Exemple #1
0
    def authenticate(self, email=None, password=None, *args, **kwargs):
        if email is None:
            if 'username' not in kwargs or kwargs['username'] is None:
                return None
            clean_email = normalise_email(kwargs['username'])
        else:
            clean_email = normalise_email(email)

        # Check if we're dealing with an email address
        if '@' not in clean_email:
            return None

        # Since Django doesn't enforce emails to be unique, we look for all
        # matching users and try to authenticate them all. Note that we
        # intentionally allow multiple users with the same email address
        # (has been a requirement in larger system deployments),
        # we just enforce that they don't share the same password.
        # We make a case-insensitive match when looking for emails.
        matching_users = User.objects.filter(email__iexact=clean_email)
        authenticated_users = [
            user for user in matching_users if user.check_password(password)
        ]
        if len(authenticated_users) == 1:
            # Happy path
            return authenticated_users[0]
        elif len(authenticated_users) > 1:
            # This is the problem scenario where we have multiple users with
            # the same email address AND password. We can't safely authenticate
            # either.
            raise User.MultipleObjectsReturned(
                "There are multiple users with the given email address and "
                "password")
        return None
Exemple #2
0
    def authenticate(self, email=None, password=None, *args, **kwargs):
        if email is None:
            if 'username' not in kwargs or kwargs['username'] is None:
                return None
            clean_email = normalise_email(kwargs['username'])
        else:
            clean_email = normalise_email(email)

        # Check if we're dealing with an email address
        if '@' not in clean_email:
            return None

        # Since Django doesn't enforce emails to be unique, we look for all
        # matching users and try to authenticate them all.  If we get more than
        # one success, then we mail admins as this is a problem.
        authenticated_users = []
        matching_users = User.objects.filter(email=clean_email)
        for user in matching_users:
            if user.check_password(password):
                authenticated_users.append(user)
        if len(authenticated_users) == 1:
            # Happy path
            return authenticated_users[0]
        elif len(authenticated_users) > 1:
            # This is the problem scenario where we have multiple users with
            # the same email address AND password.  We can't safely authentiate
            # either.  This situation requires intervention by an admin and so
            # we mail them to let them know!
            mail_admins(
                "There are multiple users with email address: %s" %
                clean_email,
                ("There are %s users with email %s and the same password "
                 "which means none of them are able to authenticate") %
                (len(authenticated_users), clean_email))
        return None
Exemple #3
0
    def _authenticate(self, request, email=None, password=None, *args, **kwargs):
        if email is None:
            if 'username' not in kwargs or kwargs['username'] is None:
                return None
            clean_email = normalise_email(kwargs['username'])
        else:
            clean_email = normalise_email(email)

        # Check if we're dealing with an email address
        if '@' not in clean_email:
            return None

        # Since Django doesn't enforce emails to be unique, we look for all
        # matching users and try to authenticate them all. Note that we
        # intentionally allow multiple users with the same email address
        # (has been a requirement in larger system deployments),
        # we just enforce that they don't share the same password.
        # We make a case-insensitive match when looking for emails.
        matching_users = User.objects.filter(email__iexact=clean_email)
        authenticated_users = [
            user for user in matching_users if user.check_password(password)]
        if len(authenticated_users) == 1:
            # Happy path
            return authenticated_users[0]
        elif len(authenticated_users) > 1:
            # This is the problem scenario where we have multiple users with
            # the same email address AND password. We can't safely authenticate
            # either.
            raise User.MultipleObjectsReturned(
                "There are multiple users with the given email address and "
                "password")
        return None
    def authenticate(self, email=None, password=None, *args, **kwargs):
        if email is None:
            if not 'username' in kwargs or kwargs['username'] is None:
                return None
            clean_email = normalise_email(kwargs['username'])
        else:
            clean_email = normalise_email(email)

