def dispatch(self, request, *args, **kwargs):
if settings.DEBUG is True:
bl_addr = request.GET.get('blacklist', request.META['REMOTE_ADDR'])
dnsbl_addr = request.GET.get('dnsbl', request.META['REMOTE_ADDR'])
rate_addr = request.GET.get('ratelimit',
request.META['REMOTE_ADDR'])
else:
bl_addr = dnsbl_addr = rate_addr = request.META['REMOTE_ADDR']
if BlockedIpAddress.objects.is_blocked(bl_addr):
raise BlockedException(_('This address is blocked.'))
# Check static blacklist (settings.SPAM_BLACKLIST)
bl_addr = ipaddress.ip_address(bl_addr)
for network in _BLACKLIST:
if bl_addr in network:
log.info('%s: IP is in settings.BLACKLIST.', bl_addr)
return TemplateResponse(request, self.blacklist_template, {})
# Check ratelimits
if self.check_rate(request, rate_addr) is False:
log.info('%s: IP is ratelimited.', rate_addr)
return TemplateResponse(request, self.rate_template, {})
# Check DNS Blacklists
blocks = check_dnsbl(dnsbl_addr)
if blocks:
log.info('%s: IP is on at least one DNSBL.', dnsbl_addr)
return TemplateResponse(request, self.dnsbl_template, {
'blocks': blocks,
})
return super(AntiSpamMixin, self).dispatch(request, *args, **kwargs)
def form_valid(self, form):
request = self.request
self.ratelimit(request)
address = request.META['REMOTE_ADDR']
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
if BlockedEmail.objects.is_blocked(form.cleaned_data['email']):
BlockedIpAddress.objects.block(address)
raise BlockedException(_('You cannot register with this email address.'))
with transaction.atomic(), version(comment='User created'):
response = super(RegistrationView, self).form_valid(form)
user = self.object
# Compute the normalized email address
user.normalized_email = normalize_email(user.email)
# save default language
user.default_language = lang
user.save()
# log user creation, display help message.
user.log(ugettext_noop('Account created.'), address=address)
AddressActivity.objects.log(request, ACTIVITY_REGISTER, user=user, note=user.email)
stat(STAT_REGISTER)
messages.success(request, _(
"""Successfully created the account %(username)s. A confirmation email was
just sent to the email address you provided (%(email)s). Before you can use
your account, you must click on the confirmation link in that email.""") % {
'username': user.username,
'email': user.email,
})
user.backend = settings.AUTHENTICATION_BACKENDS[0]
login(self.request, user)
task = send_confirmation_task.si(
user_pk=user.pk, purpose=PURPOSE_REGISTER, language=lang, address=address,
to=user.email, base_url=base_url, hostname=request.site['NAME'])
# Store GPG key if any
fp, key = form.get_gpg_data()
if fp or key:
gpg_task = add_gpg_key_task.si(
user_pk=user.pk, address=address, fingerprint=fp, key=key)
task = chain(gpg_task, task)
task.delay()
return response