def authenticate(self, username=None, response=None): print("authenticating") if None in (username, response): return None try: user = User.objects.get(username=username) try: bcauth = BCAuth.objects.get(username=username) except BCAuth.DoesNotExist: return None if not hasattr(user, "useraddresses"): return None now = datetime.datetime.utcnow().replace(tzinfo=utc) difference = now - bcauth.created_at if difference.seconds > settings.BCAUTH_SESSION_EXPIRE: return None try: if not bitcoinsig.verify_message( user.useraddresses.address, response, bcauth.challenge.encode("utf-8") ): return None except: # This is bad, but it's how gribble does it. needs fixing return None bcauth.delete() return user except User.DoesNotExist: return None
def authenticate(self, username=None, response=None): print('authenticating') if None in (username, response): return None try: user = User.objects.get(username=username) try: bcauth = BCAuth.objects.get(username=username) except BCAuth.DoesNotExist: return None if not hasattr(user, 'useraddresses'): return None now = datetime.datetime.utcnow().replace(tzinfo=utc) difference = now - bcauth.created_at if difference.seconds > settings.BCAUTH_SESSION_EXPIRE: return None try: if not bitcoinsig.verify_message( user.useraddresses.address, response, bcauth.challenge.encode('utf-8')): return None except: # This is bad, but it's how gribble does it. needs fixing return None bcauth.delete() return user except User.DoesNotExist: return None
def verify_sig(sig): sig_info = parse_sig(sig) valid = bitcoinsig.verify_message( sig_info['master'], sig_info['signature'], strip_armor(sig) ) return [valid, sig_info]
def clean(self): username = self.cleaned_data.get('username') address = self.cleaned_data.get('address') response = self.cleaned_data.get('response') try: bcauth = BCAuth.objects.get(username=username) except BCAuth.DoesNotExist: raise forms.ValidationError('Sorry, that login was invalid. Please try again.') try: user = User.objects.get(username=username) if not self.user.is_authenticated() or user != self.user: raise forms.ValidationError('User already exists') except User.DoesNotExist: pass try: if not bitcoinsig.verify_message( address, response, bcauth.challenge.encode('utf-8')): raise forms.ValidationError("Signature validation failed") except: raise forms.ValidationError("Signature validation failed. Invalid address or signature provided") return self.cleaned_data
def clean(self): username = self.cleaned_data.get('username') address = self.cleaned_data.get('address') response = self.cleaned_data.get('response') try: bcauth = BCAuth.objects.get(username=username) except BCAuth.DoesNotExist: raise forms.ValidationError( 'Sorry, that login was invalid. Please try again.') try: user = User.objects.get(username=username) if not self.user.is_authenticated() or user != self.user: raise forms.ValidationError('User already exists') except User.DoesNotExist: pass try: if not bitcoinsig.verify_message(address, response, bcauth.challenge.encode('utf-8')): raise forms.ValidationError("Signature validation failed") except: raise forms.ValidationError( "Signature validation failed. Invalid address or signature provided" ) return self.cleaned_data