def dispatch(self, request, *args, **kwargs):
self.user_manager = UserAuthenticationManager(request.session)
if not self.user_manager.get_identified_user():
return redirect('auth_factories:login')
return super(AuthenticationProcessMixin,
self).dispatch(request, *args, **kwargs)
def identify_2fa(self, user):
session = self.client.session
user_manager = UserAuthenticationManager(session)
user_manager.set_identified_user(user)
session.save()
return True
def dispatch(self, request, *args, **kwargs):
self.user_manager = UserAuthenticationManager(request.session)
if self.factory.id in self.user_manager.get_authenticated_factory_map(
):
messages.warning(
request,
_("You can not use the same form of authentication twice."))
return redirect(reverse('auth_factories:list'))
return super().dispatch(request, *args, **kwargs)
def test_form_valid(self):
request = self.factory.post(self.url,
data={'user': self.user.username})
request.session = {}
response = LoginFormView.as_view()(request)
self.assertEqual(response.status_code, 302)
manager = UserAuthenticationManager(request.session)
self.assertEqual(manager.get_identified_user(), self.user)
def test_form_invalid(self):
session = {}
request = self.factory.post(self.url, data={'password': 1234})
user_manager = UserAuthenticationManager(session)
user_manager.set_identified_user(self.user)
request.session = session
request.user_manager = user_manager
response = AuthenticationView.as_view()(request)
self.assertContains(response, "Please enter a correct OTP.")
def dispatch(self, request, *args, **kwargs):
self.user_manager = UserAuthenticationManager(request.session)
if self.user_manager.get_identified_user() is None:
messages.warning(self.request,
_("You must first identify yourself."))
return redirect(reverse('auth_factories:login'))
if not self.request.user.is_anonymous:
messages.warning(self.request,
_("You do not need to authenticate more."))
return redirect(
self.request.session.get('success_url', reverse('home')))
return super(FactorListView, self).dispatch(request, *args, **kwargs)
def test_form_valid(self):
session = self.client.session
user_manager = UserAuthenticationManager(session)
user_manager.set_identified_user(self.user)
code_manager = CodeSessionManager(session)
code = code_manager.get_code()
session.save()
response = self.client.post(self.url, data={'password': code})
self.assertRedirects(response, reverse('auth_factories:list'))
def test_status_for_post_with_skip_get(self):
request = self.factory.post(self.url)
request.session = {}
request.user_manager = UserAuthenticationManager(request.session)
request.user_manager.set_identified_user(self.user)
response = AuthenticationView.as_view()(request)
self.assertEquals(response.status_code, 200)
class LoginFormView(FormView):
form_class = UserForm
template_name = "auth_factories/login_form.html"
success_url = reverse_lazy('auth_factories:list')
def dispatch(self, request, *args, **kwargs):
self.user_manager = UserAuthenticationManager(request.session)
if self.user_manager.get_identified_user() is not None:
return redirect(reverse('auth_factories:list'))
return super(LoginFormView, self).dispatch(request, *args, **kwargs)
def form_valid(self, form):
self.user_manager.set_identified_user(form.cleaned_data['user'])
user_identified.send(
sender=self.__class__,
user=self.user_manager.get_identified_user(),
# session_id=self.request.session._get_or_create_session_key(),
request_ip=self.request.META.get('REMOTE_ADDR'))
return HttpResponseRedirect(self.get_success_url())
class FactorListView(AuthenticationProcessMixin, ListView):
model = Factor
def dispatch(self, request, *args, **kwargs):
self.user_manager = UserAuthenticationManager(request.session)
if self.user_manager.get_identified_user() is None:
messages.warning(self.request,
_("You must first identify yourself."))
return redirect(reverse('auth_factories:login'))
if not self.request.user.is_anonymous:
messages.warning(self.request,
_("You do not need to authenticate more."))
return redirect(
self.request.session.get('success_url', reverse('home')))
return super(FactorListView, self).dispatch(request, *args, **kwargs)
def get_context_data(self, **kwargs):
kwargs['factory_list'] = self.get_factory_list()
kwargs['registry'] = Registry
kwargs['identified_user'] = self.request.user
return super(FactorListView, self).get_context_data(**kwargs)
@cached_property
def authenticated_factories(self):
return self.user_manager.get_authenticated_factory_map()
def get_factory_list(self):
return [
self.get_factory_item(x)
for _, x in self.user_manager.get_enabled_factory_map().items()
]
def get_factory_item(self, factory): # TODO: Move to views
return {
'name': factory.name,
'url': factory.get_authentication_url(),
'weight': factory.weight,
'authenticated': factory.id in self.authenticated_factories,
'first_class': factory.first_class
}
class AuthenticationProcessMixin(ContextMixin, View):
def get_weight(self):
user = get_user_weight(self.user_manager.get_identified_user())
authenticated = self.user_manager.get_authenticated_weight()
left = user - authenticated
left = max(0, left)
return {
'user_weight': user,
'authenticated_weight': authenticated,
'left_weight': left
}
def dispatch(self, request, *args, **kwargs):
self.user_manager = UserAuthenticationManager(request.session)
if not self.user_manager.get_identified_user():
return redirect('auth_factories:login')
return super(AuthenticationProcessMixin,
self).dispatch(request, *args, **kwargs)
def get_context_data(self, **kwargs):
kwargs.update(self.get_weight())
return super(AuthenticationProcessMixin,
self).get_context_data(**kwargs)
def dispatch(self, request, *args, **kwargs):
self.user_manager = UserAuthenticationManager(request.session)
return super(UserSessionManageMixin,
self).dispatch(request, *args, **kwargs)
def identify_2fa_factory(self, request, user):
session = getattr(request, 'session', {})
user_manager = UserAuthenticationManager(session)
user_manager.set_identified_user(user)
request.session = session
def dispatch(self, request, *args, **kwargs):
self.user_manager = UserAuthenticationManager(request.session)
if self.user_manager.get_identified_user() is not None:
return redirect(reverse('auth_factories:list'))
return super(LoginFormView, self).dispatch(request, *args, **kwargs)
def test_add_and_authenticated_factory(self):
manager = UserAuthenticationManager(self.session)
self.assertEqual(manager.get_user(), AnonymousUser())
def test_get_or_set_or_unset_identified_user(self):
manager = UserAuthenticationManager(self.session)
self.assertEqual(manager.get_user(), AnonymousUser())
manager.set_identified_user(self.user)
self.assertEqual(manager.get_user(), AnonymousUser())
self.assertEqual(manager.get_identified_user(), self.user)
manager.unset_identified_user()
self.assertEqual(manager.get_user(), AnonymousUser())
self.assertEqual(manager.get_identified_user(), None)