def login_confirmation(request, template_name='secureauth/confirmation.html',
authentication_form=ConfirmAuthenticationForm,
extra_context=None, current_app=None
): # pylint: disable=R0913
if CHECK_ATTEMPT and UserAuthAttempt.is_banned(request):
return HttpResponseBadRequest()
data = get_data(request)
if extra_context is None and data.get('extra_context'):
extra_context = data.get('extra_context')
if hasattr(request, 'user') and request.user.is_authenticated():
return HttpResponseRedirect(data.get('redirect_to', '/'))
elif request.method == "POST":
form = authentication_form(data, request.POST)
if form.is_valid():
user = form.get_user()
if user and data.get('user_pk') == user.pk:
auth_login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if UserAuthLogging.is_enabled(request):
UserAuthActivity.check_location(request)
UserAuthActivity.log_auth(
request, form.cleaned_data.get('auth_type'))
UserAuthNotification.notify(request)
UserAuthAttempt.remove(request)
request.session['ip'] = get_ip(request)
return HttpResponseRedirect(data.get('redirect_to'))
else:
return HttpResponseBadRequest()
elif CHECK_ATTEMPT is True:
UserAuthAttempt.clean()
UserAuthAttempt.store(request)
else:
form = authentication_form(data)
request.session.set_test_cookie()
current_site = get_current_site(request)
context = {
'form': form,
'site': current_site,
'site_name': current_site.name,
'data': request.GET.get('data'),
}
if extra_context is not None:
context.update(extra_context)
if django.VERSION < (1, 8):
return TemplateResponse(
request, template_name, context, current_app=current_app)
else:
return TemplateResponse(
request, template_name, context)
def login_confirmation(request,
template_name='secureauth/confirmation.html',
authentication_form=ConfirmAuthenticationForm,
extra_context=None,
current_app=None): # pylint: disable=R0913
if CHECK_ATTEMPT and UserAuthAttempt.is_banned(request):
return HttpResponseBadRequest()
data = get_data(request)
if extra_context is None and data.get('extra_context'):
extra_context = data.get('extra_context')
if hasattr(request, 'user') and request.user.is_authenticated():
return HttpResponseRedirect(data.get('redirect_to', '/'))
elif request.method == "POST":
form = authentication_form(data, request.POST)
if form.is_valid():
user = form.get_user()
if user and data.get('user_pk') == user.pk:
auth_login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if UserAuthLogging.is_enabled(request):
UserAuthActivity.check_location(request)
UserAuthActivity.log_auth(
request, form.cleaned_data.get('auth_type'))
UserAuthNotification.notify(request)
UserAuthAttempt.remove(request)
request.session['ip'] = get_ip(request)
return HttpResponseRedirect(data.get('redirect_to'))
else:
return HttpResponseBadRequest()
elif CHECK_ATTEMPT is True:
UserAuthAttempt.clean()
UserAuthAttempt.store(request)
else:
form = authentication_form(data)
request.session.set_test_cookie()
current_site = get_current_site(request)
context = {
'form': form,
'site': current_site,
'site_name': current_site.name,
'data': request.GET.get('data'),
}
if extra_context is not None:
context.update(extra_context)
return TemplateResponse(request,
template_name,
context,
current_app=current_app)
def send_codes(request):
if request.session.get("step") != 3:
raise Http404
elif UserAuthCode.send_codes(request):
messages.info(request, _("Codes were sent to the email"))
UserAuthNotification.notify(request, _("Codes were sent to the email"))
if request.session.get("step"):
del request.session["step"]
return redirect("codes_settings")
def configure(self):
self.form = self.code_form(self.request.user, self.model, self.request.POST or None)
if self.request.method == "POST":
if self.form.is_valid():
self.form.save()
UserAuthNotification.notify(self.request, _("New Auth method was enabled"))
return self._redirect(3)
self.context.update({"personal_data": self.obj[0].get_data()})
return self._render()
def get(self, request, *args, **kwargs):
if request.session.get('step') != 3:
raise Http404
elif UserAuthCode.send_codes(request):
messages.info(request, _('Codes were sent to the email'))
UserAuthNotification.notify(
request, _('Codes were sent to the email'))
if request.session.get('step'):
del request.session['step']
return redirect('codes_settings')
def settings_remove(self):
step = 4 if self.obj.exists() else 1
if SMS_FORCE is True and self.view == "phone_settings":
