def auto_login(request, uidb36, token, template="autologin/failed.html", redirect_to="/"):
redirect = request.GET.get('next', None)
args = request.GET.copy()
if 'next' in args:
del args['next']
args = args.urlencode()
if redirect is None:
redirect = redirect_to
if args != "":
if '?' in redirect:
redirect += '&'
else:
redirect += '?'
redirect += args
User = get_user_model()
try:
user = User.objects.get(pk=base36_to_int(uidb36))
except (ValueError, User.DoesNotExist):
user = None
if request.user.is_authenticated():
if request.user == user:
update_last_login(None, user)
return HttpResponseRedirect(redirect)
else:
user = None
if user is None or not default_token_generator.check_token(user, token):
return TemplateResponse(request, template, {}, status=400)
else:
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
return HttpResponseRedirect(redirect)
def post(self, request):
# Get redirect URL
redirect_url = request.REQUEST.get('next', reverse_lazy('cursos:listar'))
# Check if user has been authenticated before - if so, redirect him/her to the main site
if request.user is not None and request.user.is_authenticated():
return redirect(redirect_url)
form = LoginForm(request.POST)
if form.is_valid():
# Login the authenticated user to the site and redirect - remember to log this event
user = form.user
login_to_site(request, user)
update_last_login(None, user = user)
return redirect(redirect_url)
# Login failed - report errors back to the user
return render_to_response('accounts/login.html',
context = RequestContext(request, locals()),
status = 401
)
def get_or_fetch(self, pk):
u = self.filter(pk=pk).first()
if u:
# Set last_login field for the updating queue
update_last_login(None, u)
return u
user_dict = wechat_client.user.get(pk)
return self.create(**self.amend_model_params(**user_dict))
def safe_update_last_login(sender, user, **kwargs):
"""
Identical to Django's built-in handler except that we gracefully
handle database failures.
tl;dr logging in should not fail when a db is read-only
"""
try:
update_last_login(sender, user, **kwargs)
except DatabaseError as exc:
logging.warn(six.text_type(exc), exc_info=True)
def jwt_response_payload_handler(token, user=None, request=None):
if user:
# if the last_login is set, update it.
if user.last_login:
update_last_login(None, user)
now = datetime.datetime.now()
game = NflGame.objects.filter(starts_at__gte=now).order_by('starts_at').first()
current_week = 21 if not game else games.week
return {'access_token': token, 'user_id': user.id, 'current_week': current_week}
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get("user") or request.user
update_last_login(None, user)
token = serializer.object.get("token")
response_data = jwt_response_payload_handler(token, user, request)
return Response(response_data)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def confirm_email_address(
request,
uidb36,
token,
error_template="onboarding/failed_email_confirm.html",
template="onboarding/email_confirm.html",
redirect_to="/",
):
redirect = request.GET.get("next", None)
args = request.GET.copy()
if "next" in args:
del args["next"]
args = args.urlencode()
if redirect is None:
redirect = redirect_to
if args != "":
if "?" in redirect:
redirect += "&"
else:
redirect += "?"
