def client_token_login(request):
"""Login from desktop client with a generated token.
"""
tokenstr = request.GET.get('token', '')
user = None
if len(tokenstr) == 32:
try:
username = ClientLoginToken.objects.get_username(tokenstr)
except ClientLoginToken.DoesNotExist:
pass
else:
try:
user = User.objects.get(email=username)
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
except User.DoesNotExist:
pass
if user:
if request.user.is_authenticated() and request.user.username == user.username:
pass
else:
request.client_token_login = True
auth_login(request, user)
return HttpResponseRedirect(request.GET.get("next", reverse('libraries')))
def client_token_login(request):
"""Login from desktop client with a generated token.
"""
tokenstr = request.GET.get('token', '')
user = None
if len(tokenstr) == 32:
try:
username = ClientLoginToken.objects.get_username(tokenstr)
except ClientLoginToken.DoesNotExist:
pass
else:
try:
user = User.objects.get(email=username)
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__,
backend.__class__.__name__)
except User.DoesNotExist:
pass
if user:
if request.user.is_authenticated(
) and request.user.username == user.username:
pass
else:
request.client_token_login = True
auth_login(request, user)
return HttpResponseRedirect(request.GET.get("next", reverse('libraries')))
def login_simple_check(request):
"""A simple check for login called by thirdpart systems(OA, etc).
Token generation: MD5(secret_key + [email protected] + 2014-1-1).hexdigest()
Token length: 32 hexadecimal digits.
"""
username = request.REQUEST.get('user', '')
random_key = request.REQUEST.get('token', '')
if not username or not random_key:
raise Http404
today = datetime.now().strftime('%Y-%m-%d')
expect = hashlib.md5(settings.SECRET_KEY + username + today).hexdigest()
if expect == random_key:
try:
user = User.objects.get(email=username)
except User.DoesNotExist:
raise Http404
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__,
backend.__class__.__name__)
auth_login(request, user)
return HttpResponseRedirect(settings.SITE_ROOT)
else:
raise Http404
def token_view(request, token):
"""Show form to let user set password.
"""
i = get_object_or_404(Invitation, token=token)
if i.is_expired():
raise Http404
if request.method == 'POST':
passwd = request.POST.get('password', '')
if not passwd:
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
try:
User.objects.get(email=i.accepter)
messages.error(request,
_('A user with this email already exists.'))
except User.DoesNotExist:
# Create user, set that user as guest, and log user in.
u = User.objects.create_user(email=i.accepter,
password=passwd,
is_active=True)
User.objects.update_role(u.username, GUEST_USER)
i.accept() # Update invitaion accept time.
for backend in get_backends():
u.backend = "%s.%s" % (backend.__module__,
backend.__class__.__name__)
auth_login(request, u)
return HttpResponseRedirect(SITE_ROOT)
return render_to_response('invitations/token_view.html', {
'iv': i,
},
context_instance=RequestContext(request))
def login_simple_check(request):
"""A simple check for login called by thirdpart systems(OA, etc).
Token generation: MD5(secret_key + [email protected] + 2014-1-1).hexdigest()
Token length: 32 hexadecimal digits.
"""
username = request.REQUEST.get('user', '')
random_key = request.REQUEST.get('token', '')
if not username or not random_key:
raise Http404
today = datetime.now().strftime('%Y-%m-%d')
expect = hashlib.md5(settings.SECRET_KEY+username+today).hexdigest()
if expect == random_key:
try:
user = User.objects.get(email=username)
except User.DoesNotExist:
raise Http404
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
auth_login(request, user)
return HttpResponseRedirect(settings.SITE_ROOT)
else:
raise Http404
def token_view(request, token):
"""Show form to let user set password.
"""
i = get_object_or_404(Invitation, token=token)
if i.is_expired():
raise Http404
if request.method == 'POST':
passwd = request.POST.get('password', '')
if not passwd:
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
try:
User.objects.get(email=i.accepter)
messages.error(request, _('A user with this email already exists.'))
except User.DoesNotExist:
# Create user, set that user as guest, and log user in.
u = User.objects.create_user(email=i.accepter, password=passwd,
is_active=True)
u.role = GUEST_USER
u.save()
i.accept() # Update invitaion accept time.
for backend in get_backends():
u.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
auth_login(request, u)
return HttpResponseRedirect(SITE_ROOT)
return render_to_response('invitations/token_view.html', {
'iv': i,
}, context_instance=RequestContext(request))
def token_view(request, token):
"""Show form to let user set password.
