def choose_register(request):
"""
Choose register
"""
login_bg_image_path = get_login_bg_image_path()
return render(request, 'choose_register.html',
{'login_bg_image_path': login_bg_image_path})
def choose_register(request):
"""
Choose register
"""
login_bg_image_path = get_login_bg_image_path()
return render(request, 'choose_register.html', {
'enable_weixin': ENABLE_WEIXIN,
'login_bg_image_path': login_bg_image_path
})
def dtable_share_link_view(request, token):
dsl = DTableShareLinks.objects.filter(token=token).first()
if not dsl:
return render_error(request, _('Share link does not exist'))
if dsl.is_expired():
return render_error(request, _('Share link has expired'))
shared_user = email2nickname(dsl.username)
login_bg_image_path = get_login_bg_image_path()
if isinstance(request.user, AnonymousUser):
return render(
request, 'dtable_share_react.html', {
'shared_user': shared_user,
'table_name': dsl.dtable.name,
'next': '/dtable/links/%s' % dsl.token,
'login_bg_image_path': login_bg_image_path,
'powered_by_link': POWERED_BY_LINK
})
# resource check
workspace_id = dsl.dtable.workspace.id
workspace = Workspaces.objects.get_workspace_by_id(workspace_id)
if not workspace:
raise Http404
name = dsl.dtable.name
dtable = DTables.objects.get_dtable(workspace, name)
if not dtable:
return render_error(request, _('DTable does not exist'))
current_username = request.user.username
try:
if current_username not in list_dtable_related_users(
workspace, dtable):
obj = DTableShare.objects.get_by_dtable_and_to_user(
dtable, current_username)
if not obj:
DTableShare.objects.add(dtable, dsl.username, current_username,
dsl.permission)
share_dtable_to_user.send(sender=None,
table_id=dtable.id,
share_user=dsl.username,
to_user=current_username)
except Exception as e:
logger.error(
'take user: %s to table: %s table-token: %s share-list error: %s',
current_username, dsl.dtable_id, token, e)
return render_error(request, _('Internal Server Error.'))
return HttpResponseRedirect(
reverse('dtable:dtable_file_view', args=(workspace_id, name)))
def get_context_data(self, form, **kwargs):
"""
Adds user's default and backup OTP devices to the context.
"""
context = super(TwoFactorVerifyView, self).get_context_data(form, **kwargs)
if self.steps.current == 'token':
context['device'] = self.get_device()
device = StaticDevice.objects.device_for_user(self.user.username)
context['backup_tokens'] = device.token_set.count() if device else 0
context['cancel_url'] = settings.LOGOUT_URL
context['form_prefix'] = '%s-' % self.steps.current
login_bg_image_path = get_login_bg_image_path()
context['login_bg_image_path'] = login_bg_image_path
context['remember_days'] = settings.TWO_FACTOR_DEVICE_REMEMBER_DAYS
return context
def register(request, backend, success_url=None, form_class=None,
disallowed_url='registration_disallowed',
template_name='registration/registration_form.html',
extra_context=None):
"""
Allow a new user to register an account.
The actual registration of the account will be delegated to the
backend specified by the ``backend`` keyword argument (see below);
it will be used as follows:
1. The backend's ``registration_allowed()`` method will be called,
passing the ``HttpRequest``, to determine whether registration
of an account is to be allowed; if not, a redirect is issued to
the view corresponding to the named URL pattern
``registration_disallowed``. To override this, see the list of
optional arguments for this view (below).
2. The form to use for account registration will be obtained by
calling the backend's ``get_form_class()`` method, passing the
``HttpRequest``. To override this, see the list of optional
arguments for this view (below).
3. If valid, the form's ``cleaned_data`` will be passed (as
keyword arguments, and along with the ``HttpRequest``) to the
backend's ``register()`` method, which should return the new
``User`` object.
4. Upon successful registration, the backend's
``post_registration_redirect()`` method will be called, passing
the ``HttpRequest`` and the new ``User``, to determine the URL
to redirect the user to. To override this, see the list of
optional arguments for this view (below).
