Example #1
0
    def __call__(self):
        auth = self.authenticator = getMultiAdapter(
            (self.context, self.request), IAuthenticator)

        userid = self.request.form.get('userid')
        code = self.request.form.get('code')
        if userid and code:
            exc_key = auth.get_country_exception_cache_key(userid)
            try:
                data = cache.get(exc_key)
                if not strings_differ(data['code'], code):
                    timestamp = data.get('timestamp')
                    if timestamp and (time.time() <
                                      (timestamp + (12 * 60 * 60))):
                        user = api.user.get(data['userid'])
                        self.message = 'Successfully issued country login exception for {}({}).'.format(  # noqa
                            user.getProperty('fullname') or user.getUserName(),
                            user.getUserName())
                        self.success = True
                        data['granted'] = True
                        data['timestamp'] = time.time()
                        cache.set(exc_key, data, 12 * 60 * 60)
                        self.send_email(data)
            except:
                pass
        return self.index()
Example #2
0
    def authorize_2factor(self, username, code, offset=0):
        try:
            value = cache.get(self.get_2factor_code_key(username))
        except Exception:
            return False

        # check actual code
        if strings_differ(value['code'].lower(), code.lower()):
            return False

        # then check timing
        timestamp = value.get('timestamp')
        if not timestamp or (time.time() > (timestamp + 5 * 60 + offset)):
            return False
        return True