def get_react_config(context):
if 'request' in context:
user = getattr(context['request'], 'user', None) or AnonymousUser()
messages = get_messages(context['request'])
try:
is_superuser = context['request'].is_superuser()
except AttributeError:
is_superuser = False
else:
user = None
messages = []
is_superuser = False
if user:
user = extract_lazy_object(user)
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if auth.has_user_registration():
enabled_features.append('auth:register')
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
'singleOrganization': settings.SENTRY_SINGLE_ORGANIZATION,
'supportEmail': get_support_mail(),
'urlPrefix': options.get('system.url-prefix'),
'version': version_info,
'features': enabled_features,
'mediaUrl': get_asset_url('sentry', ''),
'needsUpgrade': needs_upgrade,
'dsn': _get_public_dsn(),
'statuspage': _get_statuspage(),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
'isOnPremise': settings.SENTRY_ONPREMISE,
'invitesEnabled': settings.SENTRY_ENABLE_INVITES,
'gravatarBaseUrl': settings.SENTRY_GRAVATAR_BASE_URL,
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return json.dumps_htmlsafe(context)
def handle_basic_auth(self, request, organization):
can_register = auth.has_user_registration() or request.session.get('can_register')
op = request.POST.get('op')
login_form = self.get_login_form(request)
if can_register:
register_form = self.get_register_form(request)
else:
register_form = None
if can_register and register_form.is_valid():
user = register_form.save()
user.send_confirm_emails(is_new_user=True)
defaults = {
'role': 'member',
}
organization.member_set.create(
user=user,
**defaults
)
# HACK: grab whatever the first backend is and assume it works
user.backend = settings.AUTHENTICATION_BACKENDS[0]
auth.login(request, user, organization_id=organization.id)
# can_register should only allow a single registration
request.session.pop('can_register', None)
return self.redirect(auth.get_login_redirect(request))
elif login_form.is_valid():
auth.login(request, login_form.get_user(),
organization_id=organization.id)
return self.redirect(auth.get_login_redirect(request))
request.session.set_test_cookie()
context = {
'op': op or 'login',
'login_form': login_form,
'register_form': register_form,
'organization': organization,
'CAN_REGISTER': can_register,
}
return self.respond('sentry/organization-login.html', context)
def prepare_login_context(self, request, *args, **kwargs):
can_register = bool(has_user_registration() or request.session.get("can_register"))
context = {
"serverHostname": get_server_hostname(),
"canRegister": can_register,
"hasNewsletter": newsletter.is_enabled(),
}
if "session_expired" in request.COOKIES:
context["warning"] = WARN_SESSION_EXPIRED
context.update(additional_context.run_callbacks(request))
return context
def handle_basic_auth(self, request, organization):
can_register = auth.has_user_registration() or request.session.get(
'can_register')
op = request.POST.get('op')
login_form = self.get_login_form(request)
if can_register:
register_form = self.get_register_form(request)
else:
register_form = None
if can_register and register_form.is_valid():
user = register_form.save()
user.send_confirm_emails(is_new_user=True)
defaults = {
'role': 'member',
}
organization.member_set.create(user=user, **defaults)
# HACK: grab whatever the first backend is and assume it works
user.backend = settings.AUTHENTICATION_BACKENDS[0]
auth.login(request, user, organization_id=organization.id)
# can_register should only allow a single registration
request.session.pop('can_register', None)
return self.redirect(auth.get_login_redirect(request))
elif login_form.is_valid():
auth.login(request,
login_form.get_user(),
organization_id=organization.id)
return self.redirect(auth.get_login_redirect(request))
request.session.set_test_cookie()
context = {
'op': op or 'login',
'login_form': login_form,
'register_form': register_form,
'organization': organization,
'CAN_REGISTER': can_register,
}
return self.respond('sentry/organization-login.html', context)
def prepare_login_context(self, request, *args, **kwargs):
can_register = bool(auth.has_user_registration()
or request.session.get('can_register'))
context = {
'serverHostname': get_server_hostname(),
'canRegister': can_register,
'hasNewsletter': newsletter.is_enabled(),
}
if 'session_expired' in request.COOKIES:
context['warning'] = WARN_SESSION_EXPIRED
context.update(additional_context.run_callbacks(request))
return context
def get_react_config(context):
if 'request' in context:
request = context['request']
user = getattr(request, 'user', None) or AnonymousUser()
messages = get_messages(request)
session = getattr(request, 'session', None)
is_superuser = is_active_superuser(request)
else:
user = None
messages = []
is_superuser = False
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if auth.has_user_registration():
enabled_features.append('auth:register')
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
'singleOrganization':
settings.SENTRY_SINGLE_ORGANIZATION,
'supportEmail':
get_support_mail(),
'urlPrefix':
options.get('system.url-prefix'),
'version':
version_info,
'features':
enabled_features,
'needsUpgrade':
needs_upgrade,
'dsn':
get_public_dsn(),
'statuspage':
_get_statuspage(),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
'isOnPremise':
settings.SENTRY_ONPREMISE,
'invitesEnabled':
settings.SENTRY_ENABLE_INVITES,
'gravatarBaseUrl':
settings.SENTRY_GRAVATAR_BASE_URL,
'termsUrl':
settings.TERMS_URL,
'privacyUrl':
settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
'lastOrganization':
session['activeorg'] if session and 'activeorg' in session else None,
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user, DetailedUserSerializer()),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return json.dumps_htmlsafe(context)
def can_register(self, request):
return bool(auth.has_user_registration() or request.session.get("can_register"))
def handle_basic_auth(self, request):
can_register = auth.has_user_registration() or request.session.get(
'can_register')
op = request.POST.get('op')
