def validate(self, attrs):
callback_token = attrs.get('token', None)
token = CallbackToken.objects.get(key=callback_token, is_active=True)
if token:
# Check the token type for our uni-auth method.
# authenticates and checks the expiry of the callback token.
user = authenticate_by_token(token)
if user:
if not user.is_active:
msg = _('User account is disabled.')
raise serializers.ValidationError(msg)
if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \
or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED:
# Mark this alias as verified
user = User.objects.get(pk=token.user.pk)
success = verify_user_alias(user, token)
if success is False:
msg = _('Error validating user alias.')
raise serializers.ValidationError(msg)
attrs['user'] = user
return attrs
else:
msg = _('Invalid Token')
raise serializers.ValidationError(msg)
else:
msg = _('Missing authentication token.')
raise serializers.ValidationError(msg)
def validate(self, attrs, user=None):
# Check Aliases
try:
alias_type, alias_attribute_name, alias = self.validate_alias(
attrs)
callback_token = attrs.get('token', None)
user = user or User.objects.filter(**{
alias_attribute_name: alias
}).first()
token = CallbackToken.objects.get(
**{
'user': user,
'key': callback_token,
'type': CallbackToken.TOKEN_TYPE_AUTH,
'to_alias_type': alias_type.upper(),
'is_active': True
})
if token.user == user:
# Check the token type for our uni-auth method.
# authenticates and checks the expiry of the callback token.
if not user.is_active:
msg = _('User account is disabled.')
raise serializers.ValidationError(msg)
if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \
or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED:
# Mark this alias as verified
user = User.objects.get(pk=token.user.pk)
success = verify_user_alias(user, token)
if success is False:
msg = _('Error validating user alias.')
raise serializers.ValidationError(msg)
attrs['user'] = user
token.delete()
return attrs
else:
msg = _('Invalid Token')
raise serializers.ValidationError(msg)
except CallbackToken.DoesNotExist:
msg = _(str(InvalidCallbackToken()))
raise serializers.ValidationError(msg)
except User.DoesNotExist:
msg = _(str(InvalidCallbackToken()))
raise serializers.ValidationError(msg)
except ValidationError:
msg = _(str(InvalidCallbackToken()))
raise serializers.ValidationError(msg)
def validate(self, attrs):
User = get_user_model()
try:
alias_type, alias = self.validate_alias(attrs)
user_id = self.context.get("user_id")
user = User.objects.get(**{
'id': user_id,
alias_type + '__iexact': alias
})
callback_token = attrs.get('token', None)
token = CallbackToken.objects.get(
**{
'user': user[alias_type],
'key': callback_token,
'type': CallbackToken.TOKEN_TYPE_VERIFY,
'is_active': True
})
if token.user == user:
# Mark this alias as verified
success = verify_user_alias(user, token)
if success is False:
logger.debug("drfpasswordless: Error verifying alias.")
attrs['user'] = user
return attrs
else:
msg = _('This token is invalid. Try again later.')
logger.debug(
"drfpasswordless: User token mismatch when verifying alias."
)
except CallbackToken.DoesNotExist:
msg = _('We could not verify this alias.')
logger.debug(
"drfpasswordless: Tried to validate alias with bad token.")
pass
except User.DoesNotExist:
msg = _('We could not verify this alias.')
logger.debug(
"drfpasswordless: Tried to validate alias with bad user.")
pass
except PermissionDenied:
msg = _('Insufficient permissions.')
logger.debug(
"drfpasswordless: Permission denied while validating alias.")
pass
raise serializers.ValidationError(msg)
def validate(self, attrs):
try:
alias_type, alias = self.validate_alias(attrs)
user_id = self.context.get("user_id")
user = User.objects.get(**{"id": user_id, alias_type: alias})
callback_token = attrs.get("token", None)
token = CallbackToken.objects.get(
**{
"user": user,
"key": callback_token,
"type": CallbackToken.TOKEN_TYPE_VERIFY,
"is_active": True
})
if token.user == user:
# Mark this alias as verified
success = verify_user_alias(user, token)
if success is False:
logger.debug("drfpasswordless: Error verifying alias.")
attrs["user"] = user
return attrs
else:
msg = _("This token is invalid. Try again later.")
logger.debug(
"drfpasswordless: User token mismatch when verifying alias."
