def check_token(token):
"""
:param token:
:return: user
"""
# split the token in it's 3 components delimited by '-'
parts = token.split("-")
# get the length of the uid decoding the last component
uid_len = int("-" + urlsafe_base64_decode(parts[2]))
# get the uid by decoding the last uid_len chars of the second component
uid = urlsafe_base64_decode(parts[1][uid_len:])
# get the original generated token by concatenating the first component
# and the second component without it's last uid_len characters
token = parts[0] + "-" + parts[1][:uid_len]
# try to get the user with the uid user id
try:
user = User.objects.get(id=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
return None
# if the token is valid for the given user return the user
if default_token_generator.check_token(user, token):
return user
return None
def resetpassword_mail(self, request):
uidb64 = self.request.POST.get("uidb64", "")
umailb64 = self.request.POST.get("umailb64", "")
token = self.request.POST.get("token", "")
password1 = self.request.POST.get("password1", "")
password2 = self.request.POST.get("password2", "")
try:
uid = urlsafe_base64_decode(uidb64)
user = MyUser._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, MyUser.DoesNotExist):
user = None
token_generator = default_token_generator
if user is not None and token_generator.check_token(user, token):
errors = []
umail = urlsafe_base64_decode(umailb64)
if user.email != umail:
user.email = umail
form = SetPasswordForm(user, request.POST)
if form.is_valid():
user = form.save()
else:
# 如果表单不正确,保存错误到errors列表中
for k, v in form.errors.items():
# v.as_text() 详见django.forms.util.ErrorList 中
errors.append(v.as_text())
mydict = {"errors": errors}
return HttpResponse(json.dumps(mydict), content_type="application/json")
else:
logger.error(u'[UserControl]用户重置密码连接错误:[%s]/[%s]' % (uidb64, token))
return HttpResponse("密码重置链接无效,可能是因为它已使用,您可以重新请求一次新的密码重置。", status=403)
def recupera_password_conferma(request, uidb64=None, token=None,
template='base_recupero_password_conferma.html',
contesto_extra=None):
assert uidb64 is not None and token is not None # checked by URLconf
try:
# urlsafe_base64_decode() decodes to bytestring on Python 3
uid = force_text(urlsafe_base64_decode(uidb64))
utente = Utenza.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, Utenza.DoesNotExist):
utente = None
if utente is not None and default_token_generator.check_token(utente, token):
link_valido = True
titolo = 'Inserisci una nuova password'
if request.method == 'POST':
modulo = ModuloImpostaPassword(utente, request.POST)
if modulo.is_valid():
modulo.save()
return HttpResponseRedirect(reverse('recupero_password_completo'))
else:
modulo = ModuloImpostaPassword(utente)
else:
link_valido = False
modulo = None
titolo = 'Errore nell\'impostazione della nuova password'
contesto = {
'modulo': modulo,
'titolo': titolo,
'link_valido': link_valido,
"scadenza_token": django_settings.PASSWORD_RESET_TIMEOUT_DAYS * 24
}
if contesto_extra is not None:
contesto.update(contesto_extra)
return TemplateResponse(request, template, contesto)
def post(self, request, uidb64=None, token=None, *arg, **kwargs):
'''
POST method.
:param request
:param uidb64
:param token
:param arg
:param kwargs
:return
'''
user_model = get_user_model()
form = self.form_class(request.POST)
assert uidb64 is not None and token is not None
try:
uid = urlsafe_base64_decode(uidb64)
user = user_model._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, user_model.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
if form.is_valid():
new_password = form.cleaned_data['new_password2']
user.set_password(new_password)
user.save()
messages.success(request, 'Password has been reset.')
return self.form_valid(form)
else:
messages.error(request, 'Password reset has not been unsuccessful.')
return self.form_invalid(form)
else:
messages.error(request, 'The reset password link is no longer valid.')
return self.form_invalid(form)
def post(self, request, uidb64=None, token=None, *arg, **kwargs):
"""
View that checks the hash in a password reset link and presents a
form for entering a new password.
"""
UserModel = get_user_model()
form = self.form_class(request.POST)
assert uidb64 is not None and token is not None # checked by URLconf
try:
uid = urlsafe_base64_decode(uidb64)
user = UserModel._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
if form.is_valid():
new_password = form.cleaned_data["new_password2"]
user.set_password(new_password)
user.save()
messages.success(request, "Password has been reset.")