redirect += args
try:
user = User.objects.get(pk=base36_to_int(uidb36))
except (ValueError, User.DoesNotExist):
user = None
if request.user.is_authenticated() and request.user != user:
user = None
if user is None or not token_generator.check_token(user, token):
return TemplateResponse(request, error_template, {}, status=400)
if request.method == "POST":
if request.user.is_authenticated():
if request.user == user:
user.is_active = True
user.save()
update_last_login(None, user)
return HttpResponseRedirect(redirect)
else:
return TemplateResponse(request, error_template, {}, status=400)
user.is_active = True
user.save()
user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user)
return HttpResponseRedirect(redirect)
else:
return TemplateResponse(request, template, {"next": redirect, "email": user.email})
def login(request):
""" 通过 GitHub 的 oauth 系统登陆 """
code = request.query_params.get('code')
if code is None:
return Response({
'error': 'Please provide code',
'redirect': f'https://github.com/login/oauth/authorize?client_id={client_id}'
}, status=HTTP_400_BAD_REQUEST)
access_token = get_access_token(code)
if access_token is None:
return Response({
'error': 'Wrong code',
}, status=HTTP_401_UNAUTHORIZED)
user_info = get_user_info(access_token)
username = user_info['login']
email = user_info['email']
password = '******' # 没有任何用处,也不会用这个密码来登陆
user = authenticate(username=username, password=password)
# 如果之前没有这个用户则创建
if not user:
user = User.objects.create_user(
username=username,
email=email,
password=password
)
user_detail = UserDetail(
user=user,
username=username,
github_id=user_info.get('id', ''),
node_id=user_info.get('node_id', ''),
avatar_url=user_info.get('avatar_url', ''),
gravatar_id=user_info.get('gravatar_id', ''),
url=user_info.get('url', ''),
html_url=user_info.get('html_url', ''),
name=user_info.get('name', ''),
blog=user_info.get('blog', ''),
location=user_info.get('location', ''),
email=user_info.get('email', ''),
bio=user_info.get('bio', ''),
)
user_detail.save()
update_last_login(None, user)
# 返回 Token
token, _ = Token.objects.get_or_create(user=user)
return Response({
'token': token.key
}, status=HTTP_200_OK)
def validate(self, data):
username = data['username']
password = data['password']
user = authenticate(username=username, password=password)
if user is None:
raise ValidationError(detail='Incorrect username or password',
status_code=status.HTTP_401_UNAUTHORIZED)
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
return {
'username': user.username,
'token': jwt_token,
'user_id': user.id
}
def validate(self, data):
username = EmailAddress.objects.get(
email_id=data.get("username")).user_id or MobileNumber.objects.get(
mobile_number=data.get("username")).user_id or null
password = data.get("password")
user = authenticate(user=username, password=password)
if user is None:
raise serializers.ValidationError(
'A user with this username and password is not found.')
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except User.DoesNotExist:
raise serializers.ValidationError(
'User with given username and password does not exists')
return {'user': user.user, 'token': jwt_token}
def validate(self, data):
username = data.get("username", None)
password = data.get("password", None)
user = authenticate(username=username, password=password)
if user is None:
raise serializers.ValidationError(
'A user with this email and password is not found.'
)
try:
update_last_login(None, user)
except User.DoesNotExist:
raise serializers.ValidationError(
'User with given email and password does not exists'
)
return {
'email': user.email
}
def validate(self, data):
username = data.get('username')
password = data.get('password', None)
user = authenticate(username=username, password=password)
if user is None:
return {'username': '******'}
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except User.DoesNotExist:
raise serializers.ValidationError(
'User with given username and password does not exist')
return {'username': user.username, 'token': jwt_token}
def post(self, request, *args, **kwargs):
result = super().post(request, *args, **kwargs)
try:
user = UserProfile.objects.get(username=request.data['username'])
if not user.verified:
user.send_verification_email()
return Response(
{
'detail': VERIFY_EMAIL_MESSAGE,
'email': user.email
},
status=status.HTTP_401_UNAUTHORIZED)
update_last_login(None, user)
except: # pylint: disable=bare-except
pass
return result
def validate(self, data):
email = data.get('email', None)
password = data.get('password', None)
user = authenticate(email=email, password=password)
if user is None:
raise serializers.ValidationError(
'A user with this email and password is not found.')
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
print(payload)
print(jwt_token)
update_last_login(None, user)
except User.DoesNotExist:
raise serializers.ValidationError(
'User with given email and password does not exists')
return {'email': user.email, 'token': jwt_token}
def validate(self, attrs):
data = super().validate(attrs)
refresh = self.get_token(self.user)
data["refresh"] = str(refresh)
data["access"] = str(refresh.access_token)
data["user"] = {
"profile_picture_url": self.user.profile.profile_picture_url,
"first_name": self.user.profile.first_name,
"last_name": self.user.profile.last_name,
}
if api_settings.UPDATE_LAST_LOGIN:
update_last_login(None, self.user)
return data
def post(self, request, *args, **kwargs):
username = self.request.data['username']
email = self.request.data['email']
password = self.request.data['password']
if User.objects.filter(username=username).first():
return Response(data={
'title': 'Already Exist',
'message': 'There is already user that has same username',
'error_code': 100
},
status=400)
if User.objects.filter(email=email).first():
return Response(data={
'title': 'Already Exist',
'message': 'There is already user that has same email',
'error_code': 101
},
status=400)
user = User.objects.create_user(
username=username,
email=email,
password=password,
)
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except User.DoesNotExist:
return Response(data={
'title': 'Login error',
'message': 'Something went wrong. Please try again later',
'error_code': 102
},
status=400)
return Response(data={
'success': True,
'token': jwt_token,
'user': UserSerializer(user).data
},
status=200)
def token_obtain_sliding_login_handler(request, username, password):
"""
Takes a set of user credentials and returns a sliding JSON web token to
prove the authentication of those credentials.
