def password_forgotten_view(request): """ forgotten password view and submit. includes return_url """ from helios_auth.view_utils import render_template from helios_auth.models import User if request.method == "GET": return render_template(request, 'password/forgot', {'return_url': request.GET.get('return_url', '')}) else: username = request.POST['username'] return_url = request.POST['return_url'] try: user = User.get_by_type_and_id('password', username) except User.DoesNotExist: return render_template(request, 'password/forgot', {'return_url': request.GET.get('return_url', ''), 'error': 'no such username'}) body = """ This is a password reminder: Your username: %s Your password: %s -- %s """ % (user.user_id, user.info['password'], settings.SITE_TITLE) # FIXME: make this a task send_mail('password reminder', body, settings.SERVER_EMAIL, ["%s <%s>" % (user.info['name'], user.info['email'])], fail_silently=False) return HttpResponseRedirect(return_url)
def password_forgotten_view(request): """ forgotten password view and submit. includes return_url """ from helios_auth.view_utils import render_template from helios_auth.models import User if request.method == "GET": return render_template( request, "password/forgot", {"return_url": request.GET.get("return_url", "")}, ) else: username = request.POST["username"] return_url = request.POST["return_url"] try: user = User.get_by_type_and_id("password", username) except User.DoesNotExist: return render_template( request, "password/forgot", { "return_url": request.GET.get("return_url", ""), "error": "no such username", }, ) body = """ This is a password reminder: Your username: %s Your password: %s -- %s """ % ( user.user_id, user.info["password"], settings.SITE_TITLE, ) # FIXME: make this a task send_mail( "password reminder", body, settings.SERVER_EMAIL, ["%s <%s>" % (user.info["name"], user.info["email"])], fail_silently=False, ) return HttpResponseRedirect(return_url)
def password_forgotten_view(request): """ forgotten password view and submit. includes return_url """ from helios_auth.view_utils import render_template from helios_auth.models import User if request.method == "GET": return render_template(request, "password/forgot", {"return_url": request.GET.get("return_url", "")}) else: username = request.POST["username"] return_url = request.POST["return_url"] try: user = User.get_by_type_and_id("password", username) except User.DoesNotExist: return render_template( request, "password/forgot", {"return_url": request.GET.get("return_url", ""), "error": "no such username"}, ) body = """ This is a password reminder: Your username: %s Your password: %s -- %s """ % ( user.user_id, user.info["password"], settings.SITE_TITLE, ) # FIXME: make this a task send_mail( "password reminder", body, settings.SERVER_EMAIL, ["%s <%s>" % (user.info["name"], user.info["email"])], fail_silently=False, ) return HttpResponseRedirect(return_url)
def password_login_view(request): from helios_auth.view_utils import render_template from helios_auth.views import after from helios_auth.models import User error = None if request.method == "GET": form = LoginForm() else: form = LoginForm(request.POST) # set this in case we came here straight from the multi-login chooser # and thus did not have a chance to hit the "start/password" URL request.session["auth_system_name"] = "password" if "return_url" in request.POST: request.session["auth_return_url"] = request.POST.get("return_url") if form.is_valid(): username = form.cleaned_data["username"].strip() password = form.cleaned_data["password"].strip() try: user = User.get_by_type_and_id("password", username) if password_check(user, password): request.session["password_user_id"] = user.user_id return HttpResponseRedirect(reverse(url_names.AUTH_AFTER)) except User.DoesNotExist: pass error = "Bad Username or Password" return render_template(request, "password/login", { "form": form, "error": error })
def password_login_view(request): from helios_auth.view_utils import render_template from helios_auth.views import after from helios_auth.models import User error = None if request.method == "GET": form = LoginForm() else: form = LoginForm(request.POST) # set this in case we came here straight from the multi-login chooser # and thus did not have a chance to hit the "start/password" URL request.session['auth_system_name'] = 'password' if request.POST.has_key('return_url'): request.session['auth_return_url'] = request.POST.get('return_url') if form.is_valid(): username = form.cleaned_data['username'].strip() password = form.cleaned_data['password'].strip() try: user = User.get_by_type_and_id('password', username) if password_check(user, password): request.session['password_user'] = user return HttpResponseRedirect(reverse(after)) except User.DoesNotExist: pass error = 'Bad Username or Password' return render_template(request, 'password/login', { 'form': form, 'error': error })