return HttpResponseRedirect("/login")
else:
messages.error(request, "Password reset has not been unsuccessful.Try again")
return HttpResponseRedirect("/reset")
else:
messages.error(request, "The reset password link is no longer valid.Try again")
return HttpResponseRedirect("/reset")
def read_comic(request, comic_selector, page):
page = int(page)
selector = uuid.UUID(bytes=urlsafe_base64_decode(comic_selector))
book = get_object_or_404(ComicBook, selector=selector)
breadcrumbs = generate_breadcrumbs_from_path(book.directory, book)
status, _ = ComicStatus.objects.get_or_create(comic=book, user=request.user)
status.unread = False
status.last_read_page = page
if ComicPage.objects.filter(Comic=book).aggregate(Max('index'))['index__max'] == status.last_read_page:
status.finished = True
else:
status.finished = False
status.save()
title = 'CBWebReader - ' + book.file_name + ' - Page: ' + str(page)
context = {
'book': book,
'orig_file_name': book.page_name(page),
'nav': book.nav(page, request.user),
'breadcrumbs': breadcrumbs,
'menu': Menu(request.user),
'title': title,
}
return render(request, 'comic/read_comic.html', context)
def account_activate_done(request, uidb64, token):
if request.method == "GET":
assert uidb64 is not None and token is not None
try:
user_id = force_text(urlsafe_base64_decode(uidb64))
the_user = TheUser.objects.get(id=user_id)
except (TypeError, ValueError, OverflowError, ObjectDoesNotExist):
the_user = None
template_name = 'registration/account_activate_done.html'
if the_user is not None and default_token_generator.check_token(the_user, token):
if not the_user.is_active:
valid_link = True
the_user.is_active = True
the_user.save(force_update=True)
user_profile = UserProfile(
the_user=the_user,
user_image='image/user_avatar/avatar.jpg',
intro='This user wrote nothing yet.',
)
user_profile.save(force_insert=True)
context = {
'title': 'Account Activated Successfully',
'valid_link': valid_link
}
return render(request, template_name, context)
else:
return HttpResponseRedirect(request.user.get_absolute_url())
else:
# activation failed page
valid_link = False
context = {
'title': 'Account Activation Failed',
'valid_link': valid_link
}
return render(request, template_name, context)
def active_user(request, uidb64, token):
if token:
from django.contrib.auth import get_user_model
user_model = get_user_model()
try:
uid = urlsafe_base64_decode(uidb64)
user = user_model._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, user_model.DoesNotExist):
user = None
if user is not None and user.is_active:
return HttpResponseRedirect(reverse('steam:index'))
if user is not None and signup_token_generator.check_token(user, token):
user.is_active = True
user.save()
#AUTOMATIC LOGIN
user.backend = "django.contrib.auth.backends.ModelBackend"
login(request, user)
return render_to_response('steam/index.html', {'signup_success': _("Sign up Success"), },
context_instance=RequestContext(request, ))
return HttpResponse(status=404)
def get_user(self):
try:
uid = force_text(urlsafe_base64_decode(self.kwargs['uidb64']))
user = UserModel._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
return user
def password_reset_confirm(request, uidb64=None, token=None):
"""
View that checks the hash in a password reset link and presents a
form for entering a new password.
"""
assert uidb64 is not None and token is not None # checked by URLconf
post_reset_redirect = reverse('web.password_reset_done')
try:
uid = urlsafe_base64_decode(uidb64).decode('utf-8')
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
validlink = True
if request.method == 'POST':
form = forms.SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(post_reset_redirect)
else:
form = forms.SetPasswordForm(None)
else:
validlink = False
form = None
ctx = {'form': form, 'validlink': validlink, }
return render(request, 'pages/password_reset_confirm.html', ctx)
def password_reset_confirm(request, uidb64=None, token=None):
"""
Pulled from django contrib so that we can add user into the form
so then we can show relevant messages about the user.
"""
assert uidb64 is not None and token is not None
user = None
try:
uid_int = urlsafe_base64_decode(uidb64)
user = UserProfile.objects.get(id=uid_int)
except (ValueError, UserProfile.DoesNotExist):
pass
if user is not None and default_token_generator.check_token(user.user, token):
validlink = True
if request.method == 'POST':
form = forms.SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
log_cef('Password Changed', 5, request,
username=user.username,
signature='PASSWORDCHANGED',
msg='User changed password')
return redirect(reverse('django.contrib.auth.'
'views.password_reset_complete'))
else:
form = forms.SetPasswordForm(user)
else:
validlink = False
form = None
return render(request, 'users/pwreset_confirm.html',
{'form': form, 'validlink': validlink})
def post(self, request, uidb64=None, token=None, *arg, **kwargs):
try:
uid = urlsafe_base64_decode(uidb64)
user = CustomUser.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, CustomUser.DoesNotExist):
user = None
form = self.form_class(request.POST)
if user is not None and default_token_generator.check_token(user, token):
if form.is_valid():
new_password = form.cleaned_data['new_password2']
user.set_password(new_password)
user.save()
messages.success(request, 'Password has been reset.')
return self.form_valid(form)
else:
messages.error(request, 'Password reset has not been successful.')
form.add_error(None, 'Password reset has not been successful.')
return self.form_invalid(form)
else:
messages.error(request, 'The reset password link is no longer valid.')
form.add_error(None, 'The reset password link is no longer valid.')
return self.form_invalid(form)
def get_user(self):
uidb64 = self.kwargs.get('uidb64')
try:
uid = urlsafe_base64_decode(uidb64)
return self.get_queryset().get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
return None
def post(self, request, uidb64=None, token=None):
if request.POST.get('new_password1') != request.POST.get('new_password2'):
raise ValidationError("Passwords don't match")
"""
View that checks the hash in a password reset link and presents a
form for entering a new password.