)
except CallbackToken.DoesNotExist:
msg = _("We could not verify this alias.")
logger.debug(
"drfpasswordless: Tried to validate alias with bad token.")
pass
except User.DoesNotExist:
msg = _("We could not verify this alias.")
logger.debug(
"drfpasswordless: Tried to validate alias with bad user.")
pass
except PermissionDenied:
msg = _("Insufficient permissions.")
logger.debug(
"drfpasswordless: Permission denied while validating alias.")
pass
raise serializers.ValidationError(msg)
def validate(self, attrs):
callback_token = attrs.get('token', None)
try:
token = CallbackToken.objects.get(key=callback_token,
is_active=True)
except ObjectDoesNotExist:
if callback_token in api_settings.PASSWORDLESS_ADMIN_MOBILE_VERIFICATION_CODE:
user = User.objects.get(
mobile=api_settings.PASSWORDLESS_ADMIN_TEST_PHONE_NUMBER)
token = CallbackToken.objects.create(
user=user,
to_alias_type='MOBILE',
to_alias=getattr(
user,
api_settings.PASSWORDLESS_USER_MOBILE_FIELD_NAME))
if token:
# Check the token type for our uni-auth method.
# authenticates and checks the expiry of the callback token.
user = authenticate_by_token(token)
if user:
if not user.is_active:
msg = _('User account is disabled.')
raise serializers.ValidationError(msg)
if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \
or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED:
# Mark this alias as verified
user = User.objects.get(pk=token.user.pk)
success = verify_user_alias(user, token)
if success is False:
msg = _('Error validating user alias.')
raise serializers.ValidationError(msg)
attrs['user'] = user
return attrs
else:
msg = _('Invalid Token')
raise serializers.ValidationError(msg)
else:
msg = _('Missing authentication token.')
raise serializers.ValidationError(msg)
def validate(self, attrs):
# Check Aliases
try:
alias_type, alias = self.validate_alias(attrs)
callback_token = attrs.get("token", None)
user = User.objects.get(**{alias_type: alias})
token = CallbackToken.objects.get(
**{
"user": user,
"key": callback_token,
"type": CallbackToken.TOKEN_TYPE_AUTH,
"is_active": True
})
if token.user == user:
# Check the token type for our uni-auth method.
# authenticates and checks the expiry of the callback token.
if not user.is_active:
msg = _("User account is disabled.")
raise serializers.ValidationError(msg)
if (api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED or
api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED):
# Mark this alias as verified
user = User.objects.get(pk=token.user.pk)
success = verify_user_alias(user, token)
if success is False:
msg = _("Error validating user alias.")
raise serializers.ValidationError(msg)
attrs["user"] = user
return attrs
else:
msg = _("Invalid Token")
raise serializers.ValidationError(msg)
except User.DoesNotExist:
msg = _("Invalid alias parameters provided.")
raise serializers.ValidationError(msg)
except ValidationError:
msg = _("Invalid alias parameters provided.")
raise serializers.ValidationError(msg)
def validate(self, attrs):
# Check Aliases
try:
alias_type, alias = self.validate_alias(attrs)
callback_token = attrs.get('token', None)
user = User.objects.get(**{alias_type: alias})
token = CallbackToken.objects.get(**{'user': user,
'key': callback_token,
'type': CallbackToken.TOKEN_TYPE_AUTH,
'is_active': True})
if token_age_validator(token):
# Check the token type for our uni-auth method.
# authenticates and checks the expiry of the callback token.
if not user.is_active:
msg = _('User account is disabled.')
raise serializers.ValidationError(msg)
if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \
or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED:
# Mark this alias as verified
success = verify_user_alias(user, token)
if success is False:
msg = _('Error validating user alias.')
raise serializers.ValidationError(msg)
attrs['user'] = user
token.is_active=False
token.save(update_fields=['is_active'])
return attrs
else:
msg = _('Invalid Token')
raise serializers.ValidationError(msg)
except CallbackToken.DoesNotExist:
msg = _('Invalid alias parameters provided.')
raise serializers.ValidationError(msg)
except User.DoesNotExist:
msg = _('Invalid alias parameters provided.')
raise serializers.ValidationError(msg)
except ValidationError:
msg = _('Invalid alias parameters provided.')
raise serializers.ValidationError(msg)
def validate(self, attrs):
try:
user_id = self.context.get("user_id")
callback_token = attrs.get('token', None)
token = CallbackToken.objects.get(key=callback_token,
is_active=True)
user = User.objects.get(pk=user_id)
if token.user == user:
# Check that the token.user is the request.user
# Mark this alias as verified
success = verify_user_alias(user, token)
if success is False:
logger.debug("drfpasswordless: Error verifying alias.")
attrs['user'] = user
return attrs
else:
msg = _('This token is invalid. Try again later.')
logger.debug(
"drfpasswordless: User token mismatch when verifying alias."