"""
ser = TokenObtainSlidingSerializer(data={
get_username_field(): username,
'password': password
})
try:
ser.is_valid(raise_exception=True)
except:
raise InvalidUser('用户名/密码输入错误')
update_last_login(None, ser.user)
session_user_update(request, ser.user)
res = dict(token=ser.validated_data.get('token'),
user=UserSerializer(ser.user).data)
return res
def login(self, request):
serializer = LoginSerializer(data=request.data)
if not serializer.is_valid():
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
username = serializer.data['login']
password = serializer.data['senha']
user = authenticate(username=username, password=password)
if not user:
return Response({"erro": "Login ou senha incorretos"}, status=status.HTTP_400_BAD_REQUEST)
update_last_login(None, user)
tokens = RefreshToken.for_user(user) # Gera os tokens JWT
return Response(
{
'refresh': str(tokens),
'access': str(tokens.access_token),
},
status.HTTP_200_OK
)
def post(self, request):
email = request.data['email']
password = request.data['password']
user = authenticate(email=email, password=password)
if user is None:
queryset = CustomUser.objects.filter(email=email)
data = Register_User_serializera(queryset, many=True)
if password == data.data[0]['password']:
jwt_token = JWT_ENCODE_HANDLER(email)
return Response({'email': email, "token": jwt_token})
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except CustomUser.DoesNotExist:
raise serializers.ValidationError(
'User with given email and password does not exists')
return Response({'email': user.email, 'token': jwt_token})
def validate(self, data):
email = data['email']
password = data['password']
user = authenticate(username=email, password=password)
if user is None:
# raise some exception
raise serializers.ValidationError(
'A user with this email/username and password is not found')
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except User.DoesNotExist:
raise serializers.ValidationError(
'User with given email and password does not exist')
return {'email': user.email, 'token': jwt_token}
def get(self, request):
access_token = request.COOKIES.get(settings.AUTH_COOKIE_KEY)
if access_token is None:
logger.warning("Access token not found in cookie")
return Response(status=status.HTTP_401_UNAUTHORIZED)
try:
validated_user, _ = JWTHttpOnlyCookieAuthentication(
).authenticate_token(access_token)
except:
validated_user = None
if validated_user is None:
return Response(status=status.HTTP_401_UNAUTHORIZED)
update_last_login(None, validated_user)
user_serializer = serializers.UserSerializer(validated_user)
return Response({"user": user_serializer.data},
status=status.HTTP_200_OK)
def post(self, request, *args, **kwargs):
serializer = self.get_serializer(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data
print(UserSerializer(user, context=self.get_serializer_context()).data)
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except UserModel.DoesNotExist:
raise serializers.ValidationError(
'User with given username and password does not exist')
return Response({
"user":
UserSerializer(user, context=self.get_serializer_context()).data,
"token":
jwt_token
})
def post(self, request, *args, **kwargs):
"""
Override to check user login
Args:
request (object): The request object
"""
serializer = self.serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
# Update last logged in
update_last_login(None, user)
data = get_user_profile_data(user)
return Response(data, status=status.HTTP_200_OK)
def validate(self, data):
username = data.get('username', None)
password = data.get('password', None)
user = authenticate(username=username, password=password)
if user is None:
raise serializers.ValidationError('tài khoản k tồn tại')
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except User.DoesNotExist:
raise serializers.ValidationError(
'User with given email and password does not exists')
else:
data['user'] = user
data['token'] = jwt_token
return data
def validate(self, data):
email = data.get("email", None)
password = data.get("password", None)
user = authenticate(email=email, password=password)
if user is None:
raise serializers.ValidationError(
'A user with this email and password is not found.')