"""
UserModel = get_user_model()
assert uidb64 is not None and token is not None # checked by URLconf
try:
# urlsafe_base64_decode() decodes to bytestring on Python 3
uid = force_text(urlsafe_base64_decode(uidb64))
user = UserModel._default_manager.get(pk=uid)
except (UserModel.DoesNotExist):
user = None
# si el link aún es válido
#Hack to avoid csrf_protect
if user is not None and default_token_generator.check_token(user, token):
request.csrf_processing_done = True
response = password_reset_confirm(
request._request,
uidb64=uidb64,
token=token)
if type(response) is HttpResponseRedirect:
return Response({'msg': "Su contraseña ha sido establecida. Ahora puede seguir adelante e iniciar sesión."})
else:
return Response({'msg': "El enlace de restablecimiento de contraseña era invalido, seguramente por haberse utilizado previamente. Por favor, solicite un nuevo restablecimiento de contraseña."})
def post(self, request, uidb64=None, token=None, *arg, **kwargs):
"""
View that checks the hash in a password reset link and presents a
form for entering a new password.
"""
UserModel = UserCred()
form = self.form_class(request.POST)
assert uidb64 is not None and token is not None # checked by URLconf
try:
if isinstance(uidb64, unicode): uidb64 = str(uidb64)
uid = urlsafe_base64_decode(uidb64)
user = UserCred.objects.using('users').get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
if form.is_valid():
new_password = form.cleaned_data['new_password2']
user.set_password(new_password)
user.save()
messages.success(request, 'Password has been reset.')
return self.form_valid(form)
else:
messages.error(request, 'Password reset has not been successful.')
return self.form_invalid(form)
else:
messages.error(request,'The reset password link is no longer valid.')
return self.form_invalid(form)
def CandidateSignIn(request, uidb64, token):
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = MyUser.objects.get(pk=uid)
except(TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and account_activation_token.check_token(user, token):
user.is_active = True
user.save()
login(request, user)
registered = False
if request.method == "POST":
form = TeamMembersFormUpdate(data=request.POST, instance=user)
if form.is_valid():
user = form.save()
user.set_password(user.password)
user.save()
# registered = True
return HttpResponseRedirect(reverse('registration:HRlogin'))
else:
print("Error!")
else:
form = TeamMembersFormUpdate()
return render(request, 'candidateSignIn.html',
{'form': form,
'registered': registered})
def comic_list(request, directory_selector=False):
try:
base_dir = Setting.objects.get(name='BASE_DIR').value
except Setting.DoesNotExist:
return redirect('/comic/settings/')
if not path.isdir(base_dir):
return redirect('/comic/settings/')
if directory_selector:
selector = uuid.UUID(bytes=urlsafe_base64_decode(directory_selector))
directory = Directory.objects.get(selector=selector)
else:
directory = False
if directory:
title = generate_title_from_path(directory.path)
breadcrumbs = generate_breadcrumbs_from_path(directory)
json_url = '/comic/list_json/{0}/'.format(directory_selector)
else:
title = generate_title_from_path('Home')
breadcrumbs = generate_breadcrumbs_from_path()
json_url = '/comic/list_json/'
return render(request, 'comic/comic_list.html', {
'breadcrumbs': breadcrumbs,
'menu': Menu(request.user, 'Browse'),
'title': title,
'json_url': json_url
})
def request_or_error(self, idb64, confirmation_key):
"""
Get sign up request by encoded ID and confirmation key.
Return tuple (request, error_message), where 'request' or
'error_message' is 'None'.
"""
try:
rid = int(urlsafe_base64_decode(idb64))
except (TypeError, ValueError, OverflowError):
return (None, _("Invalid parameters."))
try:
sign_up_confirmation.validate_key(confirmation_key)
except ValidationError as e:
return (None, e.message)
try:
sign_up_request = self.get(pk=rid)
except self.model.DoesNotExist:
return (None, _("Sign up request does not exist."))
if confirmation_key != sign_up_request.confirmation_key:
return (None, _("Confirmation key does not match."))
if sign_up_request.is_expired:
return (None, _("Sign up request has expired. "
"Please, create another one."))
return (sign_up_request, None)
def confirm(request, uidb64=None, key=None):
"""
Display a confirmation message when the registration form is sended or
activate the :model:`auth.User` account if the user id and activation key
are passed as arguments.
**Context**
``confirm``
A boolean variable that indicates if the user has activated his account.
**Template:**
:template:`inviMarket/confirm.html`
"""
if request.user.is_authenticated():
return redirect('index')
confirm = None
if (uidb64 is not None) and (key is not None):
user_id = force_text(urlsafe_base64_decode(uidb64))
user = get_object_or_404(User.objects.select_related('profile'),
pk=user_id)
profile = user.profile
now = timezone.now()
if key == profile.activation_key and profile.key_expires > now:
user.is_active = True
user.save()
confirm = True
else:
confirm = False
return render(request, 'confirm.html', {'confirm': confirm})
def get(self, request, uidb64, activation_key):
if uidb64 is not None and activation_key is not None:
uid = get_int(urlsafe_base64_decode(uidb64))
user = get_object_or_404(User, id=uid)
ret = default_token_generator.check_token(
user,
activation_key
)
if ret:
user_profile = user.get_profile()
user_profile.is_email_bind = True
user_profile.guide_switch = True
user_profile.save()
# 开始登录
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
return render(
request,
self.template,
{
'status': 'ok',
'msg': u'绑定接收邮箱成功',
},
)
return render(
request,
self.template,
{
'status': 'error',
'msg': u'无效的激活链接',
}
)
def reset_password(request, uidb64=None, token=None):
if request.user.is_authenticated():
return redirect(settings.LOGIN_REDIRECT_URL)
assert uidb64 is not None and token is not None
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = MyUser.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
validlink = True
if request.method == 'POST':
form = ResetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return render(request, 'account/authentication/password_reset_complete.html')
else:
form = ResetPasswordForm(user)
else:
validlink = False
form = None
context = { 'validlink' : validlink, 'form' : form }
return render(request, 'account/authentication/password_reset_confirm_form.html', context)
def confirm_password(request, uidb64=None, token=None):
assert uidb64 is not None and token is not None # checked by URLconf
try:
uid = urlsafe_base64_decode(uidb64)
user = User.objects.get(pk=uid)
except:
user = None
if user is not None:
if request.method == 'POST':
if default_token_generator.check_token(user, token):
password1 = request.POST.get('password1')
password2 = request.POST.get('password2')
if password1 == password2 and len(password1) !=0:
user.set_password(password1)
user.save()
messages.success(request,'Password Changed! Login to Continue')
return redirect('fosssite:login_user')
else:
messages.success(request,'Both Passwords Must Match. Please try again!')
