def check_token(token): """ :param token: :return: user """ # split the token in it's 3 components delimited by '-' parts = token.split("-") # get the length of the uid decoding the last component uid_len = int("-" + urlsafe_base64_decode(parts[2])) # get the uid by decoding the last uid_len chars of the second component uid = urlsafe_base64_decode(parts[1][uid_len:]) # get the original generated token by concatenating the first component # and the second component without it's last uid_len characters token = parts[0] + "-" + parts[1][:uid_len] # try to get the user with the uid user id try: user = User.objects.get(id=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): return None # if the token is valid for the given user return the user if default_token_generator.check_token(user, token): return user return None
def resetpassword_mail(self, request): uidb64 = self.request.POST.get("uidb64", "") umailb64 = self.request.POST.get("umailb64", "") token = self.request.POST.get("token", "") password1 = self.request.POST.get("password1", "") password2 = self.request.POST.get("password2", "") try: uid = urlsafe_base64_decode(uidb64) user = MyUser._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, MyUser.DoesNotExist): user = None token_generator = default_token_generator if user is not None and token_generator.check_token(user, token): errors = [] umail = urlsafe_base64_decode(umailb64) if user.email != umail: user.email = umail form = SetPasswordForm(user, request.POST) if form.is_valid(): user = form.save() else: # 如果表单不正确,保存错误到errors列表中 for k, v in form.errors.items(): # v.as_text() 详见django.forms.util.ErrorList 中 errors.append(v.as_text()) mydict = {"errors": errors} return HttpResponse(json.dumps(mydict), content_type="application/json") else: logger.error(u'[UserControl]用户重置密码连接错误:[%s]/[%s]' % (uidb64, token)) return HttpResponse("密码重置链接无效,可能是因为它已使用,您可以重新请求一次新的密码重置。", status=403)
def recupera_password_conferma(request, uidb64=None, token=None, template='base_recupero_password_conferma.html', contesto_extra=None): assert uidb64 is not None and token is not None # checked by URLconf try: # urlsafe_base64_decode() decodes to bytestring on Python 3 uid = force_text(urlsafe_base64_decode(uidb64)) utente = Utenza.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, Utenza.DoesNotExist): utente = None if utente is not None and default_token_generator.check_token(utente, token): link_valido = True titolo = 'Inserisci una nuova password' if request.method == 'POST': modulo = ModuloImpostaPassword(utente, request.POST) if modulo.is_valid(): modulo.save() return HttpResponseRedirect(reverse('recupero_password_completo')) else: modulo = ModuloImpostaPassword(utente) else: link_valido = False modulo = None titolo = 'Errore nell\'impostazione della nuova password' contesto = { 'modulo': modulo, 'titolo': titolo, 'link_valido': link_valido, "scadenza_token": django_settings.PASSWORD_RESET_TIMEOUT_DAYS * 24 } if contesto_extra is not None: contesto.update(contesto_extra) return TemplateResponse(request, template, contesto)
def post(self, request, uidb64=None, token=None, *arg, **kwargs): ''' POST method. :param request :param uidb64 :param token :param arg :param kwargs :return ''' user_model = get_user_model() form = self.form_class(request.POST) assert uidb64 is not None and token is not None try: uid = urlsafe_base64_decode(uidb64) user = user_model._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, user_model.DoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): if form.is_valid(): new_password = form.cleaned_data['new_password2'] user.set_password(new_password) user.save() messages.success(request, 'Password has been reset.') return self.form_valid(form) else: messages.error(request, 'Password reset has not been unsuccessful.') return self.form_invalid(form) else: messages.error(request, 'The reset password link is no longer valid.') return self.form_invalid(form)
def post(self, request, uidb64=None, token=None, *arg, **kwargs): """ View that checks the hash in a password reset link and presents a form for entering a new password. """ UserModel = get_user_model() form = self.form_class(request.POST) assert uidb64 is not None and token is not None # checked by URLconf try: uid = urlsafe_base64_decode(uidb64) user = UserModel._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): if form.is_valid(): new_password = form.cleaned_data["new_password2"] user.set_password(new_password) user.save() messages.success(request, "Password has been reset.") return HttpResponseRedirect("/login") else: messages.error(request, "Password reset has not been unsuccessful.Try again") return HttpResponseRedirect("/reset") else: messages.error(request, "The reset password link is no longer valid.Try again") return HttpResponseRedirect("/reset")
def read_comic(request, comic_selector, page): page = int(page) selector = uuid.UUID(bytes=urlsafe_base64_decode(comic_selector)) book = get_object_or_404(ComicBook, selector=selector) breadcrumbs = generate_breadcrumbs_from_path(book.directory, book) status, _ = ComicStatus.objects.get_or_create(comic=book, user=request.user) status.unread = False status.last_read_page = page if ComicPage.objects.filter(Comic=book).aggregate(Max('index'))['index__max'] == status.last_read_page: status.finished = True else: status.finished = False status.save() title = 'CBWebReader - ' + book.file_name + ' - Page: ' + str(page) context = { 'book': book, 'orig_file_name': book.page_name(page), 'nav': book.nav(page, request.user), 'breadcrumbs': breadcrumbs, 'menu': Menu(request.user), 'title': title, } return render(request, 'comic/read_comic.html', context)