try:
payload = api_settings.JWT_PAYLOAD_HANDLER(user)
jwt_token = api_settings.JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except CustomUser.DoesNotExist:
raise serializers.ValidationError(
'User with given email and password does not exists')
return {
'email': user.email,
'token': jwt_token.encode(payload, "SECRET_KEY")
}
def validate(self, data):
email = data.get("email", None)
password = data.get("password", None)
user = authenticate(email=email, password=password)
print("USERR:", user)
if user is None:
raise serializers.ValidationError('Invalid Credentials')
try:
# JWT TPayload Generation
payload = JWT_PAYLOAD_HANDLER(user)
# JWT Token Generation
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except:
raise serializers.ValidationError(
'User with this email and password is not found.')
return {'email': user.email, 'token': jwt_token}
def create(self, validated_data):
profile_data = validated_data.pop('profile')
user = User.objects.create_user(**validated_data)
UserProfile.objects.create(user=user,
first_name=profile_data['first_name'],
last_name=profile_data['last_name'],
phone_number=profile_data['phone_number'],
age=profile_data['age'],
gender=profile_data['gender'])
login_user = authenticate(user=user.username, password=user.password)
payload = JWT_PAYLOAD_HANDLER(login_user)
jwt_token = JWT_PAYLOAD_HANDLER(payload)
update_last_login(None, login_user)
return {
'username': login_user.username,
'token': jwt_token,
}
def validate(self, data):
email = data.get("email", None)
password = data.get("password", None)
user = authenticate(email=email, password=password)
if user is None:
raise serializers.ValidationError("No such User exists")
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except User.DoesNotExist:
raise serializers.ValidationError("No such User exists")
return {
"email": user.email,
"token": jwt_token,
}
def validate(self, data):
username = data.get("username", None)
password = data.get("password", None)
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
user = User.objects.create_user(**data)
user = authenticate(username=username, password=password)
if user is None:
raise serializers.ValidationError(
'User with given username and password does not exists')
try:
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
update_last_login(None, user)
except User.DoesNotExist:
raise serializers.ValidationError(
'User with given username and password does not exists')
return {'username': user.username, 'token': jwt_token}
def validate(self, attrs):
data = super().validate(attrs)
refresh = self.get_token(self.user)
data['refresh'] = str(refresh)
data['access'] = str(refresh.access_token)
data['user'] = self.user.pk
data['first_name'] = self.user.first_name
data['last_name'] = self.user.last_name
data['email'] = self.user.email
data['username'] = self.user.username
data['phone_number'] = self.user.phone_number
if api_settings.UPDATE_LAST_LOGIN:
update_last_login(None, self.user)
return data
def validate(self, attrs):
email = attrs.get('email')
password = attrs.get('password')
print(email, ':', password)
user = authenticate(email=email, password=password)
if user is None:
return {'email': 'None'}
try:
# set token
update_last_login(None, user)
except User.DoesNotExist:
raise serializers.ValidationError(
'User with given email and password does not exists')
return {
'user': user,
'email': user.email,
# 'token': jwt_token
}
def sign_up(request):
"""
Create a new User
"""
JSON_RESPONSE = {STATUS: None, DATA: None, MESSAGE: None}
serializer = UserSerializer(data=request.data)
if serializer.is_valid():
user = serializer.create(request.data)
if (user != None):
update_last_login(None, user)
token = AccessToken.objects.get(user=user)
token_serializer = AccessTokenSerializer(token)
JSON_RESPONSE[STATUS] = SUCCESS
JSON_RESPONSE[DATA] = UserSerializer(user).data
JSON_RESPONSE[DATA][TOKEN] = token_serializer.data
return Response(JSON_RESPONSE, status=status.HTTP_201_CREATED)
JSON_RESPONSE[STATUS] = FAIL
JSON_RESPONSE[MESSAGE] = "Username has been taken"
return Response(JSON_RESPONSE, status=status.HTTP_400_BAD_REQUEST)
def resend_activation_email(request, user_hashid):
try:
user = get_object_or_404(
CustomUser, pk=settings.HASHID_CUSTOM_USER.decode(user_hashid)[0])
from datetime import datetime
timestamp = user.last_login or user.date_joined
