def register(request):
'''
Register new user.
'''
serializer_class = registration_settings.REGISTER_SERIALIZER_CLASS
serializer = serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
kwargs = {}
if registration_settings.REGISTER_VERIFICATION_ENABLED:
verification_flag_field = get_user_setting('VERIFICATION_FLAG_FIELD')
kwargs[verification_flag_field] = False
email_field = get_user_setting('EMAIL_FIELD')
if (email_field not in serializer.validated_data
or not serializer.validated_data[email_field]):
raise BadRequest("User without email cannot be verified")
user = serializer.save(**kwargs)
signals.user_registered.send(sender=None, user=user, request=request)
output_serializer_class = registration_settings.REGISTER_OUTPUT_SERIALIZER_CLASS # noqa: E501
output_serializer = output_serializer_class(instance=user)
user_data = output_serializer.data
if registration_settings.REGISTER_VERIFICATION_ENABLED:
signer = RegisterSigner({
'user_id': get_user_verification_id(user),
},
request=request)
template_config = (
registration_settings.REGISTER_VERIFICATION_EMAIL_TEMPLATES)
send_verification_notification(user, signer, template_config)
return Response(user_data, status=status.HTTP_201_CREATED)
def _get_field_names(allow_primary_key=True, non_editable=False):
def not_in_seq(names):
return lambda name: name not in names
user_class = get_user_model()
fields = user_class._meta.get_fields() # pylint: disable=protected-access
default_field_names = [f.name for f in fields
if (getattr(f, 'serialize', False) or
getattr(f, 'primary_key', False))]
pk_field_names = [f.name for f in fields
if getattr(f, 'primary_key', False)]
hidden_field_names = set(get_user_setting('HIDDEN_FIELDS'))
hidden_field_names = hidden_field_names.union(['last_login', 'password'])
public_field_names = get_user_setting('PUBLIC_FIELDS')
editable_field_names = get_user_setting('EDITABLE_FIELDS')
field_names = (public_field_names if public_field_names is not None
else default_field_names)
if editable_field_names is None:
editable_field_names = field_names
editable_field_names = set(filter(not_in_seq(pk_field_names),
editable_field_names))
field_names = filter(not_in_seq(hidden_field_names), field_names)
if not allow_primary_key:
field_names = filter(not_in_seq(pk_field_names), field_names)
if non_editable:
field_names = filter(not_in_seq(editable_field_names), field_names)
field_names = tuple(field_names)
return field_names
def register_email(request):
'''
Register new email.
'''
user = request.user
serializer = RegisterEmailSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
email = serializer.validated_data['email']
template_config = (
registration_settings.REGISTER_EMAIL_VERIFICATION_EMAIL_TEMPLATES)
if registration_settings.REGISTER_EMAIL_VERIFICATION_ENABLED:
signer = RegisterEmailSigner({
'user_id': user.pk,
'email': email,
},
request=request)
send_verification_notification(user,
signer,
template_config,
email=email)
else:
email_field = get_user_setting('EMAIL_FIELD')
setattr(user, email_field, email)
user.save()
return get_ok_response('Register email link email sent')
def register(request):
'''
Register new user.