messages.info(self.request, _("Default backend can not be removed"))
return self._redirect(1)
self.obj.delete()
UserAuthNotification.notify(self.request, _("Auth method was disabled"))
return self._redirect(step)
def get(self, request, *args, **kwargs):
if request.session.get('step') != 3:
raise Http404
elif UserAuthCode.send_codes(request):
messages.info(request, _('Codes were sent to the email'))
UserAuthNotification.notify(request,
_('Codes were sent to the email'))
if request.session.get('step'):
del request.session['step']
return redirect('codes_settings')
def settings_remove(self):
step = 4 if self.obj else 1
if SMS_FORCE is True and self.view == 'phone_settings':
messages.info(self.request,
_('Default backend can not be removed'))
return self._redirect(1)
self.obj and self.obj.delete()
UserAuthNotification.notify(self.request,
_('Auth method was disabled'))
return self._redirect(step)
def login_confirmation(
request,
template_name="secureauth/confirmation.html",
authentication_form=ConfirmAuthenticationForm,
extra_context=None,
current_app=None,
):
if CHECK_ATTEMPT and UserAuthAttempt.is_banned(request):
return HttpResponseBadRequest()
data = _get_data(request)
if extra_context is None and data.get("extra_context"):
extra_context = data.get("extra_context")
if hasattr(request, "user") and request.user.is_authenticated():
return HttpResponseRedirect(data.get("redirect_to", "/"))
elif request.method == "POST":
form = authentication_form(data, request.POST)
if form.is_valid():
user = form.get_user()
if user and data.get("user_pk") == user.pk:
auth_login(request, user)
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
if UserAuthLogging.is_enabled(request):
UserAuthActivity.check_location(request)
UserAuthActivity.log_auth(request, form.cleaned_data.get("auth_type"))
UserAuthNotification.notify(request)
UserAuthAttempt.remove(request)
request.session["ip"] = get_ip(request)
return HttpResponseRedirect(data.get("redirect_to"))
else:
return HttpResponseBadRequest()
elif CHECK_ATTEMPT is True:
UserAuthAttempt.clean()
UserAuthAttempt.store(request)
else:
form = authentication_form(data)
request.session.set_test_cookie()
current_site = get_current_site(request)
context = {"form": form, "site": current_site, "site_name": current_site.name, "data": request.GET.get("data")}
if extra_context is not None:
context.update(extra_context)
return TemplateResponse(request, template_name, context, current_app=current_app)
def form_valid(self, form):
form_set = self.get_form_set()
form.save(commit=False)
form.user = self.request.user
instance = form.save()
if form_set is not None and form_set.is_valid():
form_set.instance = instance
form_set.save()
messages.info(self.request, _('Successfully saved'))
if not form.cleaned_data.get('enabled'):
UserAuthNotification.notify(
self.request, _('Your settings has changed'), force=True)
return redirect(self.view)
def form_valid(self, form):
form_set = self.get_form_set()
form.save(commit=False)
form.user = self.request.user
instance = form.save()
if form_set is not None and form_set.is_valid():
form_set.instance = instance
form_set.save()
messages.info(self.request, _('Successfully saved'))
if not form.cleaned_data.get('enabled'):
UserAuthNotification.notify(self.request,
_('Your settings has changed'),
force=True)
return redirect(self.view)
def _settings_view(request, model_class, form_class, template, redirect_to, form_set=None):
instance = model_class.objects.get_or_create(user=request.user)[0]
data = request.POST or None
form = form_class(request, data, instance=instance)
form_set = form_set and form_set(request.POST or None, instance=instance)
if request.method == "POST" and form.is_valid():
form.save(commit=False)
form.user = request.user
instance = form.save()
if form_set is not None and form_set.is_valid():
form_set.instance = instance
form_set.save()
messages.info(request, _("Successfully saved"))
if not form.cleaned_data.get("enabled"):
UserAuthNotification.notify(request, _("Your settings has changed"), force=True)
return redirect(redirect_to)
return render(request, template, {"form": form, "form_set": form_set})
def form_valid(self, form):
form.save()
UserAuthNotification.notify(self.request,
_('New Auth method was enabled'))
return self._redirect(3)
def form_valid(self, form):
form.save()
UserAuthNotification.notify(
self.request, _('New Auth method was enabled'))
return self._redirect(3)
