def authenticate(username, password): user = None username = get_username_from_username_or_email(username) if not username: raise AuthenticationFailed() try: dolibarr = DolibarrAPI() dolibarr_token = dolibarr.login(login=username, password=password, reset=True) except (DolibarrAPIException): raise AuthenticationFailed() try: cyclos = CyclosAPI(mode='login') cyclos_token = cyclos.login(auth_string=b64encode( bytes('{}:{}'.format(username, password), 'utf-8')).decode( 'ascii')) except CyclosAPIException: raise AuthenticationFailed() try: user_results = dolibarr.get(model='users', sqlfilters="login='******'".format(username), api_key=dolibarr_token) dolibarr_user = [ item for item in user_results if item['login'] == username ][0] except (DolibarrAPIException, KeyError, IndexError): raise AuthenticationFailed() user, created = User.objects.get_or_create(username=username) user_profile = user.profile user_profile.cyclos_token = cyclos_token user_profile.dolibarr_token = dolibarr_token # if there is a member linked to this user, load it in order to retrieve its company name user_profile.companyname = '' if dolibarr_user['fk_member']: try: member = dolibarr.get(model='members', id=dolibarr_user['fk_member'], api_key=dolibarr_token) if member['company']: user_profile.companyname = member['company'] except DolibarrAPIException: pass try: user_profile.firstname = dolibarr_user['firstname'] user_profile.lastname = dolibarr_user['lastname'] except KeyError: raise AuthenticationFailed() user_profile.save() return user
def validate_lost_password(request): """ validate_lost_password """ serializer = serializers.ValidLostPasswordSerializer(data=request.data) serializer.is_valid( raise_exception=True) # log.critical(serializer.errors) try: token_data = jwt.decode(request.data['token'], settings.JWT_SECRET, issuer='lost-password', audience='guest') except jwt.InvalidTokenError: return Response({'error': 'Unable to read token!'}, status=status.HTTP_400_BAD_REQUEST) try: # Check SecurityQA with custom methods in models.SecurityAnswer answer = models.SecurityAnswer.objects.get(owner=token_data['login']) if not answer.check_answer(serializer.data['answer']): return Response({'status': 'NOK'}, status=status.HTTP_400_BAD_REQUEST) # Dans Cyclos, activer l'utilisateur (au cas où il soit à l'état bloqué) cyclos = CyclosAPI(mode='login') cyclos_token = cyclos.login(auth_string=b64encode( bytes( '{}:{}'.format(settings.APPS_ANONYMOUS_LOGIN, settings.APPS_ANONYMOUS_PASSWORD), 'utf-8')).decode('ascii')) cyclos_user_id = cyclos.get_member_id_from_login( member_login=token_data['login'], token=cyclos_token) active_user_data = { 'user': cyclos_user_id, # ID de l'utilisateur 'status': 'ACTIVE' } cyclos.post(method='userStatus/changeStatus', data=active_user_data, token=cyclos_token) # Dans Cyclos, reset le mot de passe d'un utilisateur password_data = { 'user': cyclos_user_id, # ID de l'utilisateur 'type': str(settings.CYCLOS_CONSTANTS['password_types']['login_password']), 'newPassword': serializer.data['new_password'], # saisi par l'utilisateur 'confirmNewPassword': serializer.data['confirm_password'], # saisi par l'utilisateur } cyclos.post(method='password/change', data=password_data, token=cyclos_token) return Response({'status': 'success'}) except (EuskalMonetaAPIException, CyclosAPIException, KeyError, IndexError): return Response({'error': 'Unable to get user data for this login!'}, status=status.HTTP_400_BAD_REQUEST)
def validate_first_connection(request): """ validate_first_connection """ serializer = serializers.ValidFirstConnectionSerializer(data=request.data) serializer.is_valid( raise_exception=True) # log.critical(serializer.errors) try: token_data = jwt.decode(request.data['token'], settings.JWT_SECRET, issuer='first-connection', audience='guest') except jwt.InvalidTokenError: return Response({'error': 'Unable to read token!'}, status=status.HTTP_400_BAD_REQUEST) try: dolibarr = DolibarrAPI() dolibarr_token = dolibarr.login( login=settings.APPS_ANONYMOUS_LOGIN, password=settings.APPS_ANONYMOUS_PASSWORD) # We check if the user already exist, if he already exist we return a 400 try: dolibarr.get(model='users', login=token_data['login'], api_key=dolibarr_token) return Response({'error': 'User already exist!'}, status=status.HTTP_201_CREATED) except DolibarrAPIException: pass # 1) Créer une réponse à une SecurityQuestion (créer aussi une SecurityAnswer). if serializer.data.get('question_id', False): # We got a question_id q = models.SecurityQuestion.objects.get( id=serializer.data['question_id']) elif serializer.data.get('question_text', False): # We didn't got a question_id, but a question_text: we need to create a new SecurityQuestion object q = models.SecurityQuestion.objects.create( question=serializer.data['question_text']) else: return Response( { 'status': ('Error: You need to provide at least one thse two fields: ' 'question_id or question_text') }, status=status.HTTP_400_BAD_REQUEST) res = models.SecurityAnswer.objects.create(owner=token_data['login'], question=q) res.set_answer(raw_answer=serializer.data['answer']) res.save() if not res: Response({'error': 'Unable to save security answer!'}, status=status.HTTP_400_BAD_REQUEST) # 2) Dans Dolibarr, créer un utilisateur lié à l'adhérent member = dolibarr.get(model='members', login=token_data['login'], api_key=dolibarr_token) create_user = '******'.format(member[0]['id']) create_user_data = {'login': token_data['login']} # user_id will be the ID for this new user user_id = dolibarr.post(model=create_user, data=create_user_data, api_key=dolibarr_token) # 3) Dans Dolibarr, ajouter ce nouvel utilisateur dans le groupe "Adhérents" user_group_model = 'users/{}/setGroup/{}'.format( user_id, settings.DOLIBARR_CONSTANTS['groups']['adherents']) user_group_res = dolibarr.get(model=user_group_model, api_key=dolibarr_token) if not user_group_res == 1: raise EuskalMonetaAPIException # 4) Dans Cyclos, activer l'utilisateur cyclos = CyclosAPI(mode='login') cyclos_token = cyclos.login(auth_string=b64encode( bytes( '{}:{}'.format(settings.APPS_ANONYMOUS_LOGIN, settings.APPS_ANONYMOUS_PASSWORD), 'utf-8')).decode('ascii')) cyclos_user_id = cyclos.get_member_id_from_login( member_login=token_data['login'], token=cyclos_token) active_user_data = { 'user': cyclos_user_id, # ID de l'utilisateur 'status': 'ACTIVE' } cyclos.post(method='userStatus/changeStatus', data=active_user_data, token=cyclos_token) # 5) Dans Cyclos, initialiser le mot de passe d'un utilisateur password_data = { 'user': cyclos_user_id, # ID de l'utilisateur 'type': str(settings.CYCLOS_CONSTANTS['password_types']['login_password']), 'newPassword': request.data['new_password'], # saisi par l'utilisateur 'confirmNewPassword': request.data['confirm_password'], # saisi par l'utilisateur } cyclos.post(method='password/change', data=password_data, token=cyclos_token) return Response({'status': 'success'}) except (EuskalMonetaAPIException, DolibarrAPIException, CyclosAPIException, KeyError, IndexError): return Response({'error': 'Unable to get user data for this login!'}, status=status.HTTP_400_BAD_REQUEST)