'''
serializer_class = registration_settings.REGISTER_SERIALIZER_CLASS
serializer = serializer_class(data=request.data,
context={'request': request})
serializer.is_valid(raise_exception=True)
kwargs = {}
if registration_settings.REGISTER_VERIFICATION_ENABLED:
verification_flag_field = get_user_setting('VERIFICATION_FLAG_FIELD')
kwargs[verification_flag_field] = False
email_field_name = get_user_email_field_name()
if (email_field_name not in serializer.validated_data
or not serializer.validated_data[email_field_name]):
raise BadRequest(_("User without email cannot be verified"))
with transaction.atomic():
user = serializer.save(**kwargs)
if registration_settings.REGISTER_VERIFICATION_ENABLED:
send_register_verification_email_notification(request, user)
signals.user_registered.send(sender=None, user=user, request=request)
output_serializer_class = registration_settings.REGISTER_OUTPUT_SERIALIZER_CLASS
output_serializer = output_serializer_class(
instance=user,
context={'request': request},
)
user_data = output_serializer.data
return Response(user_data, status=status.HTTP_201_CREATED)
def process_verify_email_data(input_data, serializer_context=None):
if serializer_context is None:
serializer_context = {}
if not registration_settings.REGISTER_EMAIL_VERIFICATION_ENABLED:
raise Http404()
serializer = VerifyEmailSerializer(
data=input_data,
context=serializer_context,
)
serializer.is_valid(raise_exception=True)
data = serializer.validated_data
signer = RegisterEmailSigner(data)
verify_signer_or_bad_request(signer)
request = serializer_context.get('request')
email_field = get_user_setting('EMAIL_FIELD')
user = get_user_by_verification_id(data['user_id'])
old_email = user.email
setattr(user, email_field, data['email'])
user.save()
signals.user_changed_email.send(
sender=None,
user=user,
new_email=data['email'],
old_email=old_email,
request=request,
)
def register_email(request):
'''
Register new email.
'''
user = request.user
serializer_class = registration_settings.REGISTER_EMAIL_SERIALIZER_CLASS
serializer = serializer_class(
data=request.data,
context={'request': request},
)
serializer.is_valid(raise_exception=True)
email = serializer.get_email()
template_config = (
registration_settings.REGISTER_EMAIL_VERIFICATION_EMAIL_TEMPLATES)
if registration_settings.REGISTER_EMAIL_VERIFICATION_ENABLED:
signer = RegisterEmailSigner(
{
'user_id': get_user_verification_id(user),
'email': email,
},
request=request)
send_verification_notification(user,
signer,
template_config,
email=email)
else:
email_field = get_user_setting('EMAIL_FIELD')
setattr(user, email_field, email)
user.save()
return get_ok_response('Register email link email sent')
def create_verification_notification(
user, params_signer, template_config_data, email=None):
if email is None:
email_field = get_user_setting('EMAIL_FIELD')
email = getattr(user, email_field)
from_email = registration_settings.VERIFICATION_FROM_EMAIL
reply_to_email = (registration_settings.VERIFICATION_REPLY_TO_EMAIL or
from_email)
context = {
'user': user,
'email': email,
'verification_url': params_signer.get_url(),
}
template_config = parse_template_config(template_config_data)
subject = render_to_string(
template_config.subject_template_name, context=context).strip()
text_body = template_config.text_body_processor(
render_to_string(
template_config.text_body_template_name, context=context))
email_msg = EmailMultiAlternatives(
subject, text_body, from_email, [email], reply_to=[reply_to_email])
if template_config.html_body_template_name:
html_body = render_to_string(
template_config.html_body_template_name, context=context)
email_msg.attach_alternative(html_body, 'text/html')
return email_msg
def register(request):
'''
Register new user.
'''
# Check reCaptcha
serializer_class = registration_settings.REGISTER_SERIALIZER_CLASS
serializer = serializer_class(data=request.data)
serializer.is_valid(raise_exception=True)
kwargs = {}
if registration_settings.REGISTER_VERIFICATION_ENABLED:
verification_flag_field = get_user_setting('VERIFICATION_FLAG_FIELD')
kwargs[verification_flag_field] = False
email_field = get_user_setting('EMAIL_FIELD')
if (email_field not in serializer.validated_data
or not serializer.validated_data[email_field]):
raise BadRequest("User without email cannot be verified")
# Check if reCaptcha is enabled
if registration_settings.RECAPTCHA_ENABLED:
recaptcha_key = get_user_setting('RECAPTCHA_KEY')
recaptcha_token = request.data.get('recaptcha_token', None)
if recaptcha_key is None:
raise BadRequest("reCaptcha enabled, missing key")
if recaptcha_token is None:
raise BadRequest("reCaptcha enabled, missing token")
if not check_recaptcha_token:
raise BadRequest("Error with reCaptcha token")
user = serializer.save(**kwargs)
output_serializer_class = registration_settings.REGISTER_OUTPUT_SERIALIZER_CLASS # noqa: E501
output_serializer = output_serializer_class(instance=user)
user_data = output_serializer.data
if registration_settings.REGISTER_VERIFICATION_ENABLED:
signer = RegisterSigner({
'user_id': user.pk,
}, request=request)
template_config = (
registration_settings.REGISTER_VERIFICATION_EMAIL_TEMPLATES)
send_verification_notification(user, signer, template_config)
return Response(user_data, status=status.HTTP_201_CREATED)
def process_verify_email_data(input_data):
if not registration_settings.REGISTER_EMAIL_VERIFICATION_ENABLED:
raise Http404()
serializer = VerifyEmailSerializer(data=input_data)
serializer.is_valid(raise_exception=True)
data = serializer.validated_data
signer = RegisterEmailSigner(data)
verify_signer_or_bad_request(signer)
email_field = get_user_setting('EMAIL_FIELD')
user = get_user_by_id(data['user_id'])
setattr(user, email_field, data['email'])
user.save()
def process_verify_registration_data(input_data):
if not registration_settings.REGISTER_VERIFICATION_ENABLED:
raise Http404()
serializer = VerifyRegistrationSerializer(data=input_data)
serializer.is_valid(raise_exception=True)
data = serializer.validated_data
signer = RegisterSigner(data)
verify_signer_or_bad_request(signer)
verification_flag_field = get_user_setting('VERIFICATION_FLAG_FIELD')
user = get_user_by_id(data['user_id'], require_verified=False)
setattr(user, verification_flag_field, True)
user.save()
def _calculate_salt(self, data):
if registration_settings.REGISTER_VERIFICATION_ONE_TIME_USE:
user = get_user_by_verification_id(data['user_id'],
require_verified=False)
# Use current user verification flag as a part of the salt.
# If the verification flag gets changed, then assume that
# the change was caused by previous verification and the signature
# is not valid anymore because changed user verification flag
# implies changed salt used when verifying the input data.
verification_flag_field = get_user_setting(
'VERIFICATION_FLAG_FIELD')
verification_flag = getattr(user, verification_flag_field)
salt = '{self.SALT_BASE}:{verification_flag}'.format(
self=self, verification_flag=verification_flag)
else:
salt = self.SALT_BASE
return salt
def register(request):
'''
Register new user.
'''
serializer_class = registration_settings.REGISTER_SERIALIZER_CLASS
serializer = serializer_class(
data=request.data,
context={'request': request},
)
serializer.is_valid(raise_exception=True)
kwargs = {}
if registration_settings.REGISTER_VERIFICATION_ENABLED:
verification_flag_field = get_user_setting('VERIFICATION_FLAG_FIELD')
kwargs[verification_flag_field] = False
email_field_name = get_user_email_field_name()
if (email_field_name not in serializer.validated_data
or not serializer.validated_data[email_field_name]):
raise BadRequest("User without email cannot be verified")
with transaction.atomic():
user = serializer.save(**kwargs)
if registration_settings.REGISTER_VERIFICATION_ENABLED:
signer = RegisterSigner({
'user_id': get_user_verification_id(user),
}, request=request)
template_config_data = registration_settings.REGISTER_VERIFICATION_EMAIL_TEMPLATES # noqa: E501
notification_data = {
'params_signer': signer,
}
send_verification_notification(
NotificationType.REGISTER_VERIFICATION, user,
notification_data, template_config_data)
signals.user_registered.send(sender=None, user=user, request=request)
output_serializer_class = registration_settings.REGISTER_OUTPUT_SERIALIZER_CLASS # noqa: E501
output_serializer = output_serializer_class(
instance=user,
context={'request': request},
)
user_data = output_serializer.data
return Response(user_data, status=status.HTTP_201_CREATED)
def get_login_fields():
user_class = get_user_model()
return get_user_setting('LOGIN_FIELDS') or [user_class.USERNAME_FIELD]
def _get_user_by_email_or_none(self, email):
email_field = get_user_setting('EMAIL_FIELD')
return get_user_by_lookup_dict({email_field: email},
default=None,
require_verified=False)