def account_activate_done(request, uidb64, token): if request.method == "GET": assert uidb64 is not None and token is not None try: user_id = force_text(urlsafe_base64_decode(uidb64)) the_user = TheUser.objects.get(id=user_id) except (TypeError, ValueError, OverflowError, ObjectDoesNotExist): the_user = None template_name = 'registration/account_activate_done.html' if the_user is not None and default_token_generator.check_token(the_user, token): if not the_user.is_active: valid_link = True the_user.is_active = True the_user.save(force_update=True) user_profile = UserProfile( the_user=the_user, user_image='image/user_avatar/avatar.jpg', intro='This user wrote nothing yet.', ) user_profile.save(force_insert=True) context = { 'title': 'Account Activated Successfully', 'valid_link': valid_link } return render(request, template_name, context) else: return HttpResponseRedirect(request.user.get_absolute_url()) else: # activation failed page valid_link = False context = { 'title': 'Account Activation Failed', 'valid_link': valid_link } return render(request, template_name, context)
def active_user(request, uidb64, token): if token: from django.contrib.auth import get_user_model user_model = get_user_model() try: uid = urlsafe_base64_decode(uidb64) user = user_model._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, user_model.DoesNotExist): user = None if user is not None and user.is_active: return HttpResponseRedirect(reverse('steam:index')) if user is not None and signup_token_generator.check_token(user, token): user.is_active = True user.save() #AUTOMATIC LOGIN user.backend = "django.contrib.auth.backends.ModelBackend" login(request, user) return render_to_response('steam/index.html', {'signup_success': _("Sign up Success"), }, context_instance=RequestContext(request, )) return HttpResponse(status=404)
def get_user(self): try: uid = force_text(urlsafe_base64_decode(self.kwargs['uidb64'])) user = UserModel._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): user = None return user
def password_reset_confirm(request, uidb64=None, token=None): """ View that checks the hash in a password reset link and presents a form for entering a new password. """ assert uidb64 is not None and token is not None # checked by URLconf post_reset_redirect = reverse('web.password_reset_done') try: uid = urlsafe_base64_decode(uidb64).decode('utf-8') user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): validlink = True if request.method == 'POST': form = forms.SetPasswordForm(user, request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(post_reset_redirect) else: form = forms.SetPasswordForm(None) else: validlink = False form = None ctx = {'form': form, 'validlink': validlink, } return render(request, 'pages/password_reset_confirm.html', ctx)
def password_reset_confirm(request, uidb64=None, token=None): """ Pulled from django contrib so that we can add user into the form so then we can show relevant messages about the user. """ assert uidb64 is not None and token is not None user = None try: uid_int = urlsafe_base64_decode(uidb64) user = UserProfile.objects.get(id=uid_int) except (ValueError, UserProfile.DoesNotExist): pass if user is not None and default_token_generator.check_token(user.user, token): validlink = True if request.method == 'POST': form = forms.SetPasswordForm(user, request.POST) if form.is_valid(): form.save() log_cef('Password Changed', 5, request, username=user.username, signature='PASSWORDCHANGED', msg='User changed password') return redirect(reverse('django.contrib.auth.' 'views.password_reset_complete')) else: form = forms.SetPasswordForm(user) else: validlink = False form = None return render(request, 'users/pwreset_confirm.html', {'form': form, 'validlink': validlink})
def post(self, request, uidb64=None, token=None, *arg, **kwargs): try: uid = urlsafe_base64_decode(uidb64) user = CustomUser.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, CustomUser.DoesNotExist): user = None form = self.form_class(request.POST) if user is not None and default_token_generator.check_token(user, token): if form.is_valid(): new_password = form.cleaned_data['new_password2'] user.set_password(new_password) user.save() messages.success(request, 'Password has been reset.') return self.form_valid(form) else: messages.error(request, 'Password reset has not been successful.') form.add_error(None, 'Password reset has not been successful.') return self.form_invalid(form) else: messages.error(request, 'The reset password link is no longer valid.') form.add_error(None, 'The reset password link is no longer valid.') return self.form_invalid(form)
def get_user(self): uidb64 = self.kwargs.get('uidb64') try: uid = urlsafe_base64_decode(uidb64) return self.get_queryset().get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): return None
def post(self, request, uidb64=None, token=None): if request.POST.get('new_password1') != request.POST.get('new_password2'): raise ValidationError("Passwords don't match") """ View that checks the hash in a password reset link and presents a form for entering a new password. """ UserModel = get_user_model() assert uidb64 is not None and token is not None # checked by URLconf try: # urlsafe_base64_decode() decodes to bytestring on Python 3 uid = force_text(urlsafe_base64_decode(uidb64)) user = UserModel._default_manager.get(pk=uid) except (UserModel.DoesNotExist): user = None # si el link aún es válido #Hack to avoid csrf_protect if user is not None and default_token_generator.check_token(user, token): request.csrf_processing_done = True response = password_reset_confirm( request._request, uidb64=uidb64, token=token) if type(response) is HttpResponseRedirect: return Response({'msg': "Su contraseña ha sido establecida. Ahora puede seguir adelante e iniciar sesión."}) else: return Response({'msg': "El enlace de restablecimiento de contraseña era invalido, seguramente por haberse utilizado previamente. Por favor, solicite un nuevo restablecimiento de contraseña."})