return redirect('fosssite:confirm_password',uidb64=uidb64, token=token)
else:
messages.success(request,"The reset password link is no longer valid. Try again!")
return redirect('fosssite:forgot_password')
elif not default_token_generator.check_token(user, token):
messages.success(request,"The reset password link is no longer valid. Try again!")
return redirect('fosssite:forgot_password')
else:
return render(request, 'fosssite/confirm_password.html',{})
else:
messages.success(request,"The reset password link is no longer valid. Try again!")
return redirect('fosssite:forgot_password')
def authorize(authorization):
if not authorization:
return None
method, credentials = authorization.split(' ')
# 验证Basic方式
if method.lower() == 'basic':
client_id, client_secret = credentials.decode('base64').split(':')
try:
return Client.objects.get(client_id=client_id, client_secret=UUID(bytes=urlsafe_base64_decode(client_secret)))
except (ValueError, Client.DoesNotExist):
return None
if method.lower() == 'bearer':
try:
access_token = AccessToken.objects.filter(expire_time__gte=datetime.datetime.now()).get(token=UUID(bytes=urlsafe_base64_decode(credentials)))
except AccessToken.DoesNotExist:
return None
client = access_token.client
user = access_token.user
try:
return User.objects.get(user=user, client=client)
except User.DoesNotExist:
user = User(client=client, user=user)
user.save()
return user
else:
return None
def mutate_and_get_payload(cls, input, request, info):
errors = []
UserModel = User._meta.model
try:
# urlsafe_base64_decode() decodes to bytestring on Python 3
uid = force_text(urlsafe_base64_decode(input.get('uidb64')))
user = UserModel.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
if user and default_token_generator.check_token(user, input.get('token')):
form = SetPasswordForm(user=user, data=input)
if form.is_valid():
user = form.save(commit=False)
user.save(request=request)
# workarout to re authenticate the user
# when as change the user on the DB it gets disconected
user.backend = settings.DEFAULT_AUTHENTICATION_BACKENDS
auth_login(request, user)
else:
errors = form_erros(form, errors)
else:
errors.append(Error(
code='password_reset_incorrect_token',
message=_('Password reset failed')
))
return PasswordResetComplete(errors=errors)
def post(self, request, uidb64=None, token=None, *arg, **kwargs):
form = self.get_form()
assert uidb64 is not None and token is not None
try:
uid = urlsafe_base64_decode(uidb64)
user = User._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
if form.is_valid():
new_password = form.cleaned_data['new_password']
user.set_password(new_password)
user.save()
messages.success(request, _('Password reset successfully.'))
return self.form_valid(form)
else:
messages.error(request, _('We were not able to reset your password.'))
return self.form_invalid(form)
else:
messages.error(request, _('The reset password link is no longer valid.'))
return self.form_invalid(form)
def form_valid(self, form):
uidb64 = self.kwargs['uidb64']
token = self.kwargs['token']
password1 = form.cleaned_data['password1']
password2 = form.cleaned_data['password2']
if password1 != password2:
form.add_error(None, 'Passwords do not match!')