        # Check if we're dealing with an email address
        if '@' not in clean_email:
            return None

        # Since Django doesn't enforce emails to be unique, we look for all
        # matching users and try to authenticate them all.  If we get more than
        # one success, then we mail admins as this is a problem.
        authenticated_users = []
        matching_users = User.objects.filter(email=clean_email)
        for user in matching_users:
            if user.check_password(password):
                authenticated_users.append(user)
        if len(authenticated_users) == 1:
            # Happy path
            return authenticated_users[0]
        elif len(authenticated_users) > 1:
            # This is the problem scenario where we have multiple users with
            # the same email address AND password.  We can't safely authentiate
            # either.  This situation requires intervention by an admin and so
            # we mail them to let them know!
            mail_admins(
                "There are multiple users with email address: %s" % clean_email,
                ("There are %s users with email %s and the same password "
                 "which means none of them are able to authenticate") % (len(authenticated_users),
                                                clean_email))
        return None
    def _authenticate(self,
                      request,
                      email=None,
                      password=None,
                      *args,
                      **kwargs):
        if email is None:
            if 'username' not in kwargs or kwargs['username'] is None:
                return None
            clean_email = normalise_email(kwargs['username'])
        else:
            clean_email = normalise_email(email)

        # Check if we're dealing with an email address
        # 检查我们是否正在处理电子邮件地址
        if '@' not in clean_email:
            return None

        # Since Django doesn't enforce emails to be unique, we look for all
        # matching users and try to authenticate them all. Note that we
        # intentionally allow multiple users with the same email address
        # (has been a requirement in larger system deployments),
        # we just enforce that they don't share the same password.
        # We make a case-insensitive match when looking for emails.
        # 由于Django不强制执行电子邮件是唯一的,因此我们会查找所有匹配的用
        # 户并尝试对所有用户进行身份验证。 请注意,我们有意允许多个用户使
        # 用相同的电子邮件地址(在大型系统部署中是必需的),我们只是强制
        # 他们不共享相同的密码。
        # 我们在查找电子邮件时进行不区分大小写的匹配。
        matching_users = User.objects.filter(email__iexact=clean_email)
        authenticated_users = [
            user for user in matching_users
            if (user.check_password(password)
                and self.user_can_authenticate(user))
        ]
        if len(authenticated_users) == 1:
            # Happy path
            # 程序主逻辑
            return authenticated_users[0]
        elif len(authenticated_users) > 1:
            # This is the problem scenario where we have multiple users with
            # the same email address AND password. We can't safely authenticate
            # either.
            # 这是一个问题场景,我们有多个用户拥有相同的电子邮件地址和
            # 密码。我们也不能安全地进行认证。
            raise User.MultipleObjectsReturned(
                "There are multiple users with the given email address and "
                "password")
            # 有多个用户使用给定的电子邮件地址和密码
        return None
Exemple #6
0
    def get_queryset(self):
        queryset = self.model.objects.all().order_by('-date_joined')
        self.desc_ctx = {
            'main_filter': _('All users'),
            'email_filter': '',
            'name_filter': '',
        }

        if 'email' not in self.request.GET:
            self.form = self.form_class()
            return queryset

        self.form = self.form_class(self.request.GET)

        if not self.form.is_valid():
            return queryset

        data = self.form.cleaned_data

        if data['email']:
            email = normalise_email(data['email'])
            queryset = queryset.filter(email__startswith=email)
            self.desc_ctx['email_filter'] = _(" with email matching '%s'") % email
        if data['name']:
            # If the value is two words, then assume they are first name and last name
            parts = data['name'].split()
            if len(parts) == 2:
                queryset = queryset.filter(Q(first_name__istartswith=parts[0]) |
                                           Q(last_name__istartswith=parts[1])).distinct()
            else:
                queryset = queryset.filter(Q(first_name__istartswith=data['name']) |
                                           Q(last_name__istartswith=data['name'])).distinct()
            self.desc_ctx['name_filter'] = _(" with name matching '%s'") % data['name']

