Ejemplo n.º 1
0
    def dispatch(self, request, *args, **kwargs):
        if settings.DEBUG is True:
            bl_addr = request.GET.get('blacklist', request.META['REMOTE_ADDR'])
            dnsbl_addr = request.GET.get('dnsbl', request.META['REMOTE_ADDR'])
            rate_addr = request.GET.get('ratelimit',
                                        request.META['REMOTE_ADDR'])
        else:
            bl_addr = dnsbl_addr = rate_addr = request.META['REMOTE_ADDR']

        if BlockedIpAddress.objects.is_blocked(bl_addr):
            raise BlockedException(_('This address is blocked.'))

        # Check static blacklist (settings.SPAM_BLACKLIST)
        bl_addr = ipaddress.ip_address(bl_addr)
        for network in _BLACKLIST:
            if bl_addr in network:
                log.info('%s: IP is in settings.BLACKLIST.', bl_addr)
                return TemplateResponse(request, self.blacklist_template, {})

        # Check ratelimits
        if self.check_rate(request, rate_addr) is False:
            log.info('%s: IP is ratelimited.', rate_addr)
            return TemplateResponse(request, self.rate_template, {})

        # Check DNS Blacklists
        blocks = check_dnsbl(dnsbl_addr)
        if blocks:
            log.info('%s: IP is on at least one DNSBL.', dnsbl_addr)
            return TemplateResponse(request, self.dnsbl_template, {
                'blocks': blocks,
            })

        return super(AntiSpamMixin, self).dispatch(request, *args, **kwargs)
Ejemplo n.º 2
0
    def form_valid(self, form):
        request = self.request
        self.ratelimit(request)
        address = request.META['REMOTE_ADDR']
        lang = request.LANGUAGE_CODE
        base_url = '%s://%s' % (request.scheme, request.get_host())

        if BlockedEmail.objects.is_blocked(form.cleaned_data['email']):
            BlockedIpAddress.objects.block(address)
            raise BlockedException(_('You cannot register with this email address.'))

        with transaction.atomic(), version(comment='User created'):
            response = super(RegistrationView, self).form_valid(form)
            user = self.object

            # Compute the normalized email address
            user.normalized_email = normalize_email(user.email)

            # save default language
            user.default_language = lang
            user.save()

            # log user creation, display help message.
            user.log(ugettext_noop('Account created.'), address=address)
            AddressActivity.objects.log(request, ACTIVITY_REGISTER, user=user, note=user.email)
            stat(STAT_REGISTER)

            messages.success(request, _(
                """Successfully created the account %(username)s. A confirmation email was
just sent to the email address you provided (%(email)s). Before you can use
your account, you must click on the confirmation link in that email.""") % {
                    'username': user.username,
                    'email': user.email,
            })

            user.backend = settings.AUTHENTICATION_BACKENDS[0]
            login(self.request, user)

        task = send_confirmation_task.si(
            user_pk=user.pk, purpose=PURPOSE_REGISTER, language=lang, address=address,
            to=user.email, base_url=base_url, hostname=request.site['NAME'])

        # Store GPG key if any
        fp, key = form.get_gpg_data()
        if fp or key:
            gpg_task = add_gpg_key_task.si(
                user_pk=user.pk, address=address, fingerprint=fp, key=key)
            task = chain(gpg_task, task)
        task.delay()

        return response