def test_lockout(self):
request = self.get_request()
self.assertTrue(check_rate_limit('test', request))
sleep(1)
self.assertFalse(check_rate_limit('test', request))
sleep(1)
self.assertFalse(check_rate_limit('test', request))
def test_window(self):
request = self.get_request()
self.assertTrue(check_rate_limit(request))
sleep(1)
self.assertFalse(check_rate_limit(request))
sleep(1)
self.assertTrue(check_rate_limit(request))
def test_lockout(self):
request = FakeRequest()
self.assertTrue(check_rate_limit(request))
sleep(1)
self.assertFalse(check_rate_limit(request))
sleep(1)
self.assertFalse(check_rate_limit(request))
def test_limit(self):
request = FakeRequest()
for dummy in range(5):
self.assertTrue(
check_rate_limit(request)
)
self.assertFalse(
check_rate_limit(request)
)
def test_limit(self):
request = FakeRequest()
for dummy in range(5):
self.assertTrue(
check_rate_limit(request)
)
self.assertFalse(
check_rate_limit(request)
)
def test_limit(self):
request = self.get_request()
for dummy in range(5):
self.assertTrue(
check_rate_limit('test', request)
)
self.assertFalse(
check_rate_limit('test', request)
)
def test_lockout(self):
request = FakeRequest()
self.assertTrue(
check_rate_limit(request)
)
sleep(1)
self.assertFalse(
check_rate_limit(request)
)
sleep(1)
self.assertFalse(
check_rate_limit(request)
)
def test_lockout(self):
request = self.get_request()
self.assertTrue(
check_rate_limit('test', request)
)
sleep(1)
self.assertFalse(
check_rate_limit('test', request)
)
sleep(1)
self.assertFalse(
check_rate_limit('test', request)
)
def contact(request):
if request.method == 'POST':
form = ContactForm(request.POST)
if not check_rate_limit(request):
messages.error(
request, _('Too many messages sent, please try again later!'))
elif form.is_valid():
mail_admins_contact(
request,
'%(subject)s',
CONTACT_TEMPLATE,
form.cleaned_data,
form.cleaned_data['email'],
)
return redirect('home')
else:
initial = get_initial_contact(request)
if request.GET.get('t') in CONTACT_SUBJECTS:
initial['subject'] = CONTACT_SUBJECTS[request.GET['t']]
form = ContactForm(initial=initial)
return render(request, 'accounts/contact.html', {
'form': form,
'title': _('Contact'),
})
def contact(request):
captcha = None
show_captcha = (settings.REGISTRATION_CAPTCHA
and not request.user.is_authenticated)
if request.method == 'POST':
form = ContactForm(request.POST)
if show_captcha:
captcha = CaptchaForm(request, form, request.POST)
if not check_rate_limit(request):
messages.error(
request, _('Too many messages sent, please try again later!'))
elif (captcha is None or captcha.is_valid()) and form.is_valid():
mail_admins_contact(
request,
'%(subject)s',
CONTACT_TEMPLATE,
form.cleaned_data,
form.cleaned_data['email'],
settings.ADMINS_CONTACT,
)
return redirect('home')
else:
initial = get_initial_contact(request)
if request.GET.get('t') in CONTACT_SUBJECTS:
initial['subject'] = CONTACT_SUBJECTS[request.GET['t']]
form = ContactForm(initial=initial)
if show_captcha:
captcha = CaptchaForm(request)
return render(request, 'accounts/contact.html', {
'form': form,
'captcha_form': captcha,
'title': _('Contact'),
})
def contact(request):
if request.method == 'POST':
form = ContactForm(request.POST)
if not check_rate_limit(request):
messages.error(
request,
_('Too many messages sent, please try again later!')
