge_text = form.cleaned_data['badge_text'],
comments = form.cleaned_data['comments'],
fingerprint = form.cleaned_data['fingerprint'],
badge_type = form.cleaned_data['badge_type'],
notes = form.cleaned_data['notes'],
payment_later=form.cleaned_data['payment_later'])
p.save()
create_success = True
except Exception, e:
print e
syserr = True
else:
create_success = True
form = UserFormManagerCreate()
def import_fromcsv(fcsv, emailtmpl):
if os.path.exists(fcsv) and os.path.exists(emailtmpl):
handle = file(fcsv)
for i in handle.readlines():
values = i.strip().split(';')
print values
try:
c = Country.objects.get(code=values[6])
except:
c = Country.objects.get(code='fr')
new_user = User.objects.create_user(
username=values[2],
email=values[3]
)
new_user.first_name=values[1]
new_user.last_name=values[0]
new_user.set_password(values[4])
new_user.save()
badge = Badge.objects.filter(default=True)[0]
new_profile = UserProfile(
user=new_user,
language=values[5],
country=c,
badge_type = badge,
badge_text=values[7],
)
new_profile.save()
handle2 = file(emailtmpl)
email = handle2.read()
email = email.replace('###LOGIN###', values[2])
email = email.replace('###PASSWORD###', values[4])
send_mail('Your particpation at LSM / Votre particpation aux RMLL', email, '*****@*****.**', [values[3]])
else:
print 'Err: unable to find file "%s" or "%s"' % (fcsv, emailtmpl)
def save(self):
account = None
password = self.validated_data['password']
password2 = self.validated_data['password2']
check_staff = self.validated_data['check_staff']
if password != password2:
raise serializers.ValidationError(
{'password': '******'t match!'})
if check_staff:
staff_id = self.validated_data['staff_id']
if staff_id == '1000':
account = BaseAccount(
username=self.validated_data['username'],
email=self.validated_data['email'],
check_staff=True,
staff_id=staff_id,
is_staff=True,
)
else:
raise serializers.ValidationError(
{'staff_id': 'Staff ID isn\'t valid!'})
else:
account = BaseAccount(
username=self.validated_data['username'],
email=self.validated_data['email'],
)
account.set_password(password)
account.is_active = True #------------------------------------- NEED TO CHHANGE -----------------------------
account.save()
profile = UserProfile(base=account)
profile.save()
return account
def test_user_get_tab_list(self):
"""
Ensure we only return active tabs
"""
# Create another user
user = UserProfile.new("*****@*****.**", "password", "Ryan", "Frahm", datetime.datetime.now())
user.groups.add(Group.objects.filter(name="Drinkers")[0])
tab = Tab(amount=20, total=20, sender=user, receiver=self.user, source="23423542", charge="13425", active=False)
tab.save()
tab = Tab(amount=20, total=20, sender=user, receiver=self.user, source="23423542", charge="13425")
tab.save()
url = reverse("api:tabs")
response = self.client.get(url, format="json")
tabs = response.data
self.assertEqual(len(tabs), 1)
def test_tab_create_for_another_user(self, mock_bar_models_authorize_source):
"""
Ensure we can create a tab for another registered user
"""
# Create another user
user = UserProfile.new("*****@*****.**", "password", "Ryan", "Frahm", datetime.datetime.now())
user.groups.add(Group.objects.filter(name="Drinkers")[0])
url = reverse("api:tabs")
d = {"amount": 20, "source": "123", "users": [{"id": user.pk}], "note": "Testy test notes!"}
mock_bar_models_authorize_source.return_value = {"id": "jnsdflkgj34r"}
response = self.client.post(url, d, format="json")
tabs = response.data.get("tabs")
self.assertEqual(len(tabs), 1)
self.assertEqual(tabs[0]["receiver"], user.pk)
self.assertEqual(response.data.get("amount"), d["amount"])
def login_evernote_token(request):
""" as get_evernote_token(), but logs the user in as well
"""
everAuth = EvernoteAPI()
credentials = everAuth.get_user_token(request)
if not credentials:
return HttpResponseRedirect(
reverse('account.views.login_page', args=[]))
if request.user.is_authenticated():
user = request.user
else:
evernoteHost = settings.EVERNOTE_HOST
userStoreUri = "https://" + evernoteHost + "/edam/user"
userStoreHttpClient = THttpClient.THttpClient(userStoreUri)
userStoreProtocol = TBinaryProtocol.TBinaryProtocol(
userStoreHttpClient)
userStore = UserStore.Client(userStoreProtocol)
evernoteUser = userStore.getUser(credentials['oauth_token'])
user = authenticate(username=evernoteUser.username,
password=str(evernoteUser.id))
if not user:
newUser = User.objects.create_user(evernoteUser.username,
evernoteUser.email,
str(evernoteUser.id))
names = evernoteUser.name.split() if evernoteUser.name else None
newUser.first_name = names[0] if names and len(names) > 0 else ""
newUser.last_name = names[1] if names and len(names) > 1 else ""
newUser.save()
user = authenticate(username=evernoteUser.username,
password=str(evernoteUser.id))
login(request, user)
try:
expires_time = datetime.fromtimestamp(int(credentials['expires']))
except TypeError:
logging.error("Error parsing token expires time")
expires_time = datetime.now()
profile = UserProfile()
profile.user = user
profile.evernote_token = credentials['oauth_token']
profile.evernote_token_expires_time = expires_time
profile.evernote_note_store_url = credentials['edam_noteStoreUrl']
profile.save()
return HttpResponseRedirect(reverse('base.views.index', args=[]))