if not user.is_active and not user.is_disabled and (
(datetime.utcnow() -
timestamp.replace(tzinfo=None)).total_seconds() > 300): # 5 min
send_activation_email_task.delay(user.pk,
get_current_site(request).domain)
update_last_login(None, user)
return render(request, 'account/inactive.html', {
'user': user,
'resent': True
})
return render(request, 'account/inactive.html', {'user': user})
except:
raise Http404('Page Not Found')
def social_login(request):
serializer_class = SocialAuthSerializer
serializer = serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
authenticated_user = request.user if not request.user.is_anonymous else None
provider = serializer.data.get('provider')
strategy = load_strategy(request)
try:
backend = load_backend(strategy=strategy,
name=provider,
redirect_uri=None)
except MissingBackend:
return JsonResponse({"error": "Provider invalid or not supported"},
status=status.HTTP_404_NOT_FOUND)
if isinstance(backend, BaseOAuth1):
token = {
'oauth_token': serializer.data.get('access_token'),
'oauth_token_secret': serializer.data.get('access_token_secret')
}
elif isinstance(backend, BaseOAuth2):
token = serializer.data.get('access_token')
try:
user = backend.do_auth(token, user=authenticated_user)
except BaseException as e:
return JsonResponse({"error": "Invalid credentials"},
status=status.HTTP_400_BAD_REQUEST)
if user:
user.is_verified = True
# user.token = functionto generate token
payload = JWT_PAYLOAD_HANDLER(user)
jwt_token = JWT_ENCODE_HANDLER(payload)
user.token = jwt_token
print("+" * 10)
print(jwt_token)
user.save()
update_last_login(None, user)
serializer = UserSerializer(user)
serializer.instance = user
# import pdb;pdb.set_trace()
return JsonResponse(serializer.data, status=status.HTTP_200_OK)
def validate(self, attrs):
data = super().validate(attrs)
if not hasattr(self.user, 'rlc_user'):
raise ValidationError(
"You don't have the necessary role to be able to login here.")
refresh = self.get_token(self.user)
data["refresh"] = str(refresh)
data["access"] = str(refresh.access_token)
data['user'] = RlcUserSerializer(self.user.rlc_user).data
data['rlc'] = RlcSerializer(self.user.rlc).data
data['permissions'] = self.user.get_all_user_permissions()
if api_settings.UPDATE_LAST_LOGIN:
update_last_login(None, self.user)
return data
def post(self, request):
result = super().post(request)
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
user = serializer.object.get('user')
update_last_login(None, user)
if 'type' in request.data:
devices = user.profile.device_set.filter(type=type)
if devices.count() > 0:
device = devices[0]
else:
device = Device(fcm_token='noToken',
profile=user.profile,
type=request.data['type'])
refresh_token = User.objects.make_random_password(length=20)
device.refresh_token = refresh_token
device.save()
result.data['refresh_token'] = refresh_token
return result
def post(self, request, *args, **kwargs):
serializer = self.serializer_class(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
user = serializer.validated_data['user']
update_last_login(None, user)
token, created = Token.objects.get_or_create(user=user)
try:
account = user.account
return Response(
{
'account_id': account.id,
'account_level': account.level,
'token': token.key
},
status=status.HTTP_200_OK)
except Exception as e:
return Response({'error': str(e)},
status=status.HTTP_400_BAD_REQUEST)
def validate(self, data):
username = data.get('username')
password = data.get('password')
user = authenticate(username=username, password=password)
if user is None:
raise serializers.ValidationError(
detail="A User with username and password is not found")
try:
refresh_token = RefreshToken.for_user(user)
access_token = refresh_token.access_token
update_last_login(None, user)
return {
"user_id": user.id,
"access_token": str(access_token),
"refresh_token": str(refresh_token)
}
except User.DoesNotExist:
raise serializers.ValidationError(
"A User with provided username does not exist.")
def user_login(self, user, password=DEFAULT_PASSWORD):
self.client.login(username=user.email, password=password)
update_last_login(self, user)
def jwt_response_payload_handler(token, user=None, request=None):
update_last_login(None, user) # TODO why doesn't this work?
return {
'token': token,
'user': UserProfileSerializer(user, context={"request": request}).data
}
