def save_instant_account(request) -> HttpResponse:
request = get_json_body(request)
username = request['username']
password = request['password']
if User.objects.all().filter(username=username).exists():
return JsonResponse(operation_response(error=True, message=f"User with username '{username}' already exists."))
if Account.objects.all().filter(name=username).exists():
return JsonResponse(operation_response(error=True,
message=f"Account with username {username}' already exists."))
# Extremely arbitrary password requirements. Just to make sure a password has been filled in.
if len(password) < 5:
return JsonResponse(operation_response(error=True, message=f"Password not filled in or not long enough."))
# all seems fine, let's add the user
user = User(**{'username': username})
user.set_password(password)
user.is_active = True
user.save()
account = Account(**{
'name': username,
'internet_nl_api_username': username,
'internet_nl_api_password': Account.encrypt_password(password),
'can_connect_to_internet_nl_api': Account.connect_to_internet_nl_api(username, password)
})
account.save()
dashboarduser = DashboardUser(**{'user': user, 'account': account})
dashboarduser.save()
return JsonResponse(operation_response(success=True, message=f"Account and user with name '{username}' created!"))
def set_account(request) -> HttpResponse:
request_data = get_json_body(request)
selected_account_id: int = request_data['id']
if not selected_account_id:
return JsonResponse(
operation_response(error=True, message="No account supplied."))
dashboard_user = DashboardUser.objects.all().filter(
user=request.user).first()
# very new users don't have the dashboarduser fields filled in, and are thus not connected to an account.
if not dashboard_user:
dashboard_user = DashboardUser(**{
'account': Account.objects.all().first(),
'user': request.user
})
dashboard_user.account = Account.objects.get(id=selected_account_id)
dashboard_user.save()
return JsonResponse(
operation_response(success=True,
message="switched_account",
data={'account_name': dashboard_user.account.name}))
def remove_tag_(request):
data = get_json_body(request)
remove_tag(account=get_account(request),
urllist_id=data.get('urllist_id', []),
url_ids=data.get('url_ids', []),
tag=data.get('tag', ""))
return JsonResponse(operation_response(success=True), safe=False)
def get_shared_report_(request, report_code: str) -> HttpResponse:
# Explicitly NOT use jsonresponse as this loads the json data into an encoder which is extremely slow on large files
data = get_json_body(request)
return HttpResponse( # pylint: disable=http-response-with-content-type-json
get_shared_report(report_code, data.get('share_code', '')),
content_type="application/json")
def delete_url_from_urllist_(request):
account = get_account(request)
request = get_json_body(request)
items_deleted, item_details = delete_url_from_urllist(
account, request.get('list_id'), request.get('url_id'))
return JsonResponse({
'items_deleted': items_deleted,
'success': items_deleted
})
def save_ad_hoc_tagged_report_(request, report_id: int):
data = get_json_body(request)
tags = data.get('tags', [])
try:
at_when: Optional[datetime] = datetime.fromisoformat(
f"{data.get('custom_date')} {data.get('custom_time')}")
except ValueError:
at_when = None
return JsonResponse(
save_ad_hoc_tagged_report(get_account(request), report_id, tags,
at_when))
def get_ad_hoc_tagged_report_(request, report_id: int):
data = get_json_body(request)
tags = data.get('tags', [])
try:
at_when: Optional[datetime] = datetime.fromisoformat(
f"{data.get('custom_date')} {data.get('custom_time')}")
except ValueError:
at_when = None
return HttpResponse( # pylint: disable=http-response-with-content-type-json
ad_hoc_tagged_report(get_account(request), report_id, tags, at_when),
content_type="application/json")
def session_login_(request):
"""
Note that login is not possible, as the session cookie must be set correctly. The CSRF is tied to the session
cookie, so you cannot retrieve that in a different fashion. There are frameworks that allow you to login
such as djoser, but they DO NOT do second factor authentication and there is nothing equivalent to
django_second_factor_auth. So all logins and session management must be done, until we drop second factor auth
or when there is a json api available for the latter.
:param request:
:return:
"""
# taken from: https://stackoverflow.com/questions/11891322/setting-up-a-user-login-in-python-django-using-json-and-
if request.method != 'POST':
sleep(2)
return operation_response(error=True, message="post_only")
# get the json data:
parameters = get_json_body(request)
username = parameters.get('username', '').strip()
password = parameters.get('password', '').strip()
if not username or not password:
sleep(2)
return operation_response(error=True, message="no_credentials_supplied")
user = authenticate(username=username, password=password)
if user is None:
sleep(2)
return operation_response(error=True, message="invalid_credentials")
if not user.is_active:
sleep(2)
return operation_response(error=True, message="user_not_active")
# todo: implement generate_challenge and verify_token, so we can do login from new site.
devices = TOTPDevice.objects.all().filter(user=user, confirmed=True)
if devices:
sleep(2)
return operation_response(error=True, message="second_factor_login_required")
login(request, user)
return operation_response(success=True, message="logged_in")
def scan_now_(request):
return JsonResponse(scan_now(get_account(request), get_json_body(request)))
def add_urls_to_urllist(request):
return JsonResponse(
save_urllist_content(get_account(request), get_json_body(request)))
def alter_url_in_urllist_(request):
return JsonResponse(
alter_url_in_urllist(get_account(request), get_json_body(request)))
def delete_list_(request):
return JsonResponse(
delete_list(get_account(request), get_json_body(request)))
def update_list_settings_(request):
return JsonResponse(
update_list_settings(get_account(request), get_json_body(request)))
def x_share(request):
data = get_json_body(request)
account = get_account(request)
return JsonResponse(share(account, data.get('report_id', -1),
data.get('public_share_code', '')),
safe=False)
def cancel_scan_(request):
account = get_account(request)
request = get_json_body(request)
response = cancel_scan(account, request.get('id'))
return JsonResponse(response)
def x_update_report_code(request):
data = get_json_body(request)
account = get_account(request)
return JsonResponse(update_report_code(account, data.get('report_id', -1)),
safe=False)
def save_report_settings_(request) -> JsonResponse:
return JsonResponse(save_report_settings(get_account(request), get_json_body(request)))
def save_user_settings_(request) -> JsonResponse:
return JsonResponse(
save_user_settings(get_dashboarduser(request), get_json_body(request)))
