def validate_invite(request, invite_id):
# Считаем, что приглашение действительно, если оно есть в базе
# и с момента его отправки прошло не более 24 часов, и оно
# не было использовано ранее
try:
invite = InviteEntry.objects.get(invite_id=invite_id)
email = invite.email
invite_datetime = parse_datetime(str(invite.date))
if (dt.datetime.utcnow().replace(tzinfo=pytz.utc) - invite_datetime >
dt.timedelta(hours=24)) or invite.is_validated:
print('[validate_invite], invalid invite: ' + invite.is_validated)
else:
try:
participant = VisitorData.objects.get(email=email)
salt_num = int(rnd.random() * 10000000000000000)
hasher = SHA1PasswordHasher()
cookie = hasher.encode(email, str(salt_num))
participant.cookie = cookie
request.session['cookie'] = participant.cookie
invite.is_validated = True
participant.save()
invite.save()
print('[validate_invite], invite invalidated')
# TODO: удалить эту запись из базы?
except:
pass
except:
print('[validate_invite], invite no found: ' + invite_id)
return redirect('index')
def add_participant(request):
context = {}
context['is_user_auth'] = False
if request.method == 'POST':
form = ParticipateForm(request.POST)
if form.is_valid():
context['is_participant_email_valid'] = True
email_from_form = form.cleaned_data['email']
hasher = SHA1PasswordHasher()
try:
participant = VisitorData.objects.get(email=email_from_form)
try:
invite = InviteEntry.objects.get(email=email_from_form)
if invite.is_validated == False:
context['is_invite_exists'] = True
else:
raise ObjectDoesNotExist()
except:
tmp_uid = hasher.encode(email_from_form,
dt.datetime.now().__str__())
invite = InviteEntry(email=email_from_form,
invite_id=tmp_uid)
invite.save()
context['is_invite_exists'] = False
# Здесь посетитель пытается участвовать, но запись о нем уже есть
# Для разрешения такой ситуации шлем ему письмо со ссылкой,
# он переходит по нашей ссылке - и 'входит' на сайт
context['is_email_known'] = True
except ObjectDoesNotExist:
# Посетитель хочет участвовать впервые - созадим запись о нем
participant = VisitorData(
email=email_from_form,
packages_count=form.cleaned_data['packages_count'],
meals_per_day=form.cleaned_data['meals_per_day'],
wb_per_meal=form.cleaned_data['wb_per_meal'],
package_volume=form.cleaned_data['package_volume'],
hungry_people=form.cleaned_data['hungry_people'])
# cookie = hasher.encode(email_from_form, dt.datetime.now().__str__())
salt_num = int(rnd.random() * 10000000000000000)
cookie = hasher.encode(email_from_form, str(salt_num))
participant.cookie = cookie
participant.save()
request.session['cookie'] = cookie
context['is_user_auth'] = True
context['participant_email'] = email_from_form
else:
context['is_participant_email_valid'] = False
return render(request, 'index.html', context=context)
def add_comment(request):
if request.method == 'POST':
try:
email = VisitorData.objects.get(
cookie=request.session['cookie']).email
nickname = request.POST['nickname']
text = request.POST['comment']
hasher = SHA1PasswordHasher()
salt_num = int(rnd.random() * 10000000000000000)
comment_id = hasher.encode(nickname, str(salt_num))
comment = Comment(comment_id=comment_id,
email=email,
nickname=nickname,
text=text)
comment.save()
except:
return redirect('index')
else:
return redirect('index')
return HttpResponse()
def encode(self, password, salt, iterations=None):
_, _, sha1_hash = SHA1PasswordHasher().encode(password,
salt).split('$', 2)
return self.encode_sha1_hash(sha1_hash, salt, iterations)