return self.form_invalid(form)
else:
uid = urlsafe_base64_decode(uidb64)
try:
user = User.objects.get(pk=uid)
except user.DoesNotExist:
form.add_error(None, 'Invalid token')
return self.form_invalid(form)
if not default_token_generator.check_token(user, token):
form.add_error(None, 'Invalid token')
return self.form_invalid(form)
new_password = form.cleaned_data['password2']
user.set_password(new_password)
user.save()
messages.success(
self.request, 'Password has been reset for '
'user: {0}'.format(user))
return super(PasswordConfirmView,self).form_valid(form)
def get_user(self, uidb64):
try:
uid = urlsafe_base64_decode(uidb64)
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
return user
def decode_uid(pk):
try:
from django.utils.http import urlsafe_base64_decode
return urlsafe_base64_decode(pk)
except ImportError:
from django.utils.http import base36_to_int
return base36_to_int(pk)
def download(request):
result = get_navbar(request)
# Catalog > Product > Version > Edition > Item
product = request.GET.get('product', None)
if product:
current = Catalog.objects.get(id=UUID(bytes=urlsafe_base64_decode(product)))
else:
current = Catalog.objects.filter(name='Windows')[0] # HARD CODING
catalogs = []
for catalog in Catalog.objects.filter(parent=None):
active = False
products = []
for product in catalog.catalog_set.all():
products.append({'name': product.name, 'id': urlsafe_base64_encode(product.id.bytes)})
if not active and product == current:
active = True
catalogs.append({'name': catalog.name, 'products': products, 'active': active})
result.update({'catalogs': catalogs})
versions = []
for version in current.catalog_set.order_by('-order'):
editions = []
for edition in version.catalog_set.all():
items = []
for item in edition.item_set.all():
items.append({'name': item.name, 'file': item.file_id})
editions.append({'name': edition.name, 'items': items})
versions.append({'id': version.id, 'name': version.name, 'editions': editions})
result.update({'versions': versions})
return render_to_response('genuine/download.html', result)
def password_reset_confirm(request, uidb64=None, token=None):
if request.user.is_authenticated():
return HttpResponseRedirect(reverse("index"))
context = {}
UserModel = get_user_model()
assert uidb64 is not None and token is not None
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = UserModel._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
valid_link = True
title = _("Enter new password")
if request.method == "POST":
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse("players:password_reset_complete"))
else:
form = SetPasswordForm(user)
else:
valid_link = False
title = _("Password reset failed")
form = None
context.update({"form": form, "title": title, "valid_link": valid_link})
context.update({"request": request})
return render(request, "players/password_reset/confirm.html", context)
def get(self, request, token, uid):
username = force_text(urlsafe_base64_decode(uid))
user = User.objects.filter(username=username).first()
validate_token = default_token_generator.check_token(user, token)
data = {
"message":
"Congratulations! Your account has been activated. Please log in."
}
st = status.HTTP_200_OK
if not validate_token:
data[
'message'] = "Your activation link is Invalid or has expired. Kindly register."
st = status.HTTP_400_BAD_REQUEST
else:
# Mark the user as verified
user.is_verified = True
user.save()
return Response(data, status=st)
def recupera_password_conferma(request,
uidb64=None,
token=None,
template='base_recupero_password_conferma.html',
contesto_extra=None):
assert uidb64 is not None and token is not None # checked by URLconf
try:
# urlsafe_base64_decode() decodes to bytestring on Python 3
uid = force_text(urlsafe_base64_decode(uidb64))
utente = Utenza.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, Utenza.DoesNotExist):
utente = None
if utente is not None and default_token_generator.check_token(
utente, token):
link_valido = True
titolo = 'Inserisci una nuova password'
if request.method == 'POST':
modulo = ModuloImpostaPassword(utente, request.POST)
if modulo.is_valid():
modulo.save()
return HttpResponseRedirect(
reverse('recupero_password_completo'))
else:
modulo = ModuloImpostaPassword(utente)
else:
link_valido = False
modulo = None
titolo = 'Errore nell\'impostazione della nuova password'
contesto = {
'modulo': modulo,
'titolo': titolo,
'link_valido': link_valido,
"scadenza_token": django_settings.PASSWORD_RESET_TIMEOUT_DAYS * 24
}
if contesto_extra is not None:
contesto.update(contesto_extra)
return TemplateResponse(request, template, contesto)
def activate(request, uidb64, token):
"""
This view manages the email validation process
"""
try:
uid = urlsafe_base64_decode(uidb64).decode()
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and account_activation_token.check_token(user, token):
user.is_active = True
user.save()
login(request, user)
messages.success(
request,
"""Merci pour avoir confirmé votre email. Vous pouvez désormais
vous connecter à votre compte.""",
)
return redirect(reverse('users:log_in'), locals())
else:
messages.error(request, """Le lien d'activation n'est pas valide!""")
return redirect(reverse('users:register'), locals())
def reactivate(request, uidb64):
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
return HttpResponse('Activation link is invalid!')
current_site = get_current_site(request)
mail_title = 'Re-Activate your blog account.'
message = render_to_string(
'user_active_email.html', {
'user': user,
'domain': current_site.domain,
'uid': urlsafe_base64_encode(force_bytes(user.pk)),
'token': account_activation_token.make_token(user),
})
to_email = user.email
email = EmailMessage(mail_title, message, to=[to_email])
email.send()
return HttpResponse(
'Please confirm your email address to complete the registration')
def get(self, request, uidb64, token):
try:
id = smart_str(urlsafe_base64_decode(uidb64))
user = User.objects.get(id=id)
if not PasswordResetTokenGenerator().check_token(user, token):
return Response(
{'error': 'Token is not valid, please request a new one'},
status=status.HTTP_401_UNAUTHORIZED)
return Response(
{
'success': True,
'message': 'Credentials Valid',
'uidb64': uidb64,
'token': token
},
status=status.HTTP_200_OK)
except DjangoUnicodeDecodeError as identifier:
if not PasswordResetTokenGenerator().check_token(user):
return Response(
{'error': 'Token is not valid, please request a new one'},
status=status.HTTP_401_UNAUTHORIZED)
def activate(request, uidb64, token):
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
# checking if the user exists, if the token is valid.
if user is not None and account_activation_token.check_token(user, token):
# if valid set active true
user.is_active = True
# set signup_confirmation true
user.profile.signup_confirmation = True
user.save()
user.profile.save()
print(user.profile.signup_confirmation)
print('Check if this thing printed')
login(request, user)
return redirect('home')
else:
return render(request, 'provison_users/activation_invalid.htm')
def validate_signed_token(uid, token, require_token=True):
"""
Validates a signed token and uid and returns the user who owns it.