def post(self, request, uidb64=None, token=None, *arg, **kwargs): """ View that checks the hash in a password reset link and presents a form for entering a new password. """ UserModel = UserCred() form = self.form_class(request.POST) assert uidb64 is not None and token is not None # checked by URLconf try: if isinstance(uidb64, unicode): uidb64 = str(uidb64) uid = urlsafe_base64_decode(uidb64) user = UserCred.objects.using('users').get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): if form.is_valid(): new_password = form.cleaned_data['new_password2'] user.set_password(new_password) user.save() messages.success(request, 'Password has been reset.') return self.form_valid(form) else: messages.error(request, 'Password reset has not been successful.') return self.form_invalid(form) else: messages.error(request,'The reset password link is no longer valid.') return self.form_invalid(form)
def CandidateSignIn(request, uidb64, token): try: uid = force_text(urlsafe_base64_decode(uidb64)) user = MyUser.objects.get(pk=uid) except(TypeError, ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and account_activation_token.check_token(user, token): user.is_active = True user.save() login(request, user) registered = False if request.method == "POST": form = TeamMembersFormUpdate(data=request.POST, instance=user) if form.is_valid(): user = form.save() user.set_password(user.password) user.save() # registered = True return HttpResponseRedirect(reverse('registration:HRlogin')) else: print("Error!") else: form = TeamMembersFormUpdate() return render(request, 'candidateSignIn.html', {'form': form, 'registered': registered})
def comic_list(request, directory_selector=False): try: base_dir = Setting.objects.get(name='BASE_DIR').value except Setting.DoesNotExist: return redirect('/comic/settings/') if not path.isdir(base_dir): return redirect('/comic/settings/') if directory_selector: selector = uuid.UUID(bytes=urlsafe_base64_decode(directory_selector)) directory = Directory.objects.get(selector=selector) else: directory = False if directory: title = generate_title_from_path(directory.path) breadcrumbs = generate_breadcrumbs_from_path(directory) json_url = '/comic/list_json/{0}/'.format(directory_selector) else: title = generate_title_from_path('Home') breadcrumbs = generate_breadcrumbs_from_path() json_url = '/comic/list_json/' return render(request, 'comic/comic_list.html', { 'breadcrumbs': breadcrumbs, 'menu': Menu(request.user, 'Browse'), 'title': title, 'json_url': json_url })
def request_or_error(self, idb64, confirmation_key): """ Get sign up request by encoded ID and confirmation key. Return tuple (request, error_message), where 'request' or 'error_message' is 'None'. """ try: rid = int(urlsafe_base64_decode(idb64)) except (TypeError, ValueError, OverflowError): return (None, _("Invalid parameters.")) try: sign_up_confirmation.validate_key(confirmation_key) except ValidationError as e: return (None, e.message) try: sign_up_request = self.get(pk=rid) except self.model.DoesNotExist: return (None, _("Sign up request does not exist.")) if confirmation_key != sign_up_request.confirmation_key: return (None, _("Confirmation key does not match.")) if sign_up_request.is_expired: return (None, _("Sign up request has expired. " "Please, create another one.")) return (sign_up_request, None)
def confirm(request, uidb64=None, key=None): """ Display a confirmation message when the registration form is sended or activate the :model:`auth.User` account if the user id and activation key are passed as arguments. **Context** ``confirm`` A boolean variable that indicates if the user has activated his account. **Template:** :template:`inviMarket/confirm.html` """ if request.user.is_authenticated(): return redirect('index') confirm = None if (uidb64 is not None) and (key is not None): user_id = force_text(urlsafe_base64_decode(uidb64)) user = get_object_or_404(User.objects.select_related('profile'), pk=user_id) profile = user.profile now = timezone.now() if key == profile.activation_key and profile.key_expires > now: user.is_active = True user.save() confirm = True else: confirm = False return render(request, 'confirm.html', {'confirm': confirm})
def get(self, request, uidb64, activation_key): if uidb64 is not None and activation_key is not None: uid = get_int(urlsafe_base64_decode(uidb64)) user = get_object_or_404(User, id=uid) ret = default_token_generator.check_token( user, activation_key ) if ret: user_profile = user.get_profile() user_profile.is_email_bind = True user_profile.guide_switch = True user_profile.save() # 开始登录 user.backend = 'django.contrib.auth.backends.ModelBackend' login(request, user) return render( request, self.template, { 'status': 'ok', 'msg': u'绑定接收邮箱成功', }, ) return render( request, self.template, { 'status': 'error', 'msg': u'无效的激活链接', } )
def reset_password(request, uidb64=None, token=None): if request.user.is_authenticated(): return redirect(settings.LOGIN_REDIRECT_URL) assert uidb64 is not None and token is not None try: uid = force_text(urlsafe_base64_decode(uidb64)) user = MyUser.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): validlink = True if request.method == 'POST': form = ResetPasswordForm(user, request.POST) if form.is_valid(): form.save() return render(request, 'account/authentication/password_reset_complete.html') else: form = ResetPasswordForm(user) else: validlink = False form = None context = { 'validlink' : validlink, 'form' : form } return render(request, 'account/authentication/password_reset_confirm_form.html', context)