)
elif form.is_valid():
mail_admins_contact(
request,
'%(subject)s',
CONTACT_TEMPLATE,
form.cleaned_data,
form.cleaned_data['email'],
)
return redirect('home')
else:
initial = get_initial_contact(request)
if request.GET.get('t') in CONTACT_SUBJECTS:
initial['subject'] = CONTACT_SUBJECTS[request.GET['t']]
form = ContactForm(initial=initial)
return render(
request,
'accounts/contact.html',
{
'form': form,
'title': _('Contact'),
}
)
def search(request, project=None, component=None, lang=None):
"""Perform site-wide search on units."""
if not check_rate_limit('search', request):
search_form = SiteSearchForm()
else:
search_form = SiteSearchForm(request.GET)
context = {
'search_form': search_form,
}
search_kwargs = {}
if component:
obj = get_component(request, project, component)
context['component'] = obj
context['project'] = obj.project
search_kwargs = {'component': obj}
elif project:
obj = get_project(request, project)
context['project'] = obj
search_kwargs = {'project': obj}
else:
obj = None
if lang:
s_language = get_object_or_404(Language, code=lang)
context['language'] = s_language
search_kwargs = {'language': s_language}
if search_form.is_valid():
# Filter results by ACL
if component:
units = Unit.objects.filter(translation__component=obj)
elif project:
units = Unit.objects.filter(translation__component__project=obj)
else:
allowed_projects = request.user.allowed_projects
units = Unit.objects.filter(
translation__component__project__in=allowed_projects)
units = units.search(search_form.cleaned_data, **search_kwargs)
if lang:
units = units.filter(translation__language=context['language'])
page, limit = get_page_limit(request, 50)
paginator = Paginator(units, limit)
try:
units = paginator.page(page)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of
# results.
units = paginator.page(paginator.num_pages)
context['page_obj'] = units
context['title'] = _('Search for %s') % (search_form.cleaned_data['q'])
context['query_string'] = search_form.urlencode()
context['search_query'] = search_form.cleaned_data['q']
else:
messages.error(request, _('Invalid search query!'))
return render(request, 'search.html', context)
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
if username and password:
if not check_rate_limit(self.request):
raise forms.ValidationError(
_('Too many authentication attempts!')
)
self.user_cache = authenticate(
username=username,
password=password
)
if self.user_cache is None:
try:
notify_account_activity(
try_get_user(username),
self.request,
'failed-auth',
method='Password',
name=username,
)
except User.DoesNotExist:
pass
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages['invalid_login'],
code='invalid_login',
)
elif not self.user_cache.is_active:
raise forms.ValidationError(
self.error_messages['inactive'],
code='inactive',
)
else:
notify_account_activity(
self.user_cache,
self.request,
'login',
method='Password',
name=username,
)
reset_rate_limit(self.request)
return self.cleaned_data
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
if username and password:
if not check_rate_limit(self.request):
raise forms.ValidationError(
_('Too many authentication attempts!')
)
self.user_cache = authenticate(
username=username,
password=password
)
if self.user_cache is None:
try:
notify_account_activity(
try_get_user(username),
self.request,
'failed-auth',
method='Password',
name=username,
)
except User.DoesNotExist:
pass
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages['invalid_login'],
code='invalid_login',
)
elif not self.user_cache.is_active:
raise forms.ValidationError(
self.error_messages['inactive'],
code='inactive',
)
else:
notify_account_activity(
self.user_cache,
self.request,
'login',
method='Password',
name=username,
)
reset_rate_limit(self.request)
return self.cleaned_data
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
if username and password:
if not check_rate_limit('login', self.request):
raise forms.ValidationError(
_('Too many authentication attempts from this location!')
)
self.user_cache = authenticate(
self.request,
username=username,
password=password
)
if self.user_cache is None:
for user in try_get_user(username, True):
notify_account_activity(
user,
self.request,
'failed-auth',
method=ugettext('Password'),
name=username,
)
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages['invalid_login'],
code='invalid_login',
)
elif not self.user_cache.is_active:
raise forms.ValidationError(
self.error_messages['inactive'],
code='inactive',
)
else:
notify_account_activity(
self.user_cache,
self.request,
'login',
method=ugettext('Password'),
name=username,
)
reset_rate_limit('login', self.request)
return self.cleaned_data
def contact(request):
captcha = None
show_captcha = (
settings.REGISTRATION_CAPTCHA and
not request.user.is_authenticated
)
if request.method == 'POST':
form = ContactForm(request.POST)
if show_captcha:
captcha = CaptchaForm(request, form, request.POST)
if not check_rate_limit('message', request):
messages.error(
request,
_('Too many messages sent, please try again later!')