# Detect that we are on the register page by url /register/ and
# then activate the register tab by default.
if not op and '/register' in request.path_info and can_register:
op = 'register'
login_form = self.get_login_form(request)
if can_register:
register_form = self.get_register_form(
request,
initial={'username': request.session.get('invite_email', '')})
else:
register_form = None
if can_register and register_form.is_valid():
user = register_form.save()
user.send_confirm_emails(is_new_user=True)
# HACK: grab whatever the first backend is and assume it works
user.backend = settings.AUTHENTICATION_BACKENDS[0]
auth.login(request, user)
# can_register should only allow a single registration
request.session.pop('can_register', None)
request.session.pop('invite_email', None)
return self.redirect(auth.get_login_redirect(request))
elif request.method == 'POST':
from sentry.app import ratelimiter
from sentry.utils.hashlib import md5_text
login_attempt = op == 'login' and request.POST.get(
'username') and request.POST.get('password')
if login_attempt and ratelimiter.is_limited(
u'auth:login:username:{}'.format(
md5_text(
request.POST['username'].lower()).hexdigest()),
limit=10,
window=60, # 10 per minute should be enough for anyone
):
login_form.errors['__all__'] = [
u'You have made too many login attempts. Please try again later.'
]
elif login_form.is_valid():
user = login_form.get_user()
auth.login(request, user)
if not user.is_active:
return self.redirect(reverse('sentry-reactivate-account'))
return self.redirect(auth.get_login_redirect(request))
context = {
'op': op or 'login',
'server_hostname': get_server_hostname(),
'login_form': login_form,
'register_form': register_form,
'CAN_REGISTER': can_register,
}
return self.respond('sentry/login.html', context)
def can_register(self, request, *args, **kwargs):
return bool(auth.has_user_registration()
or request.session.get('can_register'))
def get_client_config(request=None):
"""
Provides initial bootstrap data needed to boot the frontend application.
"""
if request is not None:
user = getattr(request, "user", None) or AnonymousUser()
messages = get_messages(request)
session = getattr(request, "session", None)
is_superuser = is_active_superuser(request)
language_code = getattr(request, "LANGUAGE_CODE", "en")
# User identity is used by the sentry SDK
user_identity = {"ip_address": request.META["REMOTE_ADDR"]}
if user and user.is_authenticated():
user_identity.update({"email": user.email, "id": user.id})
if user.name:
user_identity["name"] = user.name
else:
user = None
user_identity = {}
messages = []
is_superuser = False
language_code = "en"
enabled_features = []
if features.has("organizations:create", actor=user):
enabled_features.append("organizations:create")
if auth.has_user_registration():
enabled_features.append("auth:register")
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
"singleOrganization":
settings.SENTRY_SINGLE_ORGANIZATION,
"supportEmail":
get_support_mail(),
"urlPrefix":
options.get("system.url-prefix"),
"version":
version_info,
"features":
enabled_features,
"distPrefix":
get_asset_url("sentry", "dist/"),
"needsUpgrade":
needs_upgrade,
"dsn":
_get_public_dsn(),
"statuspage":
_get_statuspage(),
"messages": [{
"message": msg.message,
"level": msg.tags
} for msg in messages],
"isOnPremise":
settings.SENTRY_ONPREMISE,
"invitesEnabled":
settings.SENTRY_ENABLE_INVITES,
"gravatarBaseUrl":
settings.SENTRY_GRAVATAR_BASE_URL,
"termsUrl":
settings.TERMS_URL,
"privacyUrl":
settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
"lastOrganization":
session["activeorg"] if session and "activeorg" in session else None,
"languageCode":
language_code,
"userIdentity":
user_identity,
"csrfCookieName":
settings.CSRF_COOKIE_NAME,
"sentryConfig": {
"dsn": _get_public_dsn(),
"release": version_info["build"],
"whitelistUrls": list(settings.ALLOWED_HOSTS),
},
}
if user and user.is_authenticated():
context.update({
"isAuthenticated": True,
"user": serialize(user, user, DetailedUserSerializer())
})
context["user"]["isSuperuser"] = is_superuser
else:
context.update({"isAuthenticated": False, "user": None})
return context
def get_client_config(request=None):
"""
Provides initial bootstrap data needed to boot the frontend application.