def confirm_password(request, uidb64=None, token=None): assert uidb64 is not None and token is not None # checked by URLconf try: uid = urlsafe_base64_decode(uidb64) user = User.objects.get(pk=uid) except: user = None if user is not None: if request.method == 'POST': if default_token_generator.check_token(user, token): password1 = request.POST.get('password1') password2 = request.POST.get('password2') if password1 == password2 and len(password1) !=0: user.set_password(password1) user.save() messages.success(request,'Password Changed! Login to Continue') return redirect('fosssite:login_user') else: messages.success(request,'Both Passwords Must Match. Please try again!') return redirect('fosssite:confirm_password',uidb64=uidb64, token=token) else: messages.success(request,"The reset password link is no longer valid. Try again!") return redirect('fosssite:forgot_password') elif not default_token_generator.check_token(user, token): messages.success(request,"The reset password link is no longer valid. Try again!") return redirect('fosssite:forgot_password') else: return render(request, 'fosssite/confirm_password.html',{}) else: messages.success(request,"The reset password link is no longer valid. Try again!") return redirect('fosssite:forgot_password')
def authorize(authorization): if not authorization: return None method, credentials = authorization.split(' ') # 验证Basic方式 if method.lower() == 'basic': client_id, client_secret = credentials.decode('base64').split(':') try: return Client.objects.get(client_id=client_id, client_secret=UUID(bytes=urlsafe_base64_decode(client_secret))) except (ValueError, Client.DoesNotExist): return None if method.lower() == 'bearer': try: access_token = AccessToken.objects.filter(expire_time__gte=datetime.datetime.now()).get(token=UUID(bytes=urlsafe_base64_decode(credentials))) except AccessToken.DoesNotExist: return None client = access_token.client user = access_token.user try: return User.objects.get(user=user, client=client) except User.DoesNotExist: user = User(client=client, user=user) user.save() return user else: return None
def mutate_and_get_payload(cls, input, request, info): errors = [] UserModel = User._meta.model try: # urlsafe_base64_decode() decodes to bytestring on Python 3 uid = force_text(urlsafe_base64_decode(input.get('uidb64'))) user = UserModel.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): user = None if user and default_token_generator.check_token(user, input.get('token')): form = SetPasswordForm(user=user, data=input) if form.is_valid(): user = form.save(commit=False) user.save(request=request) # workarout to re authenticate the user # when as change the user on the DB it gets disconected user.backend = settings.DEFAULT_AUTHENTICATION_BACKENDS auth_login(request, user) else: errors = form_erros(form, errors) else: errors.append(Error( code='password_reset_incorrect_token', message=_('Password reset failed') )) return PasswordResetComplete(errors=errors)
def post(self, request, uidb64=None, token=None, *arg, **kwargs): form = self.get_form() assert uidb64 is not None and token is not None try: uid = urlsafe_base64_decode(uidb64) user = User._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): if form.is_valid(): new_password = form.cleaned_data['new_password'] user.set_password(new_password) user.save() messages.success(request, _('Password reset successfully.')) return self.form_valid(form) else: messages.error(request, _('We were not able to reset your password.')) return self.form_invalid(form) else: messages.error(request, _('The reset password link is no longer valid.')) return self.form_invalid(form)
def form_valid(self, form): uidb64 = self.kwargs['uidb64'] token = self.kwargs['token'] password1 = form.cleaned_data['password1'] password2 = form.cleaned_data['password2'] if password1 != password2: form.add_error(None, 'Passwords do not match!') return self.form_invalid(form) else: uid = urlsafe_base64_decode(uidb64) try: user = User.objects.get(pk=uid) except user.DoesNotExist: form.add_error(None, 'Invalid token') return self.form_invalid(form) if not default_token_generator.check_token(user, token): form.add_error(None, 'Invalid token') return self.form_invalid(form) new_password = form.cleaned_data['password2'] user.set_password(new_password) user.save() messages.success( self.request, 'Password has been reset for ' 'user: {0}'.format(user)) return super(PasswordConfirmView,self).form_valid(form)
def get_user(self, uidb64): try: uid = urlsafe_base64_decode(uidb64) user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None return user
def decode_uid(pk): try: from django.utils.http import urlsafe_base64_decode return urlsafe_base64_decode(pk) except ImportError: from django.utils.http import base36_to_int return base36_to_int(pk)
def download(request): result = get_navbar(request) # Catalog > Product > Version > Edition > Item product = request.GET.get('product', None) if product: current = Catalog.objects.get(id=UUID(bytes=urlsafe_base64_decode(product))) else: current = Catalog.objects.filter(name='Windows')[0] # HARD CODING catalogs = [] for catalog in Catalog.objects.filter(parent=None): active = False products = [] for product in catalog.catalog_set.all(): products.append({'name': product.name, 'id': urlsafe_base64_encode(product.id.bytes)}) if not active and product == current: active = True catalogs.append({'name': catalog.name, 'products': products, 'active': active}) result.update({'catalogs': catalogs}) versions = [] for version in current.catalog_set.order_by('-order'): editions = [] for edition in version.catalog_set.all(): items = [] for item in edition.item_set.all(): items.append({'name': item.name, 'file': item.file_id}) editions.append({'name': edition.name, 'items': items}) versions.append({'id': version.id, 'name': version.name, 'editions': editions}) result.update({'versions': versions}) return render_to_response('genuine/download.html', result)
def password_reset_confirm(request, uidb64=None, token=None): if request.user.is_authenticated(): return HttpResponseRedirect(reverse("index")) context = {} UserModel = get_user_model() assert uidb64 is not None and token is not None try: uid = force_text(urlsafe_base64_decode(uidb64)) user = UserModel._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): user = None if user is not None and default_token_generator.check_token(user, token): valid_link = True title = _("Enter new password") if request.method == "POST": form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() return HttpResponseRedirect(reverse("players:password_reset_complete")) else: form = SetPasswordForm(user) else: valid_link = False title = _("Password reset failed") form = None context.update({"form": form, "title": title, "valid_link": valid_link}) context.update({"request": request}) return render(request, "players/password_reset/confirm.html", context)
