def authenticate(self, username=None, response=None):
print("authenticating")
if None in (username, response):
return None
try:
user = User.objects.get(username=username)
try:
bcauth = BCAuth.objects.get(username=username)
except BCAuth.DoesNotExist:
return None
if not hasattr(user, "useraddresses"):
return None
now = datetime.datetime.utcnow().replace(tzinfo=utc)
difference = now - bcauth.created_at
if difference.seconds > settings.BCAUTH_SESSION_EXPIRE:
return None
try:
if not bitcoinsig.verify_message(
user.useraddresses.address, response, bcauth.challenge.encode("utf-8")
):
return None
except: # This is bad, but it's how gribble does it. needs fixing
return None
bcauth.delete()
return user
except User.DoesNotExist:
return None
def authenticate(self, username=None, response=None):
print('authenticating')
if None in (username, response):
return None
try:
user = User.objects.get(username=username)
try:
bcauth = BCAuth.objects.get(username=username)
except BCAuth.DoesNotExist:
return None
if not hasattr(user, 'useraddresses'):
return None
now = datetime.datetime.utcnow().replace(tzinfo=utc)
difference = now - bcauth.created_at
if difference.seconds > settings.BCAUTH_SESSION_EXPIRE:
return None
try:
if not bitcoinsig.verify_message(
user.useraddresses.address, response,
bcauth.challenge.encode('utf-8')):
return None
except: # This is bad, but it's how gribble does it. needs fixing
return None
bcauth.delete()
return user
except User.DoesNotExist:
return None
def verify_sig(sig):
sig_info = parse_sig(sig)
valid = bitcoinsig.verify_message(
sig_info['master'],
sig_info['signature'],
strip_armor(sig)
)
return [valid, sig_info]
def clean(self):
username = self.cleaned_data.get('username')
address = self.cleaned_data.get('address')
response = self.cleaned_data.get('response')
try:
bcauth = BCAuth.objects.get(username=username)
except BCAuth.DoesNotExist:
raise forms.ValidationError('Sorry, that login was invalid. Please try again.')
try:
user = User.objects.get(username=username)
if not self.user.is_authenticated() or user != self.user:
raise forms.ValidationError('User already exists')
except User.DoesNotExist:
pass
try:
if not bitcoinsig.verify_message(
address,
response,
bcauth.challenge.encode('utf-8')):
raise forms.ValidationError("Signature validation failed")
except:
raise forms.ValidationError("Signature validation failed. Invalid address or signature provided")
return self.cleaned_data
def clean(self):
username = self.cleaned_data.get('username')
address = self.cleaned_data.get('address')
response = self.cleaned_data.get('response')
try:
bcauth = BCAuth.objects.get(username=username)
except BCAuth.DoesNotExist:
raise forms.ValidationError(
'Sorry, that login was invalid. Please try again.')
try:
user = User.objects.get(username=username)
if not self.user.is_authenticated() or user != self.user:
raise forms.ValidationError('User already exists')
except User.DoesNotExist:
pass
try:
if not bitcoinsig.verify_message(address, response,
bcauth.challenge.encode('utf-8')):
raise forms.ValidationError("Signature validation failed")
except:
raise forms.ValidationError(
"Signature validation failed. Invalid address or signature provided"
)
return self.cleaned_data
