def on_success_login(self, req, resp, conn, users_id, auth_token): ip_address = get_client_ip(req) headers = get_hashed_headers(req) csrf_token = gen_csrf_token() delta = timedelta(seconds=settings.USER_AUTH_COOKIE_EXPIRES) utc_expiry = datetime.utcnow() + delta values = { "users_id": users_id, "ip_address": ip_address, "headers": headers, "csrf_token": csrf_token, "cookie_expiry": utc_expiry } db_utils.update(conn, "users_logins", values={"cookie_expiry": datetime.utcnow()}, where={ "users_id": users_id, "ip_address": ip_address, "headers": headers, "cookie_expiry__gt": datetime.utcnow() }) db_utils.insert(conn, "users_logins", values=values) # set cookie expiry = gen_cookie_expiry(utc_expiry) auth_cookie = make_auth_cookie(expiry, csrf_token, auth_token, users_id) set_cookie(resp, USER_AUTH_COOKIE_NAME, auth_cookie, expiry=expiry) self._set_basket_data(req, resp, users_id)
def validate(self, attrs): request = self.context.get('request') user_ip = get_client_ip(request) attrs.update({ 'user_id': request.user.id, 'ip_address': user_ip, }) return attrs
def get(self, request, pk, ext=None): obj = RetirementStatementOfAdvice.objects.get(pk=pk) client_ip = get_client_ip(request) if (ext.lower() == '.pdf'): response = HttpResponse(obj.render_pdf(self.template_name, client_ip=client_ip), content_type='application/pdf') response[ 'Content-Disposition'] = 'inline; filename="statement_%s.pdf"' % obj.date else: response = HttpResponse( obj.render_template(self.template_name, client_ip=client_ip)) return response
def post(self, request, *args, **kwargs): self.request = request self.serializer = self.get_serializer(data=self.request.data, context={'request': request}) try: # the real authenticate process # please refer to `rest_auth.serializer.LoginSerializer` self.serializer.is_valid(raise_exception=True) except ValidationError as e: logger.error(e) return Response({ "data": None, "code": 0 }, status=status.HTTP_401_UNAUTHORIZED) user = self.serializer.validated_data['user'] user.company user.last_login_ip = get_client_ip(request) self.login() user.save(update_fields=['last_login_ip']) serializer = UserSerializer(user) return Response({"data": serializer.data, "code": 0})
def _get_user_info(self, req, resp): remote_resp = data_access(REMOTE_API_NAME.GET_USERINFO, req, resp) err = req.get_param('err') or '' user_profile = {} if remote_resp.get('res') == RESP_RESULT.F: err = remote_resp.get('err') first_time = False else: user_profile = remote_resp first_time = not user_profile['general']['values'][0].get('first_name') # translate name for fs_name, fs in user_profile.iteritems(): if 'name' in fs: fs['name'] = _(fs['name']) if 'fields' in fs: for f_name, f in fs['fields']: f['name'] = _(f['name']) if f['type'] == 'radio': f['accept'] = [[_(n), v] for n, v in f['accept']] # filter country list white_countries = allowed_countries() if white_countries: for f_name, f in user_profile['phone']['fields']: if f_name == 'country_num': f['accept'] = filter(lambda x:x[1] in white_countries, f['accept']) set_default_addr_country = not all( int(addr['id']) for addr in user_profile['address']['values']) set_default_phone_country = not all( int(p['id']) for p in user_profile['phone']['values']) if set_default_addr_country or set_default_phone_country: geolocation = get_location_by_ip(get_client_ip(req)) # give geolocation country calling code if no values if set_default_phone_country: for p in user_profile['phone']['values']: if not int(p['id']): country_code = geolocation['country']['iso_code'] p['country_num'] = unicode2utf8(country_code) # give geolocation country/province if no address values. if set_default_addr_country: for address in user_profile['address']['values']: if not int(address['id']): country_code = geolocation['country']['iso_code'] province_name = geolocation['subdivision']['name'] if country_code and province_name: remote_resp = data_access(REMOTE_API_NAME.AUX, req, resp, get='province_code', ccode=country_code, pname=province_name) address['country_code'] = unicode2utf8(country_code) if remote_resp and isinstance(remote_resp, str) \ and RESP_RESULT.F not in remote_resp: address['province_code'] = unicode2utf8(remote_resp) return {'user_profile': user_profile, 'err': err, 'succ_redirect_to': get_url_format(FRT_ROUTE_ROLE.MY_ACCOUNT), 'first_time': first_time, 'id_order': req.get_param('id_order') or ''}
def _valid_check(self, conn): resp_code = self.request.get_param('RespCode') amount = float(self.request.get_param('Amt')) / 100 order_id = self.request.get_param('Ref') auth = self.request.get_param('Auth') # for a rejected transaction, this parameter is not sent back. if not auth: logging.error( 'paybox_valid_err: rejected transaction for ' 'request %s', self.request.query_string, exc_info=True) raise UserError(ErrorCode.PB_ERR_REJECTED_TRANS[0], ErrorCode.PB_ERR_REJECTED_TRANS[1]) # authorization number is alphanumeric. if not re.match(r'^[a-zA-Z0-9]+$', auth): logging.error( 'paybox_valid_err: wrong authorization number %s for' ' request %s', auth, self.request.query_string, exc_info=True) raise UserError(ErrorCode.PB_ERR_WRONG_AUTH[0], ErrorCode.PB_ERR_WRONG_AUTH[1]) # TODO: check ip address ip_addr = get_client_ip(self.request) logging.info('Paybox IPN request address %s for request %s', ip_addr, self.request.query_string) trans = get_trans_by_id(conn, self.id_trans) if len(trans) == 0: logging.error('paybox_valid_err: trans(%s) not exist %s', self.id_trans, self.request.query_string, exc_info=True) raise UserError(ErrorCode.PB_ERR_NO_TRANS[0], ErrorCode.PB_ERR_NO_TRANS[1]) trans = trans[0] amount_due = float(trans['amount_due']) if amount_due != amount: logging.error( 'paybox_valid_err: paybox amount %s is not same ' 'as expected amount due: %s for request: %s', amount, amount_due, self.request.query_string, exc_info=True) raise UserError(ErrorCode.PB_ERR_WRONG_AMOUNT[0], ErrorCode.PB_ERR_WRONG_AMOUNT[1]) if int(order_id) != int(trans['id_order']): logging.error( 'paybox_valid_err: order_id %s is not same as ' 'expected order_id %s for request: %s', order_id, trans['id_order'], self.request.query_string, exc_info=True) raise UserError(ErrorCode.PB_ERR_WRONG_ORDER[0], ErrorCode.PB_ERR_WRONG_ORDER[1]) return trans
def get(self, request, *args, **kwargs): self.ip = get_client_ip(request) get_location(request) return super(StatView, self).get(request, *args, **kwargs)