)
elif (captcha is None or captcha.is_valid()) and form.is_valid():
mail_admins_contact(
request,
'%(subject)s',
CONTACT_TEMPLATE,
form.cleaned_data,
form.cleaned_data['email'],
settings.ADMINS_CONTACT,
)
return redirect('home')
else:
initial = get_initial_contact(request)
if request.GET.get('t') in CONTACT_SUBJECTS:
initial['subject'] = CONTACT_SUBJECTS[request.GET['t']]
form = ContactForm(initial=initial)
if show_captcha:
captcha = CaptchaForm(request)
return render(
request,
'accounts/contact.html',
{
'form': form,
'captcha_form': captcha,
'title': _('Contact'),
}
)
def clean(self):
username = self.cleaned_data.get('username')
password = self.cleaned_data.get('password')
if username and password:
if not check_rate_limit('login', self.request):
raise forms.ValidationError(
_('Too many authentication attempts from this location!'))
self.user_cache = authenticate(self.request,
username=username,
password=password)
if self.user_cache is None:
for user in try_get_user(username, True):
notify_account_activity(
user,
self.request,
'failed-auth',
method=ugettext('Password'),
name=username,
)
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages['invalid_login'],
code='invalid_login',
)
elif not self.user_cache.is_active:
raise forms.ValidationError(
self.error_messages['inactive'],
code='inactive',
)
else:
notify_account_activity(
self.user_cache,
self.request,
'login',
method=ugettext('Password'),
name=username,
)
reset_rate_limit('login', self.request)
return self.cleaned_data
def search(request, project=None, component=None, lang=None):
"""Perform site-wide search on units."""
if not check_rate_limit('search', request):
search_form = SiteSearchForm()
else:
search_form = SiteSearchForm(request.GET)
context = {
'search_form': search_form,
}
search_kwargs = {}
if component:
obj = get_component(request, project, component)
context['component'] = obj
context['project'] = obj.project
context['back_url'] = obj.get_absolute_url()
search_kwargs = {'component': obj}
elif project:
obj = get_project(request, project)
context['project'] = obj
context['back_url'] = obj.get_absolute_url()
search_kwargs = {'project': obj}
else:
obj = None
context['back_url'] = None
if lang:
s_language = get_object_or_404(Language, code=lang)
context['language'] = s_language
search_kwargs = {'language': s_language}
if obj:
if component:
context['back_url'] = obj.translation_set.get(
language=s_language
).get_absolute_url()
else:
context['back_url'] = reverse(
'project-language',
kwargs={
'project': project,
'lang': lang,
}
)
else:
context['back_url'] = s_language.get_absolute_url()
if search_form.is_valid():
# Filter results by ACL
if component:
units = Unit.objects.filter(translation__component=obj)
elif project:
units = Unit.objects.filter(translation__component__project=obj)
else:
allowed_projects = request.user.allowed_projects
units = Unit.objects.filter(
translation__component__project__in=allowed_projects
)
units = units.search(
search_form.cleaned_data,
**search_kwargs
)
if lang:
units = units.filter(
translation__language=context['language']
)
page, limit = get_page_limit(request, 50)
paginator = Paginator(units, limit)
try:
units = paginator.page(page)
except EmptyPage:
# If page is out of range (e.g. 9999), deliver last page of
# results.
units = paginator.page(paginator.num_pages)
context['page_obj'] = units
context['title'] = _('Search for %s') % (
search_form.cleaned_data['q']
)
context['query_string'] = search_form.urlencode()
context['search_query'] = search_form.cleaned_data['q']
else:
messages.error(request, _('Invalid search query!'))
return render(
request,
'search.html',
context
)
def clean(self):
if not check_rate_limit(self.request):
raise forms.ValidationError(
_('Too many registration attempts!')
)
return self.cleaned_data
def test_basic(self):
self.assertTrue(
check_rate_limit(FakeRequest())
)
def test_limit(self):
request = self.get_request()
for dummy in range(5):
self.assertTrue(check_rate_limit('test', request))
self.assertFalse(check_rate_limit('test', request))
def test_basic(self):
self.assertTrue(check_rate_limit('test', self.get_request()))
def clean(self):
if not check_rate_limit('registration', self.request):
raise forms.ValidationError(
_('Too many registration attempts from this location!')
)
return self.cleaned_data
def test_basic(self):
self.assertTrue(
check_rate_limit(FakeRequest())
)
def test_basic(self):
self.assertTrue(
check_rate_limit('test', self.get_request())
)