**Required arguments**
None.
**Optional arguments**
``backend``
The dotted Python import path to the backend class to use.
``disallowed_url``
URL to redirect to if registration is not permitted for the
current ``HttpRequest``. Must be a value which can legally be
passed to ``django.shortcuts.redirect``. If not supplied, this
will be whatever URL corresponds to the named URL pattern
``registration_disallowed``.
``form_class``
The form class to use for registration. If not supplied, this
will be retrieved from the registration backend.
``extra_context``
A dictionary of variables to add to the template context. Any
callable object in this dictionary will be called to produce
the end result which appears in the context.
``success_url``
URL to redirect to after successful registration. Must be a
value which can legally be passed to
``django.shortcuts.redirect``. If not supplied, this will be
retrieved from the registration backend.
``template_name``
A custom template to use. If not supplied, this will default
to ``registration/registration_form.html``.
**Context:**
``form``
The registration form.
Any extra variables supplied in the ``extra_context`` argument
(see above).
**Template:**
registration/registration_form.html or ``template_name`` keyword
argument.
"""
if not config.ENABLE_SIGNUP:
raise Http404
if config.ACTIVATE_AFTER_REGISTRATION:
success_url = settings.SITE_ROOT
backend = get_backend(backend)
if not backend.registration_allowed(request):
return redirect(disallowed_url)
if form_class is None:
form_class = backend.get_form_class(request)
if request.method == 'POST':
form = form_class(data=request.POST, files=request.FILES)
if form.is_valid():
new_user = backend.register(request, **form.cleaned_data)
if success_url is None:
to, args, kwargs = backend.post_registration_redirect(request, new_user)
return redirect(to, *args, **kwargs)
else:
return redirect(success_url)
else:
userid = request.GET.get('userid', '')
form = form_class(initial={'userid': userid })
if extra_context is None:
extra_context = {}
from django.template import RequestContext
context = {}
for key, value in list(extra_context.items()):
context[key] = callable(value) and value() or value
src = request.GET.get('src', '')
if src:
form = form_class(initial={'email': src})
context['form'] = form
context['min_len'] = config.USER_PASSWORD_MIN_LENGTH
context['strong_pwd_required'] = config.USER_STRONG_PASSWORD_REQUIRED
context['level'] = config.USER_PASSWORD_STRENGTH_LEVEL
login_bg_image_path = get_login_bg_image_path()
context['login_bg_image_path'] = login_bg_image_path
return render(request, template_name, context)
def org_register(request, redirect_field_name=REDIRECT_FIELD_NAME):
"""Allow a new user to register an organization account. A new
organization will be created associate with that user.
Arguments:
- `request`:
"""
login_bg_image_path = get_login_bg_image_path()
redirect_to = request.GET.get(redirect_field_name)
if request.method == 'POST':
form = OrgRegistrationForm(request.POST)
if ORG_AUTO_URL_PREFIX:
# generate url prefix automatically
url_prefix = gen_org_url_prefix(3)
if url_prefix is None:
messages.error(request, "Failed to create organization account, please try again later.")
return render(request, 'organizations/org_register.html', {
'form': form,
'login_bg_image_path': login_bg_image_path,
'org_auto_url_prefix': ORG_AUTO_URL_PREFIX,
})
if form.is_valid():
name = form.cleaned_data['name']
email = form.cleaned_data['email']
password = form.cleaned_data['password1']
org_name = form.cleaned_data['org_name']
new_user = User.objects.create_user(email, password,
is_staff=False, is_active=True)
create_org(org_name, url_prefix, new_user.username)
new_org = get_org_by_url_prefix(url_prefix)
org_created.send(sender=None, org=new_org)
if name:
Profile.objects.add_or_update(new_user.username, name)
# login the user
new_user.backend = settings.AUTHENTICATION_BACKENDS[0]
login(request, new_user)
if not redirect_to:
return HttpResponseRedirect(reverse('dtable'))
else:
return HttpResponseRedirect(redirect_to)
else:
form = OrgRegistrationForm()
service_url = get_service_url()
up = urlparse(service_url)
service_url_scheme = up.scheme
service_url_remaining = up.netloc + up.path
return render(request, 'organizations/org_register.html', {
'form': form,
'login_bg_image_path': login_bg_image_path,
'service_url_scheme': service_url_scheme,
'service_url_remaining': service_url_remaining,
'org_auto_url_prefix': ORG_AUTO_URL_PREFIX,
'redirect_to': redirect_to or reverse('dtable'),
})
def login(request,
template_name='registration/login.html',
redirect_if_logged_in=None,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""Displays the login form and handles the login action."""