:param uid: The uid of the request
:param token: The signed token of the request if one exists
:param require_token: Whether or not there is a signed token, the token parameter is ignored if False
:return: The user who's token it is, if one exists, None otherwise
"""
user_model = get_user_model()
try:
uid = force_text(urlsafe_base64_decode(uid))
user = user_model.objects.get(pk=uid)
if require_token:
if user is not None and default_token_generator.check_token(
user, token):
return user
else:
return user
except (TypeError, ValueError, OverflowError, user_model.DoesNotExist):
pass
return None
def get(self, request, uidb64, token, *args, **kwargs):
"""
"""
try:
# decode the user's id and get the user by id.
user_id = smart_str(urlsafe_base64_decode(uidb64))
user = User.objects.get(id=user_id)
# check if the token is valid.
if not PasswordResetTokenGenerator().check_token(user, token):
return Response(
{"error": "Token is not valid, please request a new one."},
status=status.HTTP_401_UNAUTHORIZED)
return Response(
{
"success": "Credintials are Valid",
"uidb64": uidb64,
"token": token
}, status.HTTP_200_OK)
except DjangoUnicodeDecodeError:
return Response(
{"error": "Token is not valid, please request a new one."},
status=status.HTTP_401_UNAUTHORIZED)
def activate(request, uidb64, token):
try:
uid = urlsafe_base64_decode(uidb64).decode()
print('+++++++')
print(uid)
print('+++++++')
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
print('Nothing is showing')
print('-------------------------')
print(uidb64)
print('-------------------------')
user = None
if user is not None and account_activation_token.check_token(user, token):
user.is_active = True
user.save()
messages.success(request, 'Registration successful')
#auth_login(request, user)
return redirect('Profile:login')
else:
return render(request, 'Profile/account_activation_invalid.html')
def password_reset_check_and_confirm(request, uidb64=None, token=None):
"""
Customised standard django auth view with customised form to incorporate checking the password set is strong enough
"""
UserModel = get_user_model()
try:
uid = urlsafe_base64_decode(uidb64)
user = UserModel._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
if user and hasattr(user, "new_student"):
usertype = "STUDENT"
else:
usertype = "TEACHER"
return password_reset_confirm(
request,
usertype,
set_password_form=PasswordResetSetPasswordForm,
uidb64=uidb64,
token=token,
extra_context={"usertype": usertype},
)
def dispatch(self, *args, **kwargs):
self.user = self.request.user
if not self.user:
raise Http404
if not self.user.is_company_admin:
raise Http404
self.back_url = self.request.GET.get('back_url')
item_id = 0
try:
idb64 = force_text(urlsafe_base64_decode(kwargs.get('idb64')))
if idb64.isdecimal():
item_id = xint(idb64)
except ValueError:
raise Http404
self.item = get_object_or_404(VacancyInputChangeLock, pk=item_id)
self.kwargs['pk'] = item_id
return super().dispatch(*args, **kwargs)
def post(self, request, uidb64=None, token=None, *arg, **kwargs):
try:
uid = urlsafe_base64_decode(uidb64)
user = CustomUser.objects.get(pk=uid)
opennebula_client = OpenNebulaManager(
email=user.email,
password=user.password,
)
except (TypeError, ValueError, OverflowError, CustomUser.DoesNotExist):
user = None
opennebula_client = None
form = self.form_class(request.POST)
if user is not None and default_token_generator.check_token(
user, token):
if form.is_valid():
new_password = form.cleaned_data['new_password2']
user.set_password(new_password)
user.save()
messages.success(request, 'Password has been reset.')
# Change opennebula password
opennebula_client.change_user_password(new_password)
return self.form_valid(form)
else:
messages.error(request,
'Password reset has not been successful.')
form.add_error(None, 'Password reset has not been successful.')
return self.form_invalid(form)
else:
messages.error(request,
'The reset password link is no longer valid.')
form.add_error(None, 'The reset password link is no longer valid.')
return self.form_invalid(form)
def activate(request, uidb64, token):
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and account_verification_token.check_token(
user, token):
user.is_active = True
user.profile.email_confirmed = True
user.save()
from_mail = settings.EMAIL_HOST_USER
to_list = [user.email]
subject = 'SAC Room Booking Account Verified.'
message = render_to_string('account_verified_email.html', {
'user': user,
})
send_mail(subject, message, from_mail, to_list, fail_silently=True)
return redirect('account_verified')
else:
return render(request, 'account_activation_invalid.html')
def get_es_query(self):
value = self.query_data.get(self.query_param, '')
# Firefox 'return to AMO' feature sadly does not use a specific API but
# rather encodes the guid and adds a prefix to it, then passing that
# string as a guid to the search API. If the guid parameter matches
# this format, and the feature is enabled through a switch, then we
# decode it and later check it against badged promoted add-ons, which
# have to be pre-reviewed, so they should always be safe add-ons we can
# enable that feature for.
# We raise ValueError if anything goes wrong, they are eventually
# turned into 400 responses and this acts as a kill-switch for the
# feature in Firefox.
if value.startswith('rta:') and '@' not in value:
if not switch_is_active('return-to-amo'):
raise ValueError(gettext('Return To AMO is currently disabled'))
try:
# We need to keep force_str on the input because
# urlsafe_base64_decode requires str from Django 2.2 onwards.
value = force_str(urlsafe_base64_decode(force_str(value[4:])))
if not amo.ADDON_GUID_PATTERN.match(value):
raise ValueError()
except (TypeError, ValueError):
raise ValueError(
gettext('Invalid Return To AMO guid (not in base64url format?)')
