def validate(self, attrs): callback_token = attrs.get('token', None) token = CallbackToken.objects.get(key=callback_token, is_active=True) if token: # Check the token type for our uni-auth method. # authenticates and checks the expiry of the callback token. user = authenticate_by_token(token) if user: if not user.is_active: msg = _('User account is disabled.') raise serializers.ValidationError(msg) if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \ or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED: # Mark this alias as verified user = User.objects.get(pk=token.user.pk) success = verify_user_alias(user, token) if success is False: msg = _('Error validating user alias.') raise serializers.ValidationError(msg) attrs['user'] = user return attrs else: msg = _('Invalid Token') raise serializers.ValidationError(msg) else: msg = _('Missing authentication token.') raise serializers.ValidationError(msg)
def post(self, request, *args, **kwargs): user = authenticate_by_token(request.data.get('token', None)) if user: login(request, user, backend='django.contrib.auth.backends.ModelBackend') return Response({'success': True}) else: raise ValidationError('Couldn\'t log you in. Invalid token.')
def get(self, request, *args, **kwargs): if 'token' in request.GET: user = authenticate_by_token(request.GET['token']) if user: user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) return redirect('dashboard') return super(TokenAuthView, self).get(request, *args, **kwargs)
def post(self, request, *args, **kwargs): user = authenticate_by_token(request.data.get('token', None)) if user: login(request, user, backend='django.contrib.auth.backends.ModelBackend') return Response({'success': True}, status=statuses.HTTP_200_OK) else: return Response({'detail': 'Couldn\'t log you in. Invalid token.'}, status=statuses.HTTP_400_BAD_REQUEST)
def process_request(self, request): token = request.GET.get(settings.EMAIL_AUTH_TOKEN_NAME) if token is None: return user = authenticate_by_token(token) if user is None: return user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user)
def validate(self, attrs): callback_token = attrs.get('token', None) try: token = CallbackToken.objects.get(key=callback_token, is_active=True) except ObjectDoesNotExist: if callback_token in api_settings.PASSWORDLESS_ADMIN_MOBILE_VERIFICATION_CODE: user = User.objects.get( mobile=api_settings.PASSWORDLESS_ADMIN_TEST_PHONE_NUMBER) token = CallbackToken.objects.create( user=user, to_alias_type='MOBILE', to_alias=getattr( user, api_settings.PASSWORDLESS_USER_MOBILE_FIELD_NAME)) if token: # Check the token type for our uni-auth method. # authenticates and checks the expiry of the callback token. user = authenticate_by_token(token) if user: if not user.is_active: msg = _('User account is disabled.') raise serializers.ValidationError(msg) if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \ or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED: # Mark this alias as verified user = User.objects.get(pk=token.user.pk) success = verify_user_alias(user, token) if success is False: msg = _('Error validating user alias.') raise serializers.ValidationError(msg) attrs['user'] = user return attrs else: msg = _('Invalid Token') raise serializers.ValidationError(msg) else: msg = _('Missing authentication token.') raise serializers.ValidationError(msg)
def process_request(self, request): token = request.GET.get(settings.EMAIL_AUTH_TOKEN_NAME) if token is None: return try: # attempt to auth via authtoken token_auth = TokenAuthentication() user, _ = token_auth.authenticate_credentials(token) except AuthenticationFailed: # attempt to auth by drfpasswordless user = authenticate_by_token(token) if user is None: return user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user)