        return queryset
Exemple #7
0
    def apply_search_filters(self, queryset, data):
        """
        Function is split out to allow customisation with little boilerplate.
        功能被拆分以允许使用很少的样板进行定制。
        """
        if data['email']:
            email = normalise_email(data['email'])
            queryset = queryset.filter(email__istartswith=email)
            self.desc_ctx['email_filter'] \
                = _(" with email matching '%s'") % email
        if data['name']:
            # If the value is two words, then assume they are first name and
            # last name
            # 如果值是两个单词,则假设它们是名字和姓氏
            parts = data['name'].split()
            # always true filter
            condition = Q()
            for part in parts:
                condition &= Q(first_name__icontains=part) \
                    | Q(last_name__icontains=part)
            queryset = queryset.filter(condition).distinct()
            self.desc_ctx['name_filter'] \
                = _(" with name matching '%s'") % data['name']

        return queryset
Exemple #8
0
 def clean_email(self):
     email = normalise_email(self.cleaned_data['email'])
     if User._default_manager.filter(
             email=email).exclude(id=self.instance.user.id).exists():
         raise ValidationError(
             _("A user with this email address already exists"))
     return email
Exemple #9
0
 def clean_preview_email(self):
     email = normalise_email(self.cleaned_data["preview_email"])
     if not self.send_preview:
         return email
     if not email:
         raise forms.ValidationError(_("Please enter an email address"))
     return email
 def clean_email(self):
     email = normalise_email(self.cleaned_data['email'])
     if User._default_manager.exclude(pk=self.instance.pk).filter(
             email=email).exists():
         raise forms.ValidationError(
             _("A user with that email address already exists."))
     return email
Exemple #11
0
 def clean_preview_email(self):
     email = normalise_email(self.cleaned_data['preview_email'])
     if not self.send_preview:
         return email
     if not email:
         raise forms.ValidationError(_("Please enter an email address"))
     return email
Exemple #12
0
    def get_queryset(self):
        queryset = self.model.objects.all().order_by("-date_joined")
        self.desc_ctx = {"main_filter": _("All users"), "email_filter": "", "name_filter": ""}

        if "email" not in self.request.GET:
            self.form = self.form_class()
            return queryset

        self.form = self.form_class(self.request.GET)

        if not self.form.is_valid():
            return queryset

        data = self.form.cleaned_data

        if data["email"]:
            email = normalise_email(data["email"])
            queryset = queryset.filter(email__startswith=email)
            self.desc_ctx["email_filter"] = _(" with email matching '%s'") % email
        if data["name"]:
            # If the value is two words, then assume they are first name and last name
            parts = data["name"].split()
            if len(parts) == 2:
                queryset = queryset.filter(
                    Q(first_name__istartswith=parts[0]) | Q(last_name__istartswith=parts[1])
                ).distinct()
            else:
                queryset = queryset.filter(
                    Q(first_name__istartswith=data["name"]) | Q(last_name__istartswith=data["name"])
                ).distinct()
            self.desc_ctx["name_filter"] = _(" with name matching '%s'") % data["name"]

        return queryset
Exemple #13
0
 def clean_email(self):
     email = normalise_email(self.cleaned_data['email'])
     if User._default_manager.filter(
             email=email).exclude(id=self.user.id).exists():
         raise ValidationError(
             _("A user with this email address already exists"))
     return email
Exemple #14
0
 def clean_username(self):
     email = normalise_email(self.cleaned_data['username'])
     try:
         v = validate_email(email)
         email = v["email"]
     except EmailNotValidError as e:
         raise forms.ValidationError("The email address is invalid. Perhaps there was a typo? Please try again.")
     return email
Exemple #15
0
 def clean_email(self):
     """
     Checks for existing users with the supplied email address.
     """
     email = normalise_email(self.cleaned_data["email"])
     if User._default_manager.filter(email__iexact=email).exists():
         raise forms.ValidationError(_("A user with that email address already exists"))
     return email
Exemple #16
0
 def clean_email(self):
     """
     Checks for existing users with the supplied email address.
     """
     email = normalise_email(self.cleaned_data['email'])
     if User._default_manager.filter(email__iexact=email).exists():
         raise forms.ValidationError(_("该邮箱地址已经被注册"))
     return email
Exemple #17
0
 def clean_username(self):
     email = normalise_email(self.cleaned_data['username'])
     try:
         v = validate_email(email)
         email = v["email"]
     except EmailNotValidError as e:
         raise forms.ValidationError("The email address is invalid. Perhaps there was a typo? Please try again.")
     return email
Exemple #18
0
        def clean_email(self):
            email = normalise_email(self.cleaned_data['email'])