def elections(request): user = require_admin(request) page = int(request.GET.get("page", 1)) limit = int(request.GET.get("limit", 25)) q = request.GET.get("q", "") elections = Election.objects.filter(name__icontains=q) elections.all().order_by("-created_at") elections_paginator = Paginator(elections, limit) elections_page = elections_paginator.page(page) total_elections = elections_paginator.count return render_template( request, "stats_elections", { "elections": elections_page.object_list, "elections_page": elections_page, "limit": limit, "total_elections": total_elections, "q": q, }, )
def password_login_view(request): from helios_auth.view_utils import render_template from helios_auth.views import after from helios_auth.models import User error = None if request.method == "GET": form = LoginForm() else: form = LoginForm(request.POST) # set this in case we came here straight from the multi-login chooser # and thus did not have a chance to hit the "start/password" URL request.session['auth_system_name'] = 'password' if request.POST.has_key('return_url'): request.session['auth_return_url'] = request.POST.get('return_url') if form.is_valid(): username = form.cleaned_data['username'].strip() password = form.cleaned_data['password'].strip() try: user = User.get_by_type_and_id('password', username) if password_check(user, password): request.session['password_user_id'] = user.user_id return HttpResponseRedirect(reverse(after)) except User.DoesNotExist: pass error = 'Bad Username or Password' return render_template(request, 'password/login', {'form': form, 'error': error})
def follow_view(request): if request.method == "GET": from helios_auth.view_utils import render_template from helios_auth.views import after return render_template(request, 'twitter/follow', { 'user_to_follow': USER_TO_FOLLOW, 'reason_to_follow': REASON_TO_FOLLOW }) if request.method == "POST": follow_p = bool(request.POST.get('follow_p', False)) if follow_p: from helios_auth.security import get_user user = get_user(request) twitter_client = _get_client_by_token(user.token) result = twitter_client.oauth_request( 'http://api.twitter.com/1/friendships/create.json', args={'screen_name': USER_TO_FOLLOW}, method='POST') from helios_auth.views import after_intervention return HttpResponseRedirect(reverse(after_intervention))
def follow_view(request): if request.method == "GET": from helios_auth.view_utils import render_template from helios_auth.views import after return render_template( request, "twitter/follow", {"user_to_follow": USER_TO_FOLLOW, "reason_to_follow": REASON_TO_FOLLOW}, ) if request.method == "POST": follow_p = bool(request.POST.get("follow_p", False)) if follow_p: from helios_auth.security import get_user user = get_user(request) twitter_client = _get_client_by_token(user.token) result = twitter_client.oauth_request( "http://api.twitter.com/1/friendships/create.json", args={"screen_name": USER_TO_FOLLOW}, method="POST", ) from helios_auth.url_names import AUTH_AFTER_INTERVENTION return HttpResponseRedirect(reverse(AUTH_AFTER_INTERVENTION))
def ldap_login_view(request): from helios_auth.view_utils import render_template from helios_auth.views import after error = None if request.method == "GET": form = LoginForm() else: form = LoginForm(request.POST) request.session["auth_system_name"] = "ldap" if request.POST.has_key("return_url"): request.session["auth_return_url"] = request.POST.get("return_url") if form.is_valid(): username = form.cleaned_data["username"].strip() password = form.cleaned_data["password"].strip() auth = backend.CustomLDAPBackend() user = auth.authenticate(username, password) if user: request.session["ldap_user"] = {"user_id": user.email, "name": user.first_name + " " + user.last_name} return HttpResponseRedirect(reverse(after)) else: error = "Bad Username or Password" return render_template( request, "ldapauth/login", {"form": form, "error": error, "enabled_auth_systems": settings.AUTH_ENABLED_AUTH_SYSTEMS}, )
def login_view(request): # imports are here because putting them in the header prevents # initialization of the database from helios_auth.view_utils import render_template from helios_auth.views import after from helios_auth.models import User if request.method == "GET": form = LoginForm() else: form = LoginForm(request.POST) request.session['auth_system_name'] = 'dummy' if request.POST.has_key('return_url'): request.session['auth_return_url'] = request.POST.get('return_url') if form.is_valid(): name = form.cleaned_data['username'].strip() admin_p = form.cleaned_data['admin_p'] user_obj = User.update_or_create(user_type='dummy', user_id=name, name=name, info={}) if user_obj.admin_p != admin_p: user_obj.admin_p = admin_p user_obj.save() request.session['dummy_user'] = name return HttpResponseRedirect(reverse(after)) return render_template(request, 'dummy/login', {'form': form})
def shibboleth_register(request): from helios_auth.view_utils import render_template from helios_auth.views import after shib_attrs, errors = parse_attributes(request.META) if errors: return render_template(request, "shibboleth/missing_attributes", {"errors": errors}) if shib_attrs: request.session["shib_attrs"] = shib_attrs return HttpResponseRedirect(reverse(after)) else: error = _("Bad Username or Password") return render_template(request, "shibboleth/login_box", {"error": error})
