def _inner(request, domain, *args, **kwargs):
domain_obj = Domain.get_by_name(domain)
couch_user = _ensure_request_couch_user(request)
if (
not api_key and
not getattr(request, 'skip_two_factor_check', False) and
domain_obj and
_two_factor_required(view_func, domain_obj, couch_user)
):
token = request.META.get('HTTP_X_COMMCAREHQ_OTP')
if not token and 'otp' in request.GET:
with mutable_querydict(request.GET):
# remove the param from the query dict so that we don't interfere with places
# that use the query dict to generate dynamic filters
token = request.GET.pop('otp')[-1]
if not token:
return JsonResponse(OTP_AUTH_FAIL_RESPONSE, status=401)
otp_device = match_token(request.user, token)
if not otp_device:
return JsonResponse({"error": "OTP token is incorrect"}, status=401)
# set otp device and is_verified function on user to be consistent with OTP middleware
request.user.otp_device = otp_device
request.user.is_verified = lambda: True
return fn(request, domain, *args, **kwargs)
return fn(request, domain, *args, **kwargs)
def _inner(request, domain, *args, **kwargs):
domain_obj = Domain.get_by_name(domain)
couch_user = _ensure_request_couch_user(request)
if (not api_key
and not getattr(request, 'skip_two_factor_check', False)
and domain_obj and _two_factor_required(
view_func, domain_obj, couch_user)):
token = request.META.get('HTTP_X_COMMCAREHQ_OTP')
if not token and 'otp' in request.GET:
with mutable_querydict(request.GET):
# remove the param from the query dict so that we don't interfere with places
# that use the query dict to generate dynamic filters
token = request.GET.pop('otp')[-1]
if not token:
return JsonResponse(OTP_AUTH_FAIL_RESPONSE, status=401)
otp_device = match_token(request.user, token)
if not otp_device:
return JsonResponse({"error": "OTP token is incorrect"},
status=401)
# set otp device and is_verified function on user to be consistent with OTP middleware
request.user.otp_device = otp_device
request.user.is_verified = lambda: True
return fn(request, domain, *args, **kwargs)
return fn(request, domain, *args, **kwargs)
def _login(req, domain_name, custom_login_page, extra_context=None):
extra_context = extra_context or {}
if req.user.is_authenticated and req.method == "GET":
redirect_to = req.GET.get('next', '')
if redirect_to:
return HttpResponseRedirect(redirect_to)
if not domain_name:
return HttpResponseRedirect(reverse('homepage'))
else:
return HttpResponseRedirect(reverse('domain_homepage', args=[domain_name]))
if req.method == 'POST' and domain_name and '@' not in req.POST.get('auth-username', '@'):
with mutable_querydict(req.POST):
req.POST['auth-username'] = format_username(req.POST['auth-username'], domain_name)
if 'auth-username' in req.POST:
couch_user = CouchUser.get_by_username(req.POST['auth-username'].lower())
if couch_user:
new_lang = couch_user.language
old_lang = req.session.get(LANGUAGE_SESSION_KEY)
update_session_language(req, old_lang, new_lang)
req.base_template = settings.BASE_TEMPLATE
context = {}
template_name = custom_login_page if custom_login_page else 'login_and_password/login.html'
if not custom_login_page and domain_name:
domain_obj = Domain.get_by_name(domain_name)
req_params = req.GET if req.method == 'GET' else req.POST
context.update({
'domain': domain_name,
'hr_name': domain_obj.display_name(),
'next': req_params.get('next', '/a/%s/' % domain_name),
'allow_domain_requests': domain_obj.allow_domain_requests,
'current_page': {'page_name': _('Welcome back to %s!') % domain_obj.display_name()},
})
else:
commcare_hq_name = commcare_hq_names(req)['commcare_hq_names']["COMMCARE_HQ_NAME"]
context.update({
'current_page': {'page_name': _('Welcome back to %s!') % commcare_hq_name},
})
if settings.SERVER_ENVIRONMENT in settings.ICDS_ENVS:
auth_view = CloudCareLoginView
else:
auth_view = HQLoginView if not domain_name else CloudCareLoginView
demo_workflow_ab_v2 = ab_tests.SessionAbTest(ab_tests.DEMO_WORKFLOW_V2, req)
if settings.IS_SAAS_ENVIRONMENT:
context['demo_workflow_ab_v2'] = demo_workflow_ab_v2.context
context.update(extra_context)
response = auth_view.as_view(template_name=template_name, extra_context=context)(req)
if settings.IS_SAAS_ENVIRONMENT:
demo_workflow_ab_v2.update_response(response)
return response
def _login(req, domain_name, template_name):
if req.user.is_authenticated and req.method == "GET":
redirect_to = req.GET.get('next', '')
if redirect_to:
return HttpResponseRedirect(redirect_to)
if not domain_name:
return HttpResponseRedirect(reverse('homepage'))
else:
return HttpResponseRedirect(
reverse('domain_homepage', args=[domain_name]))
if req.method == 'POST' and domain_name and '@' not in req.POST.get(
'auth-username', '@'):
with mutable_querydict(req.POST):
req.POST['auth-username'] = format_username(
req.POST['auth-username'], domain_name)
if 'auth-username' in req.POST:
couch_user = CouchUser.get_by_username(
req.POST['auth-username'].lower())
if couch_user:
new_lang = couch_user.language
old_lang = req.session.get(LANGUAGE_SESSION_KEY)
update_session_language(req, old_lang, new_lang)
req.base_template = settings.BASE_TEMPLATE
context = {}
custom_landing_page = getattr(settings, 'CUSTOM_LANDING_TEMPLATE', False)
if custom_landing_page:
template_name = custom_landing_page
elif domain_name:
domain = Domain.get_by_name(domain_name)
req_params = req.GET if req.method == 'GET' else req.POST
context.update({
'domain': domain_name,
'hr_name': domain.display_name() if domain else domain_name,
'next': req_params.get('next', '/a/%s/' % domain),
'allow_domain_requests': domain.allow_domain_requests,
'current_page': {
'page_name': _('Welcome back to %s!') % domain.display_name()
}
})
else:
context.update(
{'current_page': {
'page_name': _('Welcome back to CommCare HQ!')