            users_with_email = User._default_manager.filter(
                email__iexact=email).exclude(id=self.instance.user.id)
            if users_with_email.exists():
                raise ValidationError(_("该邮箱已经被注册"))
            return email
 def get_queryset(self):
     queryset = self.model.objects.all()
     if not self.form.is_valid():
         return queryset
     data = self.form.cleaned_data
     if data['email']:
         email = normalise_email(data['email'])
         queryset = queryset.filter(email__istartswith=email)
     return queryset
Exemple #20
0
 def get_queryset(self):
     if self.form.is_valid():
         email = normalise_email(self.form.cleaned_data['email'])
         if self.request.user.is_staff and self.request.user.is_superuser:
             return User.objects.filter(is_active=True, email__icontains=email)
         else:
             return User.objects.filter(is_active=True, is_staff=False, is_superuser=False, email__icontains=email)
     else:
         return User.objects.none()
Exemple #21
0
 def clean_email(self):
     """
     Vérifie les utilisateurs existants avec l'adresse e-mail 
     fournie
     """
     email = normalise_email(self.cleaned_data['email'])
     if User._default_manager.filter(email__iexact=email).exists():
         raise forms.ValidationError(
             _("A user with that email address already exists"))
     return email
Exemple #22
0
        def clean_email(self):
            email = normalise_email(self.cleaned_data['email'])

            users_with_email = User._default_manager.filter(
                email__iexact=email).exclude(id=self.instance.user.id)
            if users_with_email.exists():
                raise ValidationError(
                    _("A user with this email address already exists"))
                # 具有此电子邮件地址的用户已存在
            return email
    def clean_email(self):
        email = normalise_email(self.cleaned_data['email'])