"""
i = get_object_or_404(Invitation, token=token)
if i.is_expired():
raise Http404
if request.method == 'GET':
try:
user = User.objects.get(email=i.accepter)
if user.is_active is True:
# user is active return exist
messages.error(request, _('A user with this email already exists.'))
except User.DoesNotExist:
pass
return render(request, 'invitations/token_view.html', {'iv': i, })
if request.method == 'POST':
passwd = request.POST.get('password', '')
if not passwd:
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
try:
user = User.objects.get(email=i.accepter)
if user.is_active is True:
# user is active return exist
messages.error(request, _('A user with this email already exists.'))
return render(request, 'invitations/token_view.html', {'iv': i, })
else:
# user is inactive then set active and new password
user.set_password(passwd)
user.is_active = True
user.save()
user = authenticate(username=user.username, password=passwd)
except User.DoesNotExist:
# Create user, set that user as guest.
user = User.objects.create_user(
email=i.accepter, password=passwd, is_active=True)
User.objects.update_role(user.username, GUEST_USER)
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
# Update invitation accept time.
i.accept()
# login
auth_login(request, user)
# send signal to notify inviter
accept_guest_invitation_successful.send(
sender=None, invitation_obj=i)
# send email to notify admin
if NOTIFY_ADMIN_AFTER_REGISTRATION:
notify_admins_on_register_complete(user.email)
return HttpResponseRedirect(SITE_ROOT)
def demo(request):
"""
Login as demo account.
"""
user = User.objects.get(email=settings.CLOUD_DEMO_USER)
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
auth_login(request, user)
redirect_to = settings.SITE_ROOT
return HttpResponseRedirect(redirect_to)
def demo(request):
"""
Login as demo account.
"""
user = User.objects.get(email=settings.CLOUD_DEMO_USER)
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
auth_login(request, user)
redirect_to = settings.SITE_ROOT
return HttpResponseRedirect(redirect_to)
def get_user_from_request(self, request):
username = request.session.get(SESSION_KEY_TWO_FACTOR_AUTH_USERNAME, None)
if not username:
return None
username = Profile.objects.get_username_by_login_id(username) or username
try:
user = User.objects.get(email=username)
except User.DoesNotExist:
self.request.session.pop(SESSION_KEY_TWO_FACTOR_AUTH_USERNAME, '')
return None
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
return user
def demo(request):
"""
Login as demo account.
"""
try:
user = User.objects.get(email=settings.CLOUD_DEMO_USER)
except User.DoesNotExist:
user = User.objects.create_user(settings.CLOUD_DEMO_USER, is_active=True)
user.set_unusable_password()
user.save()
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
auth_login(request, user)
redirect_to = settings.SITE_ROOT
return HttpResponseRedirect(redirect_to)
def demo(request):
"""
Login as demo account.
"""
from django.conf import settings as dj_settings
if not dj_settings.ENABLE_DEMO_USER:
raise Http404
try:
user = User.objects.get(email=settings.CLOUD_DEMO_USER)
except User.DoesNotExist:
logger.warn('CLOUD_DEMO_USER: %s does not exist.' % settings.CLOUD_DEMO_USER)
raise Http404
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
auth_login(request, user)
redirect_to = settings.SITE_ROOT
return HttpResponseRedirect(redirect_to)
def token_view(request, token):
"""Show form to let user set password.
"""
i = get_object_or_404(Invitation, token=token)
if i.is_expired():
raise Http404
if request.method == 'POST':
passwd = request.POST.get('password', '')
if not passwd:
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
try:
User.objects.get(email=i.accepter)
messages.error(request, _('A user with this email already exists.'))
except User.DoesNotExist:
# Create user, set that user as guest, and log user in.
u = User.objects.create_user(email=i.accepter, password=passwd,
is_active=True)
User.objects.update_role(u.username, GUEST_USER)
i.accept() # Update invitaion accept time.
for backend in get_backends():
u.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__)
auth_login(request, u)
# send signal to notify inviter
accept_guest_invitation_successful.send(
sender=None, invitation_obj=i)
# send email to notify admin
if NOTIFY_ADMIN_AFTER_REGISTRATION:
notify_admins_on_register_complete(u.email)
return HttpResponseRedirect(SITE_ROOT)
return render(request, 'invitations/token_view.html', {
'iv': i,
})
def login_simple_check(request):
"""A simple check for login called by thirdpart systems(OA, etc).