def get(self, request, token, uid): username = force_text(urlsafe_base64_decode(uid)) user = User.objects.filter(username=username).first() validate_token = default_token_generator.check_token(user, token) data = { "message": "Congratulations! Your account has been activated. Please log in." } st = status.HTTP_200_OK if not validate_token: data[ 'message'] = "Your activation link is Invalid or has expired. Kindly register." st = status.HTTP_400_BAD_REQUEST else: # Mark the user as verified user.is_verified = True user.save() return Response(data, status=st)
def recupera_password_conferma(request, uidb64=None, token=None, template='base_recupero_password_conferma.html', contesto_extra=None): assert uidb64 is not None and token is not None # checked by URLconf try: # urlsafe_base64_decode() decodes to bytestring on Python 3 uid = force_text(urlsafe_base64_decode(uidb64)) utente = Utenza.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, Utenza.DoesNotExist): utente = None if utente is not None and default_token_generator.check_token( utente, token): link_valido = True titolo = 'Inserisci una nuova password' if request.method == 'POST': modulo = ModuloImpostaPassword(utente, request.POST) if modulo.is_valid(): modulo.save() return HttpResponseRedirect( reverse('recupero_password_completo')) else: modulo = ModuloImpostaPassword(utente) else: link_valido = False modulo = None titolo = 'Errore nell\'impostazione della nuova password' contesto = { 'modulo': modulo, 'titolo': titolo, 'link_valido': link_valido, "scadenza_token": django_settings.PASSWORD_RESET_TIMEOUT_DAYS * 24 } if contesto_extra is not None: contesto.update(contesto_extra) return TemplateResponse(request, template, contesto)
def activate(request, uidb64, token): """ This view manages the email validation process """ try: uid = urlsafe_base64_decode(uidb64).decode() user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and account_activation_token.check_token(user, token): user.is_active = True user.save() login(request, user) messages.success( request, """Merci pour avoir confirmé votre email. Vous pouvez désormais vous connecter à votre compte.""", ) return redirect(reverse('users:log_in'), locals()) else: messages.error(request, """Le lien d'activation n'est pas valide!""") return redirect(reverse('users:register'), locals())
def reactivate(request, uidb64): try: uid = force_text(urlsafe_base64_decode(uidb64)) user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): return HttpResponse('Activation link is invalid!') current_site = get_current_site(request) mail_title = 'Re-Activate your blog account.' message = render_to_string( 'user_active_email.html', { 'user': user, 'domain': current_site.domain, 'uid': urlsafe_base64_encode(force_bytes(user.pk)), 'token': account_activation_token.make_token(user), }) to_email = user.email email = EmailMessage(mail_title, message, to=[to_email]) email.send() return HttpResponse( 'Please confirm your email address to complete the registration')
def get(self, request, uidb64, token): try: id = smart_str(urlsafe_base64_decode(uidb64)) user = User.objects.get(id=id) if not PasswordResetTokenGenerator().check_token(user, token): return Response( {'error': 'Token is not valid, please request a new one'}, status=status.HTTP_401_UNAUTHORIZED) return Response( { 'success': True, 'message': 'Credentials Valid', 'uidb64': uidb64, 'token': token }, status=status.HTTP_200_OK) except DjangoUnicodeDecodeError as identifier: if not PasswordResetTokenGenerator().check_token(user): return Response( {'error': 'Token is not valid, please request a new one'}, status=status.HTTP_401_UNAUTHORIZED)
def activate(request, uidb64, token): try: uid = force_text(urlsafe_base64_decode(uidb64)) user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None # checking if the user exists, if the token is valid. if user is not None and account_activation_token.check_token(user, token): # if valid set active true user.is_active = True # set signup_confirmation true user.profile.signup_confirmation = True user.save() user.profile.save() print(user.profile.signup_confirmation) print('Check if this thing printed') login(request, user) return redirect('home') else: return render(request, 'provison_users/activation_invalid.htm')
def validate_signed_token(uid, token, require_token=True): """ Validates a signed token and uid and returns the user who owns it. :param uid: The uid of the request :param token: The signed token of the request if one exists :param require_token: Whether or not there is a signed token, the token parameter is ignored if False :return: The user who's token it is, if one exists, None otherwise """ user_model = get_user_model() try: uid = force_text(urlsafe_base64_decode(uid)) user = user_model.objects.get(pk=uid) if require_token: if user is not None and default_token_generator.check_token( user, token): return user else: return user except (TypeError, ValueError, OverflowError, user_model.DoesNotExist): pass return None
def get(self, request, uidb64, token, *args, **kwargs): """ """ try: # decode the user's id and get the user by id. user_id = smart_str(urlsafe_base64_decode(uidb64)) user = User.objects.get(id=user_id) # check if the token is valid. if not PasswordResetTokenGenerator().check_token(user, token): return Response( {"error": "Token is not valid, please request a new one."}, status=status.HTTP_401_UNAUTHORIZED) return Response( { "success": "Credintials are Valid", "uidb64": uidb64, "token": token }, status.HTTP_200_OK) except DjangoUnicodeDecodeError: return Response( {"error": "Token is not valid, please request a new one."}, status=status.HTTP_401_UNAUTHORIZED)