        if self.bypass_email:
            return email

        if User._default_manager.filter(email=email).exists():
            raise forms.ValidationError(
                _("A user with that email address already exists."))
        return email
Exemple #24
0
 def clean_email(self):
     """
     Checks for existing users with the supplied email address.
     使用提供的电子邮件地址检查现有用户。
     """
     email = normalise_email(self.cleaned_data['email'])
     if User._default_manager.filter(email__iexact=email).exists():
         raise forms.ValidationError(
             _("A user with that email address already exists"))
         # 具有该电子邮件地址的用户已存在
     return email
Exemple #25
0
 def clean(self):
     if self.is_guest_checkout() or self.is_new_account_checkout():
         if 'password' in self.errors:
             del self.errors['password']
         if 'username' in self.cleaned_data:
             email = normalise_email(self.cleaned_data['username'])
             if User._default_manager.filter(email=email).exists():
                 msg = "A user with that email address already exists"
                 self._errors["username"] = self.error_class([msg])
         return self.cleaned_data
     return super(GatewayForm, self).clean()
Exemple #26
0
 def clean_email(self):
     """
     Make sure that the email address is aways unique as it is
     used instead of the username. This is necessary because the
     unique-ness of email addresses is *not* enforced on the model
     level in ``django.contrib.auth.models.User``.
     """
     email = normalise_email(self.cleaned_data["email"])
     if User._default_manager.filter(email=email).exclude(id=self.user.id).exists():
         raise ValidationError(_("A user with this email address already exists"))
     return email
Exemple #27
0
 def clean(self):
       if self.is_guest_checkout() or self.is_new_account_checkout():
           if 'password' in self.errors:
               del self.errors['password']
           if 'username' in self.cleaned_data:
               email = normalise_email(self.cleaned_data['username'])
               if User._default_manager.filter(email__iexact=email).exists():
                   msg = "Пользователь с таким email-адресом уже есть в нашей базе данных"
                   self._errors["username"] = self.error_class([msg])
           return self.cleaned_data
       return super(GatewayForm, self).clean()
Exemple #28
0
 def clean(self):
     if self.is_guest_checkout() or self.is_new_account_checkout():
         if 'password' in self.errors:
             del self.errors['password']
         if 'username' in self.cleaned_data:
             email = normalise_email(self.cleaned_data['username'])
             if User._default_manager.filter(email__iexact=email).exists():
                 msg = _("A user with that email address already exists")
                 self._errors["username"] = self.error_class([msg])
         return self.cleaned_data
     return super(GatewayForm, self).clean()
Exemple #29
0
 def clean_email(self):
     """
     Make sure that the email address is aways unique as it is
     used instead of the username. This is necessary because the
     unique-ness of email addresses is *not* enforced on the model
     level in ``django.contrib.auth.models.User``.
     """
     email = normalise_email(self.cleaned_data['email'])
     if User._default_manager.filter(
             email=email).exclude(id=self.user.id).exists():
         raise ValidationError(
             _("A user with this email address already exists"))
     return email
 def apply_search_filters(self, queryset, data):
     if data['email']:
         email = normalise_email(data['email'])
         queryset = queryset.filter(email__istartswith=email)
         self.desc_ctx['email_filter'] \
          = _(" with email matching '%s'") % email
     if data['name']:
         parts = data['name'].split()
         condition = Q()
         for part in parts:
             condition &= Q(name__icontains=part)
         queryset = queryset.filter(condition).distinct()
         self.desc_ctx['name_filter'] \
          = _(" with name matching '%s'") % data['name']
     return queryset
Exemple #31
0
    def clean_email(self):
        """
        Make sure that the email address is aways unique as it is
        used instead of the username. This is necessary because the
        unique-ness of email addresses is *not* enforced on the model
        level in ``django.contrib.auth.models.User``.

        确保电子邮件地址不是唯一的,因为它使用的是用户名而不是用户名。
        这是必要的,因为在``django.contrib.auth.models.User``中,电子
        邮件地址的唯一性在*模型级别上是强制执行的。
        """
        email = normalise_email(self.cleaned_data['email'])
        if User._default_manager.filter(email__iexact=email).exclude(
                id=self.user.id).exists():
            raise ValidationError(
                _("A user with this email address already exists"))
            # 具有此电子邮件地址的用户已存在
        # Save the email unaltered
        # 保持电子邮件不变
        return email
Exemple #32
0
    def apply_search_filters(self, queryset, data):
        """
        Function is split out to allow customisation with little boilerplate.
        """
        if data["email"]:
            email = normalise_email(data["email"])
            queryset = queryset.filter(email__istartswith=email)
            self.desc_ctx["email_filter"] = _(" with email matching '%s'") % email
        if data["name"]:
            # If the value is two words, then assume they are first name and
            # last name
            parts = data["name"].split()
            if len(parts) == 2:
                condition = Q(first_name__istartswith=parts[0]) | Q(last_name__istartswith=parts[1])
            else:
                condition = Q(first_name__istartswith=data["name"]) | Q(last_name__istartswith=data["name"])
            queryset = queryset.filter(condition).distinct()
            self.desc_ctx["name_filter"] = _(" with name matching '%s'") % data["name"]

        return queryset
Exemple #33
0
    def get_queryset(self):
        queryset = self.model.objects.all().order_by('-date_joined')
        self.desc_ctx = {
            'main_filter': _('All users'),
            'email_filter': '',
            'name_filter': '',
        }

        if 'email' not in self.request.GET:
            self.form = self.form_class()
            return queryset

        self.form = self.form_class(self.request.GET)