)
# Filter on the now decoded guid param as normal, then add promoted
# filter on top to only return "safe" add-ons for return to AMO.
# We don't care about the app param - we just want to ensure the
# add-ons are "safe".
filters = super().get_es_query([value])
filters.extend(
AddonPromotedQueryParam(
{AddonPromotedQueryParam.query_param: BADGED_API_NAME}
).get_es_query()
)
return filters
else:
return super().get_es_query()
def get(self, request, uidb64, token, *args, **kwargs):
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = User.objects.get(pk=uid)
user_email = user.confirm_email(token)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and user.is_confirmed:
user.is_active = True
user.save()
login(request, user)
logging.getLogger("info_logger").info(
self.log_message.format(user.rut, get_client_ip(self.request)))
return render(
request, 'common/redirect.html', {
'message': 'Su cuenta ha sido activada.',
'url_redirect': resolve_url('core:home')
})
else:
logging.getLogger("error_logger").error(
self.log_message.format(None, get_client_ip(self.request)))
return HttpResponse('Enlace de activación inválido!')
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
try:
uidb64_value = kwargs['uidb64']
uid = urlsafe_base64_decode(uidb64_value).decode()
email_object = get_object_or_404(MassEmail, pk=uid)
# If we can't get the email from the decoded primary key, raise 404
except (TypeError, ValueError, OverflowError,
EmailListEntry.DoesNotExist):
raise Http404("Email does not exist.")
if email_object is not None:
pk = email_object.pk
email_details = MassEmail.objects.get(pk=pk)
print(email_details.subject)
context["subject"] = email_details.subject
context["message"] = email_details.message
context["domain"] = settings.WEBSITE_URL
context["email_uidb64"] = uid
return context
else:
raise Http404("Email does not exist.")
def get(self, request, *args, **kwargs):
uidb64 = kwargs.get("uidb64", "")
token = kwargs.get("token", "")
try:
uid = urlsafe_base64_decode(uidb64).decode()
user = get_user_model().objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, ObjectDoesNotExist):
user = None
if user and user.email_confirmed:
messages.info(
request,
"Votre adresse email a bien été validé, vous pouvez vous identifier.",
)
return redirect(reverse_lazy("login"))
if user is not None and tokens.default_token_generator.check_token(
user, token):
user.email_confirmed = True
user.save()
login(request, user)
return redirect(reverse_lazy("app"))
else:
return redirect(reverse_lazy("invalid_token"))
def account_activation(request, uidb64, token):
try:
uid = urlsafe_base64_decode(uidb64)
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and account_activation_token.check_token(user, token):
user.is_active = True
user.save()
login(request,
user,
backend='django.contrib.auth.backends.ModelBackend')
messages.success(request, "Account Activated Successfully!")
return redirect('accounts:complete_profile')
else:
msg = "You have either entered a wrong link or your account has already been activated."
return render(request, 'accounts/token_expired.html', {
'msg': msg,
'act_token': True
})
def activate_account(request, uidb64, token):
"""사용자 인증 메일 활성화 뷰"""
try:
with transaction.atomic():
uid = urlsafe_base64_decode(uidb64).decode()
user = User.objects.get(pk=uid)
if user is not None and account_activation_token.check_token(
user, token):
user.is_active = True
user.save()
auth.login(request, user)
messages.success(request, '이메일 인증이 완료되었습니다.')
return redirect("users:signin")
else:
messages.error(
request,
'인증링크가 올바르지 않거나, 인증 기간이 만료되었습니다. 계속해서 오류가 발생한다면, 한아름에 문의해 주세요.'
)
return redirect("users:signin")
except (TypeError, ValueError, OverflowError) as e:
user = None
logger.error(e)
def activate_user(request, uidb64, token):
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = User.objects.get(pk=uid)
except Exception as e:
user = None
if user and generate_token.check_token(user, token):
user.profile.is_email_verified = True
user.profile.save()
# user.save()
# Profile.objects.save(user=user)
messages.success(request, 'Cuenta verificada')
# return redirect('registration/login.html')
return redirect(reverse('ahorro:login'))
return render(request, 'authentication/activate-failed.html',
{'user': user})
def activate_account(request, uidb64, token):
try:
uid = force_bytes(urlsafe_base64_decode(uidb64))
member = Member.objects.get(pk=uid)
print(member)
except (TypeError, ValueError, OverflowError, Member.DoesNotExist):
member = None
if member is not None and account_activation_token.check_token(
member, token):
member.is_active = True
member.status = "pending"
request.session['MEMAIL'] = member.email
# set cookie of new member
# if not request.COOKIES.get('MEMAIL'):
# response = HttpResponse("Account Activate!")
# response.set_cookie("MEMAIL", member.email)
member.save()
return redirect(reverse("register-complete"))
# return HttpResponse('Your account has been activate successfully')
else:
return HttpResponse('Activation link is invalid!')
def activate(request,
uidb64,
token,
backend='django.contrib.auth.backends.ModelBackend'):
uid = force_text(urlsafe_base64_decode(uidb64))
try:
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and account_activation_token.check_token(user, token):
user.is_active = True
user.save()
login(request,
user,
backend='django.contrib.auth.backends.ModelBackend')
messages.success(
request,
f'Your account has been created! You will now able to setup your profile'
)
else:
messages.success(request, f'Activation link is invalid!')
return redirect('home')
def password_reset_confirm(request, uid, token):
"""
View that checks the hash in a password reset link and presents a
form for entering a new password.
