def validate(self, attrs):
callback_token = attrs.get('token', None)
token = CallbackToken.objects.get(key=callback_token, is_active=True)
if token:
# Check the token type for our uni-auth method.
# authenticates and checks the expiry of the callback token.
user = authenticate_by_token(token)
if user:
if not user.is_active:
msg = _('User account is disabled.')
raise serializers.ValidationError(msg)
if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \
or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED:
# Mark this alias as verified
user = User.objects.get(pk=token.user.pk)
success = verify_user_alias(user, token)
if success is False:
msg = _('Error validating user alias.')
raise serializers.ValidationError(msg)
attrs['user'] = user
return attrs
else:
msg = _('Invalid Token')
raise serializers.ValidationError(msg)
else:
msg = _('Missing authentication token.')
raise serializers.ValidationError(msg)
def post(self, request, *args, **kwargs):
user = authenticate_by_token(request.data.get('token', None))
if user:
login(request,
user,
backend='django.contrib.auth.backends.ModelBackend')
return Response({'success': True})
else:
raise ValidationError('Couldn\'t log you in. Invalid token.')
def get(self, request, *args, **kwargs):
if 'token' in request.GET:
user = authenticate_by_token(request.GET['token'])
if user:
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
return redirect('dashboard')
return super(TokenAuthView, self).get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
user = authenticate_by_token(request.data.get('token', None))
if user:
login(request,
user,
backend='django.contrib.auth.backends.ModelBackend')
return Response({'success': True}, status=statuses.HTTP_200_OK)
else:
return Response({'detail': 'Couldn\'t log you in. Invalid token.'},
status=statuses.HTTP_400_BAD_REQUEST)
def process_request(self, request):
token = request.GET.get(settings.EMAIL_AUTH_TOKEN_NAME)
if token is None:
return
user = authenticate_by_token(token)
if user is None:
return
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
def validate(self, attrs):
callback_token = attrs.get('token', None)
try:
token = CallbackToken.objects.get(key=callback_token,
is_active=True)
except ObjectDoesNotExist:
if callback_token in api_settings.PASSWORDLESS_ADMIN_MOBILE_VERIFICATION_CODE:
user = User.objects.get(
mobile=api_settings.PASSWORDLESS_ADMIN_TEST_PHONE_NUMBER)
token = CallbackToken.objects.create(
user=user,
to_alias_type='MOBILE',
to_alias=getattr(
user,
api_settings.PASSWORDLESS_USER_MOBILE_FIELD_NAME))
if token:
# Check the token type for our uni-auth method.
# authenticates and checks the expiry of the callback token.
user = authenticate_by_token(token)
if user:
if not user.is_active:
msg = _('User account is disabled.')
raise serializers.ValidationError(msg)
if api_settings.PASSWORDLESS_USER_MARK_EMAIL_VERIFIED \
or api_settings.PASSWORDLESS_USER_MARK_MOBILE_VERIFIED:
# Mark this alias as verified
user = User.objects.get(pk=token.user.pk)
success = verify_user_alias(user, token)
if success is False:
msg = _('Error validating user alias.')
raise serializers.ValidationError(msg)
attrs['user'] = user
return attrs
else:
msg = _('Invalid Token')
raise serializers.ValidationError(msg)
else:
msg = _('Missing authentication token.')
raise serializers.ValidationError(msg)
def process_request(self, request):
token = request.GET.get(settings.EMAIL_AUTH_TOKEN_NAME)
if token is None:
return
try:
# attempt to auth via authtoken
token_auth = TokenAuthentication()
user, _ = token_auth.authenticate_credentials(token)
except AuthenticationFailed:
# attempt to auth by drfpasswordless
user = authenticate_by_token(token)
if user is None:
return
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