)
except CallbackToken.DoesNotExist:
msg = _('Missing authentication token.')
logger.debug(
"drfpasswordless: Tried to validate alias with bad token.")
pass
except User.DoesNotExist:
msg = _('Missing user.')
logger.debug(
"drfpasswordless: Tried to validate alias with bad user.")
pass
except PermissionDenied:
msg = _('Insufficient permissions.')
logger.debug(
"drfpasswordless: Permission denied while validating alias.")
pass
raise serializers.ValidationError(msg)
def validate(self, attrs):
try:
alias_type, alias = self.validate_alias(attrs)
callback_token = attrs.get('confirmation_code')
user = User.objects.get(**{alias_type + '__iexact': alias})
token = CallbackToken.objects.get(
**{
'user': user,
'key': callback_token,
'type': CallbackToken.TOKEN_TYPE_AUTH,
'is_active': True
}
)
if token.user == user:
if not user.is_active:
msg = 'User account is disabled.'
raise serializers.ValidationError(msg)
if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED:
user = User.objects.get(pk=token.user.pk)
success = verify_user_alias(user, token)
if not success:
msg = 'Error validating user alias.'
raise serializers.ValidationError(msg)
attrs['user'] = user
return attrs
else:
msg = 'Invalid Token'
raise serializers.ValidationError(msg)
except CallbackToken.DoesNotExist:
msg = 'Invalid alias parameters provided.'
raise serializers.ValidationError(msg)
except User.DoesNotExist:
msg = 'Invalid user alias parameters provided.'
raise serializers.ValidationError(msg)
except ValidationError:
msg = 'Invalid alias parameters provided.'
raise serializers.ValidationError(msg)
def validate(self, attrs):
try:
# The key + is_active is unique so we can only get one result here
token = CallbackToken.objects.get(key=attrs.get('token', None),
is_active=True)
if token and token_valid_for_login(
token, api_settings.PASSWORDLESS_TOKEN_EXPIRE_TIME):
user = token.user
if user:
if not user.is_active:
msg = _('User account is disabled.')
raise serializers.ValidationError(msg)
if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \
or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED:
# Mark this alias as verified
#user = UserModel.objects.get(pk=token.user.pk)
success = verify_user_alias(user, token)
if success is False:
msg = _('Error validating user alias.')
raise serializers.ValidationError(msg)
# Everything's good, return the validated user
attrs['user'] = user
return attrs
except CallbackToken.DoesNotExist:
logger.debug(
"drfpasswordless: tried to callback with non-existing callback token"
)
pass
# In all other cases, return an invalid error
msg = _('Invalid Token')
raise serializers.ValidationError(msg)
def validate(self, attrs):
User = get_user_model()
# Check Aliases
try:
alias_type, alias = self.validate_alias(attrs)
callback_token = attrs.pop('token', None)
token = CallbackToken.objects.get(
**{
'to_alias': alias,
'key': callback_token,
'type': CallbackToken.TOKEN_TYPE_AUTH,
'is_active': True
})
if token_age_validator(token):
# Check the token type for our uni-auth method.
# authenticates and checks the expiry of the callback token.
if api_settings.PASSWORDLESS_REGISTER_NEW_USERS is True:
# If new aliases should register new users.
try:
user = User.objects.get(
**{alias_type + '__iexact': alias})
except User.DoesNotExist:
valid_user_serializer = api_settings.PASSWORDLESS_CREATE_USER_SERIALIZER(
data=self.context["request"].data)
if valid_user_serializer.is_valid(
raise_exception=True):
user = User(**{alias_type: alias},
**valid_user_serializer.validated_data)
user.set_unusable_password()
user.save()
else:
raise serializers.ValidationError(
valid_user_serializer.error_messages)
else:
# If new aliases should not register new users.
try:
user = User.objects.get(
**{alias_type + '__iexact': alias})
except User.DoesNotExist:
user = None
if user:
if not user.is_active:
msg = _('User account is disabled.')
raise serializers.ValidationError(msg)
else:
msg = _('No account is associated with this alias.')
raise serializers.ValidationError(msg)
if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \
or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED:
# Mark this alias as verified
success = verify_user_alias(user, token)
if success is False:
msg = _('Error validating user alias.')
raise serializers.ValidationError(msg)
attrs['user'] = user
token.delete()
return attrs
else:
msg = _('Invalid Token')
raise serializers.ValidationError(msg)
except ValidationError as err_with_msg:
raise err_with_msg
except CallbackToken.DoesNotExist:
msg = _('Invalid TOKEN provided.')
raise serializers.ValidationError(msg)
except User.DoesNotExist:
msg = _('Invalid user alias parameters provided.')
raise serializers.ValidationError(msg)