def activate(request, uidb64, token): try: uid = urlsafe_base64_decode(uidb64).decode() print('+++++++') print(uid) print('+++++++') user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): print('Nothing is showing') print('-------------------------') print(uidb64) print('-------------------------') user = None if user is not None and account_activation_token.check_token(user, token): user.is_active = True user.save() messages.success(request, 'Registration successful') #auth_login(request, user) return redirect('Profile:login') else: return render(request, 'Profile/account_activation_invalid.html')
def password_reset_check_and_confirm(request, uidb64=None, token=None): """ Customised standard django auth view with customised form to incorporate checking the password set is strong enough """ UserModel = get_user_model() try: uid = urlsafe_base64_decode(uidb64) user = UserModel._default_manager.get(pk=uid) except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist): user = None if user and hasattr(user, "new_student"): usertype = "STUDENT" else: usertype = "TEACHER" return password_reset_confirm( request, usertype, set_password_form=PasswordResetSetPasswordForm, uidb64=uidb64, token=token, extra_context={"usertype": usertype}, )
def dispatch(self, *args, **kwargs): self.user = self.request.user if not self.user: raise Http404 if not self.user.is_company_admin: raise Http404 self.back_url = self.request.GET.get('back_url') item_id = 0 try: idb64 = force_text(urlsafe_base64_decode(kwargs.get('idb64'))) if idb64.isdecimal(): item_id = xint(idb64) except ValueError: raise Http404 self.item = get_object_or_404(VacancyInputChangeLock, pk=item_id) self.kwargs['pk'] = item_id return super().dispatch(*args, **kwargs)
def post(self, request, uidb64=None, token=None, *arg, **kwargs): try: uid = urlsafe_base64_decode(uidb64) user = CustomUser.objects.get(pk=uid) opennebula_client = OpenNebulaManager( email=user.email, password=user.password, ) except (TypeError, ValueError, OverflowError, CustomUser.DoesNotExist): user = None opennebula_client = None form = self.form_class(request.POST) if user is not None and default_token_generator.check_token( user, token): if form.is_valid(): new_password = form.cleaned_data['new_password2'] user.set_password(new_password) user.save() messages.success(request, 'Password has been reset.') # Change opennebula password opennebula_client.change_user_password(new_password) return self.form_valid(form) else: messages.error(request, 'Password reset has not been successful.') form.add_error(None, 'Password reset has not been successful.') return self.form_invalid(form) else: messages.error(request, 'The reset password link is no longer valid.') form.add_error(None, 'The reset password link is no longer valid.') return self.form_invalid(form)
def activate(request, uidb64, token): try: uid = force_text(urlsafe_base64_decode(uidb64)) user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and account_verification_token.check_token( user, token): user.is_active = True user.profile.email_confirmed = True user.save() from_mail = settings.EMAIL_HOST_USER to_list = [user.email] subject = 'SAC Room Booking Account Verified.' message = render_to_string('account_verified_email.html', { 'user': user, }) send_mail(subject, message, from_mail, to_list, fail_silently=True) return redirect('account_verified') else: return render(request, 'account_activation_invalid.html')
def get_es_query(self): value = self.query_data.get(self.query_param, '') # Firefox 'return to AMO' feature sadly does not use a specific API but # rather encodes the guid and adds a prefix to it, then passing that # string as a guid to the search API. If the guid parameter matches # this format, and the feature is enabled through a switch, then we # decode it and later check it against badged promoted add-ons, which # have to be pre-reviewed, so they should always be safe add-ons we can # enable that feature for. # We raise ValueError if anything goes wrong, they are eventually # turned into 400 responses and this acts as a kill-switch for the # feature in Firefox. if value.startswith('rta:') and '@' not in value: if not switch_is_active('return-to-amo'): raise ValueError(gettext('Return To AMO is currently disabled')) try: # We need to keep force_str on the input because # urlsafe_base64_decode requires str from Django 2.2 onwards. value = force_str(urlsafe_base64_decode(force_str(value[4:]))) if not amo.ADDON_GUID_PATTERN.match(value): raise ValueError() except (TypeError, ValueError): raise ValueError( gettext('Invalid Return To AMO guid (not in base64url format?)') ) # Filter on the now decoded guid param as normal, then add promoted # filter on top to only return "safe" add-ons for return to AMO. # We don't care about the app param - we just want to ensure the # add-ons are "safe". filters = super().get_es_query([value]) filters.extend( AddonPromotedQueryParam( {AddonPromotedQueryParam.query_param: BADGED_API_NAME} ).get_es_query() ) return filters else: return super().get_es_query()
def get(self, request, uidb64, token, *args, **kwargs): try: uid = force_text(urlsafe_base64_decode(uidb64)) user = User.objects.get(pk=uid) user_email = user.confirm_email(token) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and user.is_confirmed: user.is_active = True user.save() login(request, user) logging.getLogger("info_logger").info( self.log_message.format(user.rut, get_client_ip(self.request))) return render( request, 'common/redirect.html', { 'message': 'Su cuenta ha sido activada.', 'url_redirect': resolve_url('core:home') }) else: logging.getLogger("error_logger").error( self.log_message.format(None, get_client_ip(self.request))) return HttpResponse('Enlace de activación inválido!')