"""
if request is not None:
user = getattr(request, "user", None) or AnonymousUser()
messages = get_messages(request)
session = getattr(request, "session", None)
is_superuser = is_active_superuser(request)
language_code = getattr(request, "LANGUAGE_CODE", "en")
# User identity is used by the sentry SDK
user_identity = {"ip_address": request.META["REMOTE_ADDR"]}
if user and user.is_authenticated():
user_identity.update({
"email": user.email,
"id": user.id,
"isStaff": user.is_staff
})
if user.name:
user_identity["name"] = user.name
else:
user = None
user_identity = {}
messages = []
session = None
is_superuser = False
language_code = "en"
enabled_features = []
if features.has("organizations:create", actor=user):
enabled_features.append("organizations:create")
if auth.has_user_registration():
enabled_features.append("auth:register")
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
public_dsn = _get_public_dsn()
context = {
"singleOrganization":
settings.SENTRY_SINGLE_ORGANIZATION,
"supportEmail":
get_support_mail(),
"urlPrefix":
options.get("system.url-prefix"),
"version":
version_info,
"features":
enabled_features,
"distPrefix":
get_asset_url("sentry", "dist/"),
"needsUpgrade":
needs_upgrade,
"dsn":
public_dsn,
"dsn_requests":
_get_dsn_requests(),
"statuspage":
_get_statuspage(),
"messages": [{
"message": msg.message,
"level": msg.tags
} for msg in messages],
"apmSampling":
float(settings.SENTRY_FRONTEND_APM_SAMPLING or 0),
"isOnPremise":
settings.SENTRY_ONPREMISE,
"invitesEnabled":
settings.SENTRY_ENABLE_INVITES,
"gravatarBaseUrl":
settings.SENTRY_GRAVATAR_BASE_URL,
"termsUrl":
settings.TERMS_URL,
"privacyUrl":
settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
"lastOrganization":
session["activeorg"] if session and "activeorg" in session else None,
"languageCode":
language_code,
"userIdentity":
user_identity,
"csrfCookieName":
settings.CSRF_COOKIE_NAME,
"sentryConfig": {
"dsn":
public_dsn,
"release":
settings.SENTRY_SDK_CONFIG["release"],
"environment":
settings.SENTRY_SDK_CONFIG["environment"],
# By default `ALLOWED_HOSTS` is [*], however the JS SDK does not support globbing
"whitelistUrls": (settings.SENTRY_FRONTEND_WHITELIST_URLS
if settings.SENTRY_FRONTEND_WHITELIST_URLS else
list("" if settings.ALLOWED_HOSTS ==
["*"] else settings.ALLOWED_HOSTS)),
},
}
if user and user.is_authenticated():
context.update({
"isAuthenticated": True,
"user": serialize(user, user, DetailedUserSerializer())
})
if request.user.is_superuser:
# Note: This intentionally does not use the "active" superuser flag as
# the frontend should only ever use this flag as a hint that the user can be a superuser
# the API will always need to check for active superuser.
#
# This is needed in the case where you access a different org and get denied, but the UI
# can open the sudo dialog if you are an "inactive" superuser
context["user"]["isSuperuser"] = request.user.is_superuser
else:
context.update({"isAuthenticated": False, "user": None})
return context
def can_register(self, request, *args, **kwargs):
return bool(auth.has_user_registration() or request.session.get('can_register'))
def get_react_config(context):
if 'request' in context:
request = context['request']
user = getattr(request, 'user', None) or AnonymousUser()
messages = get_messages(request)
session = getattr(request, 'session', None)
is_superuser = is_active_superuser(request)
language_code = getattr(request, 'LANGUAGE_CODE', 'en')
else:
user = None
messages = []
is_superuser = False
language_code = 'en'
# User identity is used by the sentry SDK
if request and user:
user_identity = {'ip_address': request.META['REMOTE_ADDR']}
if user and user.is_authenticated():
user_identity.update({
'email': user.email,
'id': user.id,
})
if user.name:
user_identity['name'] = user.name
else:
user_identity = {}
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if auth.has_user_registration():
enabled_features.append('auth:register')
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
'singleOrganization': settings.SENTRY_SINGLE_ORGANIZATION,
'supportEmail': get_support_mail(),
'urlPrefix': options.get('system.url-prefix'),
'version': version_info,
'features': enabled_features,
'distPrefix': get_asset_url('sentry', 'dist/'),
'needsUpgrade': needs_upgrade,
'dsn': _get_public_dsn(),
'statuspage': _get_statuspage(),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
'isOnPremise': settings.SENTRY_ONPREMISE,
'invitesEnabled': settings.SENTRY_ENABLE_INVITES,
'gravatarBaseUrl': settings.SENTRY_GRAVATAR_BASE_URL,
'termsUrl': settings.TERMS_URL,
'privacyUrl': settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
'lastOrganization': session['activeorg'] if session and 'activeorg' in session else None,
'languageCode': language_code,
'userIdentity': user_identity,
'csrfCookieName': settings.CSRF_COOKIE_NAME,
'sentryConfig': {
'dsn': _get_public_dsn(),
'release': version_info['build'],
'whitelistUrls': list(settings.ALLOWED_HOSTS),
},
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user, DetailedUserSerializer()),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return json.dumps_htmlsafe(context)
def get_react_config(context):
if 'request' in context:
user = getattr(context['request'], 'user', None) or AnonymousUser()
messages = get_messages(context['request'])
session = getattr(context['request'], 'session', None)
try:
is_superuser = context['request'].is_superuser()
except AttributeError:
is_superuser = False
else:
user = None
messages = []
is_superuser = False
if user:
user = extract_lazy_object(user)
is_superuser = user.is_superuser
enabled_features = []
if features.has('organizations:create', actor=user):
enabled_features.append('organizations:create')
if auth.has_user_registration():
enabled_features.append('auth:register')
version_info = _get_version_info()
needs_upgrade = False
if is_superuser:
needs_upgrade = _needs_upgrade()
context = {
'singleOrganization': settings.SENTRY_SINGLE_ORGANIZATION,
'supportEmail': get_support_mail(),
'urlPrefix': options.get('system.url-prefix'),
'version': version_info,
'features': enabled_features,
'mediaUrl': get_asset_url('sentry', ''),
'needsUpgrade': needs_upgrade,
'dsn': get_public_dsn(),
'statuspage': _get_statuspage(),
'messages': [{
'message': msg.message,
'level': msg.tags,
} for msg in messages],
'isOnPremise': settings.SENTRY_ONPREMISE,
'invitesEnabled': settings.SENTRY_ENABLE_INVITES,
'gravatarBaseUrl': settings.SENTRY_GRAVATAR_BASE_URL,
'termsUrl': settings.TERMS_URL,
'privacyUrl': settings.PRIVACY_URL,
# Note `lastOrganization` should not be expected to update throughout frontend app lifecycle
# It should only be used on a fresh browser nav to a path where an
# organization is not in context
'lastOrganization': session['activeorg'] if session and 'activeorg' in session else None,
}
if user and user.is_authenticated():
context.update({
'isAuthenticated': True,
'user': serialize(user, user, DetailedUserSerializer()),
})
context['user']['isSuperuser'] = is_superuser
else:
context.update({
'isAuthenticated': False,
'user': None,
})
return json.dumps_htmlsafe(context)
def handle_basic_auth(self, request):
can_register = auth.has_user_registration() or request.session.get('can_register')
op = request.POST.get('op')
# Detect that we are on the register page by url /register/ and
# then activate the register tab by default.
if not op and '/register' in request.path_info and can_register:
op = 'register'
login_form = self.get_login_form(request)
if can_register:
register_form = self.get_register_form(request, initial={
'username': request.session.get('invite_email', '')
})
else:
register_form = None
if can_register and register_form.is_valid():
user = register_form.save()
user.send_confirm_emails(is_new_user=True)
# HACK: grab whatever the first backend is and assume it works
user.backend = settings.AUTHENTICATION_BACKENDS[0]
auth.login(request, user)
# can_register should only allow a single registration
request.session.pop('can_register', None)
request.session.pop('invite_email', None)
return self.redirect(auth.get_login_redirect(request))
elif request.method == 'POST':
from sentry.app import ratelimiter
from sentry.utils.hashlib import md5_text
login_attempt = op == 'login' and request.POST.get('username') and request.POST.get('password')
if login_attempt and ratelimiter.is_limited(
u'auth:login:username:{}'.format(md5_text(request.POST['username'].lower()).hexdigest()),
limit=10, window=60, # 10 per minute should be enough for anyone
):
login_form.errors['__all__'] = [u'You have made too many login attempts. Please try again later.']
elif login_form.is_valid():
user = login_form.get_user()
auth.login(request, user)
if not user.is_active:
return self.redirect(reverse('sentry-reactivate-account'))
return self.redirect(auth.get_login_redirect(request))
context = {
'op': op or 'login',
'server_hostname': get_server_hostname(),
'login_form': login_form,
'register_form': register_form,
'CAN_REGISTER': can_register,
}
return self.respond('sentry/login.html', context)