}})
auth_view = HQLoginView if not domain_name else CloudCareLoginView
return auth_view.as_view(template_name=template_name,
extra_context=context)(req)
def _inner(request, *args, **kwargs):
with mutable_querydict(request.GET):
as_user = request.GET.pop('as', None)
if not as_user:
return HttpResponse('User required', status=401)
couch_user = CouchUser.get_by_username(as_user[-1])
if not couch_user:
return HttpResponse('Unknown user', status=401)
request.user = couch_user.get_django_user()
request.couch_user = couch_user
return view(request, *args, **kwargs)
def _inner(request, *args, **kwargs):
with mutable_querydict(request.GET):
as_user = request.GET.pop('as', None)
if not as_user:
return HttpResponse('User required', status=401)
couch_user = CouchUser.get_by_username(as_user[-1])
if not couch_user:
return HttpResponse('Unknown user', status=401)
request.user = couch_user.get_django_user()
request.couch_user = couch_user
return view(request, *args, **kwargs)
def _inner(request, *args, **kwargs):
with mutable_querydict(request.GET):
request_user = request.GET.pop('as', None)
if not request_user:
auth_logger.info("Request rejected reason=%s request=%s",
"formplayer_auth:user_required", request.path)
return HttpResponse('User required', status=401)
couch_user = CouchUser.get_by_username(request_user[-1])
if not couch_user:
auth_logger.info("Request rejected reason=%s request=%s",
"formplayer_auth:unknown_user", request.path)
return HttpResponse('Unknown user', status=401)
request.user = couch_user.get_django_user()
request.couch_user = couch_user
return view(request, *args, **kwargs)
def _login(req, domain_name):
if req.user.is_authenticated and req.method == "GET":
redirect_to = req.GET.get('next', '')
if redirect_to:
return HttpResponseRedirect(redirect_to)
if not domain_name:
return HttpResponseRedirect(reverse('homepage'))
else:
return HttpResponseRedirect(reverse('domain_homepage', args=[domain_name]))
if req.method == 'POST' and domain_name and '@' not in req.POST.get('auth-username', '@'):
with mutable_querydict(req.POST):
req.POST['auth-username'] = format_username(req.POST['auth-username'], domain_name)
if 'auth-username' in req.POST:
couch_user = CouchUser.get_by_username(req.POST['auth-username'].lower())
if couch_user:
new_lang = couch_user.language
old_lang = req.session.get(LANGUAGE_SESSION_KEY)
update_session_language(req, old_lang, new_lang)
req.base_template = settings.BASE_TEMPLATE
context = {}
template_name = 'login_and_password/login.html'
custom_landing_page = settings.CUSTOM_LANDING_TEMPLATE
if custom_landing_page:
if isinstance(custom_landing_page, six.string_types):
soft_assert_type_text(custom_landing_page)
template_name = custom_landing_page
else:
template_name = custom_landing_page.get(req.get_host())
if template_name is None:
template_name = custom_landing_page.get('default', template_name)
elif domain_name:
domain_obj = Domain.get_by_name(domain_name)
req_params = req.GET if req.method == 'GET' else req.POST
context.update({
'domain': domain_name,
'hr_name': domain_obj.display_name(),
'next': req_params.get('next', '/a/%s/' % domain_name),
'allow_domain_requests': domain_obj.allow_domain_requests,
'current_page': {'page_name': _('Welcome back to %s!') % domain_obj.display_name()},
})
else:
commcare_hq_name = commcare_hq_names(req)['commcare_hq_names']["COMMCARE_HQ_NAME"]
context.update({
'current_page': {'page_name': _('Welcome back to %s!') % commcare_hq_name},
})
if settings.SERVER_ENVIRONMENT in settings.ICDS_ENVS:
auth_view = CloudCareLoginView
else:
auth_view = HQLoginView if not domain_name else CloudCareLoginView
demo_workflow_ab_v2 = ab_tests.SessionAbTest(ab_tests.DEMO_WORKFLOW_V2, req)
if settings.IS_SAAS_ENVIRONMENT:
context['demo_workflow_ab_v2'] = demo_workflow_ab_v2.context
response = auth_view.as_view(template_name=template_name, extra_context=context)(req)
if settings.IS_SAAS_ENVIRONMENT:
demo_workflow_ab_v2.update_response(response)
return response