def get_context_data(self, **kwargs): context = super().get_context_data(**kwargs) try: uidb64_value = kwargs['uidb64'] uid = urlsafe_base64_decode(uidb64_value).decode() email_object = get_object_or_404(MassEmail, pk=uid) # If we can't get the email from the decoded primary key, raise 404 except (TypeError, ValueError, OverflowError, EmailListEntry.DoesNotExist): raise Http404("Email does not exist.") if email_object is not None: pk = email_object.pk email_details = MassEmail.objects.get(pk=pk) print(email_details.subject) context["subject"] = email_details.subject context["message"] = email_details.message context["domain"] = settings.WEBSITE_URL context["email_uidb64"] = uid return context else: raise Http404("Email does not exist.")
def get(self, request, *args, **kwargs): uidb64 = kwargs.get("uidb64", "") token = kwargs.get("token", "") try: uid = urlsafe_base64_decode(uidb64).decode() user = get_user_model().objects.get(pk=uid) except (TypeError, ValueError, OverflowError, ObjectDoesNotExist): user = None if user and user.email_confirmed: messages.info( request, "Votre adresse email a bien été validé, vous pouvez vous identifier.", ) return redirect(reverse_lazy("login")) if user is not None and tokens.default_token_generator.check_token( user, token): user.email_confirmed = True user.save() login(request, user) return redirect(reverse_lazy("app")) else: return redirect(reverse_lazy("invalid_token"))
def account_activation(request, uidb64, token): try: uid = urlsafe_base64_decode(uidb64) user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and account_activation_token.check_token(user, token): user.is_active = True user.save() login(request, user, backend='django.contrib.auth.backends.ModelBackend') messages.success(request, "Account Activated Successfully!") return redirect('accounts:complete_profile') else: msg = "You have either entered a wrong link or your account has already been activated." return render(request, 'accounts/token_expired.html', { 'msg': msg, 'act_token': True })
def activate_account(request, uidb64, token): """사용자 인증 메일 활성화 뷰""" try: with transaction.atomic(): uid = urlsafe_base64_decode(uidb64).decode() user = User.objects.get(pk=uid) if user is not None and account_activation_token.check_token( user, token): user.is_active = True user.save() auth.login(request, user) messages.success(request, '이메일 인증이 완료되었습니다.') return redirect("users:signin") else: messages.error( request, '인증링크가 올바르지 않거나, 인증 기간이 만료되었습니다. 계속해서 오류가 발생한다면, 한아름에 문의해 주세요.' ) return redirect("users:signin") except (TypeError, ValueError, OverflowError) as e: user = None logger.error(e)
def activate_user(request, uidb64, token): try: uid = force_text(urlsafe_base64_decode(uidb64)) user = User.objects.get(pk=uid) except Exception as e: user = None if user and generate_token.check_token(user, token): user.profile.is_email_verified = True user.profile.save() # user.save() # Profile.objects.save(user=user) messages.success(request, 'Cuenta verificada') # return redirect('registration/login.html') return redirect(reverse('ahorro:login')) return render(request, 'authentication/activate-failed.html', {'user': user})
def activate_account(request, uidb64, token): try: uid = force_bytes(urlsafe_base64_decode(uidb64)) member = Member.objects.get(pk=uid) print(member) except (TypeError, ValueError, OverflowError, Member.DoesNotExist): member = None if member is not None and account_activation_token.check_token( member, token): member.is_active = True member.status = "pending" request.session['MEMAIL'] = member.email # set cookie of new member # if not request.COOKIES.get('MEMAIL'): # response = HttpResponse("Account Activate!") # response.set_cookie("MEMAIL", member.email) member.save() return redirect(reverse("register-complete")) # return HttpResponse('Your account has been activate successfully') else: return HttpResponse('Activation link is invalid!')