Token generation: MD5(secret_key + [email protected] + 2014-1-1).hexdigest()
Token length: 32 hexadecimal digits.
"""
username = request.GET.get('user', '')
random_key = request.GET.get('token', '')
if not username or not random_key:
raise Http404
today = datetime.now().strftime('%Y-%m-%d')
expect = hashlib.md5(
(settings.SECRET_KEY + username + today).encode('utf-8')).hexdigest()
if expect == random_key:
try:
user = User.objects.get(email=username)
except User.DoesNotExist:
raise Http404
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__,
backend.__class__.__name__)
auth_login(request, user)
# Ensure the user-originating redirection url is safe.
if REDIRECT_FIELD_NAME in request.GET:
next_page = request.GET[REDIRECT_FIELD_NAME]
if not is_safe_url(url=next_page,
allowed_hosts=request.get_host()):
next_page = settings.LOGIN_REDIRECT_URL
else:
next_page = settings.SITE_ROOT
return HttpResponseRedirect(next_page)
else:
raise Http404
def token_view(request, token):
"""Show form to let user set password.
"""
i = get_object_or_404(Invitation, token=token)
if i.is_expired():
raise Http404
if request.method == 'GET':
try:
user = User.objects.get(email=i.accepter)
if user.is_active is True:
# user is active return exist
messages.error(request,
_('A user with this email already exists.'))
except User.DoesNotExist:
pass
return render(request, 'invitations/token_view.html', {
'iv': i,
})
if request.method == 'POST':
passwd = request.POST.get('password', '')
if not passwd:
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
try:
user = User.objects.get(email=i.accepter)
if user.is_active is True:
# user is active return exist
messages.error(request,
_('A user with this email already exists.'))
return render(request, 'invitations/token_view.html', {
'iv': i,
})
else:
# user is inactive then set active and new password
user.set_password(passwd)
user.is_active = True
user.save()
user = authenticate(username=user.username, password=passwd)
except User.DoesNotExist:
# Create user, set that user as guest.
user = User.objects.create_user(email=i.accepter,
password=passwd,
is_active=True)
User.objects.update_role(user.username, GUEST_USER)
for backend in get_backends():
user.backend = "%s.%s" % (backend.__module__,
backend.__class__.__name__)
# Update invitation accept time.
i.accept()
# login
auth_login(request, user)
# send signal to notify inviter
accept_guest_invitation_successful.send(sender=None, invitation_obj=i)
# send email to notify admin
if NOTIFY_ADMIN_AFTER_REGISTRATION:
notify_admins_on_register_complete(user.email)
# repo share invitation
try:
shared_queryset = RepoShareInvitation.objects.list_by_invitation(
invitation=i)
accepter = i.accepter
for shared_obj in shared_queryset:
repo_id = shared_obj.repo_id
path = shared_obj.path
permission = shared_obj.permission
inviter = shared_obj.invitation.inviter
# recourse check
repo = seafile_api.get_repo(repo_id)
if not repo:
logger.warning(
'[ %s ] repo not found when [ %s ] accepts the invitation to share repo'
) % (repo_id, accepter)
continue
if seafile_api.get_dir_id_by_path(repo.id, path) is None:
logger.warning(
'[ %s ][ %s ] dir not found when [ %s ] accepts the invitation to share repo'
) % (repo_id, path, accepter)
continue
repo_owner = seafile_api.get_repo_owner(repo_id)
share_dir_to_user(repo, path, repo_owner, inviter, accepter,
permission, None)
send_perm_audit_msg('modify-repo-perm', inviter, accepter,
repo_id, path, permission)
# delete
shared_queryset.delete()
except Exception as e:
logger.error(e)
return HttpResponseRedirect(SITE_ROOT)