if request.user.is_authenticated() and redirect_if_logged_in:
return HttpResponseRedirect(reverse(redirect_if_logged_in))
redirect_to = request.GET.get(redirect_field_name, '')
ip = get_remote_ip(request)
if request.method == "POST":
login = request.POST.get('login', '').strip()
failed_attempt = get_login_failed_attempts(username=login, ip=ip)
remember_me = True if request.POST.get('remember_me',
'') == 'on' else False
redirect_to = request.POST.get(redirect_field_name, '') or redirect_to
# check the form
used_captcha_already = False
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form(data=request.POST)
else:
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
form = CaptchaAuthenticationForm(data=request.POST)
used_captcha_already = True
else:
form = authentication_form(data=request.POST)
if form.is_valid():
return _handle_login_form_valid(request, form.get_user(),
redirect_to, remember_me)
# form is invalid
user_logged_in_failed.send(sender=None, request=request)
failed_attempt = incr_login_failed_attempts(username=login, ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
# log user in if password is valid otherwise freeze account
logger.warn(
'Login attempt limit reached, try freeze the user, email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
email = Profile.objects.get_username_by_login_id(login)
if email is None:
email = login
try:
user = User.objects.get(email)
if user.is_active:
user.freeze_user(notify_admins=True)
logger.warn(
'Login attempt limit reached, freeze the user email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
except User.DoesNotExist:
logger.warn(
'Login attempt limit reached with invalid email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
pass
form.errors['freeze_account'] = _(
'This account has been frozen due to too many failed login attempts.'
)
else:
# use a new form with Captcha
logger.warn(
'Login attempt limit reached, show Captcha, email/username: %s, ip: %s, attemps: %d'
% (login, ip, failed_attempt))
if not used_captcha_already:
form = CaptchaAuthenticationForm()
else:
### GET
failed_attempt = get_login_failed_attempts(ip=ip)
if failed_attempt >= config.LOGIN_ATTEMPT_LIMIT:
if bool(config.FREEZE_USER_ON_LOGIN_FAILED) is True:
form = authentication_form()
else:
logger.warn(
'Login attempt limit reached, show Captcha, ip: %s, attempts: %d'
% (ip, failed_attempt))
form = CaptchaAuthenticationForm()
else:
form = authentication_form()
request.session.set_test_cookie()
current_site = get_current_site(request)
multi_tenancy = getattr(settings, 'MULTI_TENANCY', False)
if config.ENABLE_SIGNUP:
if multi_tenancy:
org_account_only = getattr(settings, 'FORCE_ORG_REGISTER', False)
if org_account_only:
signup_url = reverse('org_register')
else:
signup_url = reverse('choose_register')
else:
signup_url = reverse('registration_register')
else:
signup_url = ''
enable_sso = getattr(settings, 'ENABLE_SHIB_LOGIN', False) or \
getattr(settings, 'ENABLE_KRB5_LOGIN', False) or \
getattr(settings, 'ENABLE_ADFS_LOGIN', False) or \
getattr(settings, 'ENABLE_OAUTH', False) or \
getattr(settings, 'ENABLE_CAS', False)
login_bg_image_path = get_login_bg_image_path()
return render(
request, template_name, {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': get_site_name(),
'remember_days': config.LOGIN_REMEMBER_DAYS,
'signup_url': signup_url,
'enable_sso': enable_sso,
'login_bg_image_path': login_bg_image_path,
})