def activate(request, uidb64, token, backend='django.contrib.auth.backends.ModelBackend'): uid = force_text(urlsafe_base64_decode(uidb64)) try: user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and account_activation_token.check_token(user, token): user.is_active = True user.save() login(request, user, backend='django.contrib.auth.backends.ModelBackend') messages.success( request, f'Your account has been created! You will now able to setup your profile' ) else: messages.success(request, f'Activation link is invalid!') return redirect('home')
def password_reset_confirm(request, uid, token): """ View that checks the hash in a password reset link and presents a form for entering a new password. """ try: uid = force_text(urlsafe_base64_decode(uid)) user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): return TemplateResponse(request, 'password_reset_confirm.html', {'validlink': False}) if password_reset_token.check_token(user, token): if request.method == 'POST': form = SetPasswordForm(request.POST) if form.is_valid(): form.save(user) return HttpResponseRedirect(reverse('password_reset_complete')) form = SetPasswordForm() else: return TemplateResponse(request, 'password_reset_confirm.html', {'validlink': False}) return TemplateResponse(request, 'password_reset_confirm.html', {'validlink': True, 'form': form})
def get(self, request, uidb64, token): try: id = force_text(urlsafe_base64_decode(uidb64)) user = User.objects.get(pk=id) if not account_activation_token.check_token(user, token): messages.success( request, 'Your Account already activated successfully') return redirect('login') if user.is_active: return redirect('login') user.is_active = True user.save() messages.success(request, 'Account activated successfully') return redirect('login') except Exception as ex: pass #messages.success(request, 'Your Account already activated successfully') return redirect('login')
def activation(request, uidb64, token): if uidb64 is not None and token is not None: uid = urlsafe_base64_decode(uidb64) try: user_model = auth.get_user_model() user = user_model.objects.get(pk=uid) if default_token_generator.check_token( user, token) and user.is_active == 0: user.is_active = True user.save() auth.login(request, user) else: raise ValueError() except: message = 'Sorry, this link is not valid' else: message = 'Registration successfully completed' else: message = 'Sorry, this link is not valid' request.session['message'] = message request.session['message_was_showed'] = False return redirect('index')
def ResetPassword(request, uidb64, token): """ API endpoint to reset user password """ form = ResetPasswordForm(request.POST) try: uid = force_text(urlsafe_base64_decode(uidb64)) user = Student.objects.get(pk=uid) except(TypeError, ValueError, OverflowError, Student.DoesNotExist): user = None if user is not None and password_reset_token.check_token(user, token): if request.method == "POST": if form.is_valid(): new_password = form.cleaned_data['new_password'] user.set_password(new_password) user.save() return redirect('login') else: form = ResetPasswordForm() return render(request, 'password_reset.html', {'form': form})
def get(self, request, uidb64, token): redirect_url = request.GET.get('redirect_url') try: id = smart_str(urlsafe_base64_decode(uidb64)) user = User.objects.get(id=id) if not PasswordResetTokenGenerator().check_token(user, token): if len(redirect_url) > 3: return CustomRedirect(redirect_url+'?token_valid=False') else: return CustomRedirect(os.environ.get('FRONTEND_URL', '')+'?token_valid=False') if redirect_url and len(redirect_url) > 3: return CustomRedirect(redirect_url+'?token_valid=True&?message=Credentials Valid&?uidb64='+uidb64+'&?token='+token) else: return CustomRedirect(os.environ.get('FRONTEND_URL', '')+'?token_valid=False') except DjangoUnicodeDecodeError as identifier: if not PasswordResetTokenGenerator().check_token(user): return CustomRedirect(redirect_url+'?token_valid=False')
def post(self, request, *args, **kwargs): try: uid = force_text(urlsafe_base64_decode(kwargs[uidb64_key])) user = get_object_or_404(User, pk=uid) except: user = None if user is not None and account_verification_token.check_token(user, kwargs[token_key]): serializer = self.get_serializer(data=request.data) if serializer.is_valid(): new_password = serializer.data.get(new_password_key) user.set_password(new_password) user.save() return HttpResponse('Password successfully changed!') else: return HttpResponse('There was a problem, please try again.') else: return HttpResponse(invalid_link_error)
def post(self, request, uidb64=None, token=None, *arg, **kwargs): """ View that checks the hash in a password reset link and presents a form for entering a new password. """ #import ipdb;ipdb.set_trace() data = json.loads(request.body) assert uidb64 is not None and token is not None # checked by URLconf try: uid = urlsafe_base64_decode(uidb64) user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError): user = None if user is not None and default_token_generator.check_token( user, token): new_password = data['password2'] user.set_password(new_password) user.save() return HttpResponse({'resp': 'Password has been reset.'}) else: return HttpResponse('The reset password link is no longer valid.')
def activate(request, uidb64, token, backend='django.contrib.auth.backends.ModelBackend'): try: uid = force_text(urlsafe_base64_decode(uidb64)) user = User.objects.get(pk=uid) except (TypeError, ValueError, OverflowError, User.DoesNotExist): user = None if user is not None and account_activation_token.check_token(user, token): user.is_active = True user.profile.email_confirmed = True user.save() login(request, user, backend='django.contrib.auth.backends.ModelBackend') return render(request, 'tinder/Activation_success.html') else: return HttpResponse( '''Activation link is invalid! <META HTTP-EQUIV="Refresh" CONTENT="5;URL=/login">''' )