def handle(self, *args, **options): usernames = options['username'] salt = options['salt'] if options['email_template'] is None: for username in usernames: self.stdout.write(self.style.SUCCESS( '{} {}'.format(username, compute_token(salt, username)))) else: filename = os.path.join(settings.DATA_DIR, options['email_template']) with open(filename, 'r') as f: newsletter = yaml.safe_load(f) message = Template(newsletter['body']) queryset = get_user_model().objects.filter(profile__newsletter_ok=True) if '*' not in usernames: queryset = queryset.filter(username__in=usernames) nb_mails = queryset.count() for rank, user in enumerate(queryset, start=1): if user.email: token = compute_token(salt, user.username) ok = send_mail( newsletter['subject'], message.render(username=user.username, token=token), newsletter['from'], [user.email], fail_silently=False) prefix = '[{} / {}]'.format(rank, nb_mails) if ok: self.stdout.write(self.style.SUCCESS('{}: {} OK'.format(prefix, user.username))) else: self.stdout.write(self.style.ERROR('{}: {} NOK'.format(prefix, user.username)))
def update_research(request): is_ok = None if request.user.is_authenticated and request.method == 'POST' and 'research_ok' in request.POST: # Toggle on one's profile username = request.user.username is_ok = request.POST.get('research_ok') == 'true' Profile.objects.filter(user__username=username).update(research_ok=is_ok) return HttpResponse() if request.method == 'POST': # Confirmed from mail link is_ok = 'yes' in request.POST username = request.POST.get('username') token = request.POST.get('token') elif request.method == 'GET': # Clicked on mail link username = request.GET.get('username') token = request.GET.get('token') expected_token = compute_token(KYOTO_SALT, username) if not constant_time_compare(token, expected_token): # If the token is invalid # Add an error message messages.error(request, 'Vous n\'êtes pas autorisé à effectuer cette action.') return render(request, 'research.html', status=401) # Unauthorized elif is_ok is not None: message = 'Votre profil a bien été mis à jour. ' if is_ok: message += 'Merci. Vos données seront présentes dans le data challenge de Kyoto.' else: message += 'Vos données ne feront pas partie du data challenge de Kyoto.' Profile.objects.filter(user__username=username).update(research_ok=is_ok) messages.success(request, message) return render(request, 'research.html') return render(request, 'research.html', {'username': username, 'token': token})
def update_settings(request): is_ok = None if request.method == 'POST': # Confirmed from mail link is_ok = 'yes' in request.POST username = request.POST.get('username') token = request.POST.get('token') elif request.method == 'GET': # Clicked on mail link username = request.GET.get('username') token = request.GET.get('token') expected_token = compute_token(NEWS_SALT, username) if not constant_time_compare(token, expected_token): # If the token is invalid, add an error message messages.error(request, 'Vous n\'êtes pas autorisé à effectuer cette action.') return render(request, 'settings.html', status=401) # Unauthorized elif is_ok is not None: message = 'Votre profil a bien été mis à jour. ' if is_ok: message += 'Profitez bien de Mangaki !' else: message += 'Vous ne recevrez plus de mails de notre part.' Profile.objects.filter(user__username=username).update( newsletter_ok=is_ok) messages.success(request, message) return render(request, 'settings.html') return render(request, 'settings.html', { 'username': username, 'token': token })
def setUp(self): self.username = '******' self.user = get_user_model().objects.create_user( username=self.username, password='******') self.settings_url = reverse('settings') self.bad_token = 'xxx' self.good_token = compute_token(NEWS_SALT, self.username)
def setUp(self): self.username = '******' self.user = get_user_model().objects.create_user( username=self.username, password='******') self.research_url = reverse('research') self.bad_token = 'xxx' self.good_token = compute_token(KYOTO_SALT, self.username)
def test_tokens(self): management.call_command( 'tokens', 'DR', '--salt', 'PEPPER', # HA HA stdout=self.stdout) self.assertEquals(self.stdout.getvalue(), 'DR {:s}\n'.format(compute_token('PEPPER', 'DR')))