def shibboleth_login_view(request): from helios_auth.view_utils import render_template error = None return render_template( request, "shibboleth/login_box", {"error": error, "enabled_auth_systems": settings.AUTH_ENABLED_AUTH_SYSTEMS} )
def shibboleth_login_view(request): from helios_auth.view_utils import render_template error = None return render_template(request, 'shibboleth/login_box', { 'error': error, 'enabled_auth_systems': settings.AUTH_ENABLED_AUTH_SYSTEMS, })
def shibboleth_login_view(request): from helios_auth.view_utils import render_template error = None return render_template( request, 'shibboleth/login_box', { 'error': error, 'enabled_auth_systems': settings.AUTH_ENABLED_AUTH_SYSTEMS, })
def shibboleth_register(request): from helios_auth.view_utils import render_template from helios_auth.views import after shib_attrs, errors = parse_attributes(request.META) if errors: return render_template(request, 'shibboleth/missing_attributes', { 'errors': errors, }) if shib_attrs: request.session['shib_attrs'] = shib_attrs return HttpResponseRedirect(reverse(after)) else: error = _('Bad Username or Password') return render_template(request, 'shibboleth/login_box', { 'error': error, })
def recent_problem_elections(request): user = require_admin(request) # elections left unfrozen older than 1 day old (and younger than 10 days old, so we don't go back too far) elections_with_problems = Election.objects.filter( frozen_at=None, created_at__gt=datetime.datetime.utcnow() - datetime.timedelta(days=10), created_at__lt=datetime.datetime.utcnow() - datetime.timedelta(days=1), ) return render_template(request, "stats_problem_elections", {"elections": elections_with_problems})
def recent_votes(request): user = require_admin(request) # elections with a vote in the last 24 hours, ordered by most recent cast vote time # also annotated with number of votes cast in last 24 hours elections_with_votes_in_24hours = (Election.objects.filter( voter__castvote__cast_at__gt=datetime.datetime.utcnow() - datetime.timedelta(days=1)).annotate( last_cast_vote=Max("voter__castvote__cast_at"), num_recent_cast_votes=Count("voter__castvote"), ).order_by("-last_cast_vote")) return render_template(request, "stats_recent_votes", {"elections": elections_with_votes_in_24hours})
def follow_view(request): if request.method == "GET": from helios_auth.view_utils import render_template from helios_auth.views import after return render_template(request, 'twitter/follow', {'user_to_follow': USER_TO_FOLLOW, 'reason_to_follow' : REASON_TO_FOLLOW}) if request.method == "POST": follow_p = bool(request.POST.get('follow_p',False)) if follow_p: from helios_auth.security import get_user user = get_user(request) twitter_client = _get_client_by_token(user.token) result = twitter_client.oauth_request('http://api.twitter.com/1/friendships/create.json', args={'screen_name': USER_TO_FOLLOW}, method='POST') from helios_auth.views import after_intervention return HttpResponseRedirect(reverse(after_intervention))
def ldap_login_view(request): from helios_auth.view_utils import render_template from helios_auth.views import after from helios_auth.auth_systems.ldapbackend import backend error = None if request.method == "GET": form = LoginForm() else: form = LoginForm(request.POST) request.session['auth_system_name'] = 'ldap' if request.POST.has_key('return_url'): request.session['auth_return_url'] = request.POST.get('return_url') if form.is_valid(): username = form.cleaned_data['username'].strip() password = form.cleaned_data['password'].strip() auth = backend.CustomLDAPBackend() user = auth.authenticate(None, username=username, password=password) if user: request.session['ldap_user'] = { 'username': user.username, 'email': user.email, 'name': user.first_name + ' ' + user.last_name, } return HttpResponseRedirect(reverse(after)) else: error = 'Bad Username or Password' return render_template( request, 'ldapauth/login', { 'form': form, 'error': error, 'enabled_auth_systems': settings.AUTH_ENABLED_AUTH_SYSTEMS, })
def ldap_login_view(request): from helios_auth.view_utils import render_template from helios_auth.views import after error = None if request.method == "GET": form = LoginForm() else: form = LoginForm(request.POST) request.session['auth_system_name'] = 'ldap' if request.POST.has_key('return_url'): request.session['auth_return_url'] = request.POST.get('return_url') if form.is_valid(): username = form.cleaned_data['username'].strip() password = form.cleaned_data['password'].strip() auth = backend.CustomLDAPBackend() user = auth.authenticate(username, password) if user: request.session['ldap_user'] = { 'username': user.username, 'email': user.email, 'name': user.first_name + ' ' + user.last_name, } return HttpResponseRedirect(reverse(after)) else: error = 'Bad Username or Password' return render_template(request, 'ldapauth/login', { 'form': form, 'error': error, 'enabled_auth_systems': settings.AUTH_ENABLED_AUTH_SYSTEMS, })
def home(request): user = require_admin(request) num_votes_in_queue = CastVote.objects.filter(invalidated_at=None, verified_at=None).count() return render_template(request, "stats", {"num_votes_in_queue": num_votes_in_queue})