        if not self.form.is_valid():
            return queryset

        data = self.form.cleaned_data

        if data['email']:
            email = normalise_email(data['email'])
            queryset = queryset.filter(email__startswith=email)
            self.desc_ctx['email_filter'] \
                = _(" with email matching '%s'") % email
        if data['name']:
            # If the value is two words, then assume they are first name and
            # last name
            parts = data['name'].split()
            if len(parts) == 2:
                condition = Q(first_name__istartswith=parts[0]) \
                    | Q(last_name__istartswith=parts[1])
            else:
                condition = Q(first_name__istartswith=data['name']) \
                    | Q(last_name__istartswith=data['name'])
            queryset = queryset.filter(condition).distinct()
            self.desc_ctx['name_filter'] \
                = _(" with name matching '%s'") % data['name']

        return queryset
Exemple #34
0
    def apply_search_filters(self, queryset, data):
        """
        Function is split out to allow customisation with little boilerplate.
        """
        if data['email']:
            email = normalise_email(data['email'])
            queryset = queryset.filter(email__istartswith=email)
            self.desc_ctx['email_filter'] \
                = _(" with email matching '%s'") % email
        if data['name']:
            # If the value is two words, then assume they are first name and
            # last name
            parts = data['name'].split()
            # always true filter
            condition = Q()
            for part in parts:
                condition &= Q(first_name__icontains=part) \
                    | Q(last_name__icontains=part)
            queryset = queryset.filter(condition).distinct()
            self.desc_ctx['name_filter'] \
                = _(" with name matching '%s'") % data['name']

        return queryset
Exemple #35
0
    def apply_search_filters(self, queryset, data):
        """
        Function is split out to allow customisation with little boilerplate.
        """
        if data['email']:
            email = normalise_email(data['email'])
            queryset = queryset.filter(email__istartswith=email)
            self.desc_ctx['email_filter'] \
                = _(" with email matching '%s'") % email
        if data['name']:
            # If the value is two words, then assume they are first name and
            # last name
            parts = data['name'].split()
            if len(parts) == 2:
                condition = Q(first_name__istartswith=parts[0]) \
                    | Q(last_name__istartswith=parts[1])
            else:
                condition = Q(first_name__istartswith=data['name']) \
                    | Q(last_name__istartswith=data['name'])
            queryset = queryset.filter(condition).distinct()
            self.desc_ctx['name_filter'] \
                = _(" with name matching '%s'") % data['name']

        return queryset
Exemple #36
0
 def test_normalise_email(self):
     self.assertEqual(normalise_email('"*****@*****.**"@TEST.cOm'),
                      '"*****@*****.**"@test.com')
Exemple #37
0
 def get_queryset(self):
     if self.form.is_valid():
         email = normalise_email(self.form.cleaned_data['email'])
         return User.objects.filter(email__icontains=email)
     else:
         return User.objects.none()
Exemple #38
0
 def clean_username(self):
     return normalise_email(self.cleaned_data['username'])
Exemple #39
0
 def clean_email(self):
     email = normalise_email(self.cleaned_data["email"])
     if User.objects.filter(email__iexact=email).exists():
         raise forms.ValidationError("A user already exists with email %s" % email)
     return email
Exemple #40
0
 def clean_email(self):
     email = normalise_email(self.cleaned_data['email'])
     if User.objects.filter(email__iexact=email).exists():
         raise forms.ValidationError("A user already exists with email %s" %
                                     email)
     return email
Exemple #41
0
 def clean_username(self):
     return normalise_email(self.cleaned_data['username'])
Exemple #42
0
 def clean_email(self):
     email = normalise_email(self.cleaned_data['email'])
     if User._default_manager.filter(email=email).exists():
         raise forms.ValidationError(
             _("A user with that email address already exists"))
     return email
Exemple #43
0
 def get_queryset(self):
     if self.form.is_valid():
         email = normalise_email(self.form.cleaned_data['email'])
         return User.objects.filter(email__icontains=email)
     else:
         return User.objects.none()
 def clean_email(self):
     """
     Users can't change their email address here, so we cancel the validation
     This is a post-registration step where user already added into the db
     """
     return normalise_email(self.cleaned_data['email'])
 def test_normalise_email(self):
     self.assertEqual(normalise_email('"*****@*****.**"@TEST.cOm'), '"*****@*****.**"@test.com')