"""
try:
uid = force_text(urlsafe_base64_decode(uid))
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
return TemplateResponse(request, 'password_reset_confirm.html', {'validlink': False})
if password_reset_token.check_token(user, token):
if request.method == 'POST':
form = SetPasswordForm(request.POST)
if form.is_valid():
form.save(user)
return HttpResponseRedirect(reverse('password_reset_complete'))
form = SetPasswordForm()
else:
return TemplateResponse(request, 'password_reset_confirm.html', {'validlink': False})
return TemplateResponse(request, 'password_reset_confirm.html', {'validlink': True, 'form': form})
def get(self, request, uidb64, token):
try:
id = force_text(urlsafe_base64_decode(uidb64))
user = User.objects.get(pk=id)
if not account_activation_token.check_token(user, token):
messages.success(
request, 'Your Account already activated successfully')
return redirect('login')
if user.is_active:
return redirect('login')
user.is_active = True
user.save()
messages.success(request, 'Account activated successfully')
return redirect('login')
except Exception as ex:
pass
#messages.success(request, 'Your Account already activated successfully')
return redirect('login')
def activation(request, uidb64, token):
if uidb64 is not None and token is not None:
uid = urlsafe_base64_decode(uidb64)
try:
user_model = auth.get_user_model()
user = user_model.objects.get(pk=uid)
if default_token_generator.check_token(
user, token) and user.is_active == 0:
user.is_active = True
user.save()
auth.login(request, user)
else:
raise ValueError()
except:
message = 'Sorry, this link is not valid'
else:
message = 'Registration successfully completed'
else:
message = 'Sorry, this link is not valid'
request.session['message'] = message
request.session['message_was_showed'] = False
return redirect('index')
def ResetPassword(request, uidb64, token):
"""
API endpoint to reset user password
"""
form = ResetPasswordForm(request.POST)
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = Student.objects.get(pk=uid)
except(TypeError, ValueError, OverflowError, Student.DoesNotExist):
user = None
if user is not None and password_reset_token.check_token(user, token):
if request.method == "POST":
if form.is_valid():
new_password = form.cleaned_data['new_password']
user.set_password(new_password)
user.save()
return redirect('login')
else:
form = ResetPasswordForm()
return render(request, 'password_reset.html', {'form': form})
def get(self, request, uidb64, token):
redirect_url = request.GET.get('redirect_url')
try:
id = smart_str(urlsafe_base64_decode(uidb64))
user = User.objects.get(id=id)
if not PasswordResetTokenGenerator().check_token(user, token):
if len(redirect_url) > 3:
return CustomRedirect(redirect_url+'?token_valid=False')
else:
return CustomRedirect(os.environ.get('FRONTEND_URL', '')+'?token_valid=False')
if redirect_url and len(redirect_url) > 3:
return CustomRedirect(redirect_url+'?token_valid=True&?message=Credentials Valid&?uidb64='+uidb64+'&?token='+token)
else:
return CustomRedirect(os.environ.get('FRONTEND_URL', '')+'?token_valid=False')
except DjangoUnicodeDecodeError as identifier:
if not PasswordResetTokenGenerator().check_token(user):
return CustomRedirect(redirect_url+'?token_valid=False')
def post(self, request, *args, **kwargs):
try:
uid = force_text(urlsafe_base64_decode(kwargs[uidb64_key]))
user = get_object_or_404(User, pk=uid)
except:
user = None
if user is not None and account_verification_token.check_token(user, kwargs[token_key]):
serializer = self.get_serializer(data=request.data)
if serializer.is_valid():
new_password = serializer.data.get(new_password_key)
user.set_password(new_password)
user.save()
return HttpResponse('Password successfully changed!')
else:
return HttpResponse('There was a problem, please try again.')
else:
return HttpResponse(invalid_link_error)
def post(self, request, uidb64=None, token=None, *arg, **kwargs):
"""
View that checks the hash in a password reset link and presents a
form for entering a new password.
"""
#import ipdb;ipdb.set_trace()
data = json.loads(request.body)
assert uidb64 is not None and token is not None # checked by URLconf
try:
uid = urlsafe_base64_decode(uidb64)
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError):
user = None
if user is not None and default_token_generator.check_token(
user, token):
new_password = data['password2']
user.set_password(new_password)
user.save()
return HttpResponse({'resp': 'Password has been reset.'})
else:
return HttpResponse('The reset password link is no longer valid.')
def activate(request,
uidb64,
token,
backend='django.contrib.auth.backends.ModelBackend'):
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and account_activation_token.check_token(user, token):
user.is_active = True
user.profile.email_confirmed = True
user.save()
login(request,
user,
backend='django.contrib.auth.backends.ModelBackend')
return render(request, 'tinder/Activation_success.html')
else:
return HttpResponse(
'''Activation link is invalid! <META HTTP-EQUIV="Refresh" CONTENT="5;URL=/login">'''
)
