def make_auth_response_data(user) -> dict:
"""
Given a domain and user, creates data structure
using python dict containing a representation
of the logged user.
"""
serializer = UserAdminSerializer(user)
data = dict(serializer.data)
data["auth_token"] = get_token_for_user(user, "authentication")
return data
def make_auth_response_data(user):
serializer = UserAdminSerializer(user)
data = dict(serializer.data)
refresh = RefreshToken.for_user(user)
data['refresh'] = str(refresh)
data['auth_token'] = str(refresh.access_token)
return data
def make_auth_response_data(user) -> dict:
"""
Given a domain and user, creates data structure
using python dict containing a representation
of the logged user.
"""
serializer = UserAdminSerializer(user)
data = dict(serializer.data)
data["auth_token"] = get_token_for_user(user, "authentication")
data["email"] = user.email
data["public_key"] = user.public_key
data["threebot_name"] = user.threebot_name
return data
def make_auth_response_data(user):
serializer = UserAdminSerializer(user)
data = dict(serializer.data)
refresh = RefreshToken.for_user(user)
data['refresh'] = str(refresh)
data['auth_token'] = str(refresh.access_token)
if api_settings.UPDATE_LAST_LOGIN:
update_last_login(None, user)
return data
def test_user_update(client, data):
url = reverse('users-detail', kwargs={"pk": data.registered_user.pk})
users = [
None,
data.registered_user,
data.other_user,
data.superuser,
]
user_data = UserAdminSerializer(data.registered_user).data
user_data["full_name"] = "test"
user_data = json.dumps(user_data)
results = helper_test_http_method(client, 'put', url, user_data, users)
assert results == [401, 200, 403, 200]
def callback(req):
t = Token()
try:
user, _ = t.authenticate(req)
if user:
login(req, user)
except NotAuthenticated:
pass
data = req.GET.get('signedAttempt')
if not data:
return JsonResponse(
{
"_error_message":
"one or more parameter values were missing (signedAttempt)",
"_error_type": ""
},
status=400)
data = json.loads(data)
username = data['doubleName']
if not username:
return JsonResponse(
{
"_error_message": "Bad request, some params are missing",
"_error_type": ""
},
status=400)
res = requests.get(
settings.THREEBOT_URL + '/api/users/{0}'.format(username),
{'Content-Type': 'application/json'})
if res.status_code != 200:
return JsonResponse(
{
"_error_message": "Error getting user pub key",
"_error_type": ""
},
status=400)
user_pub_key = nacl.signing.VerifyKey(res.json()['publicKey'],
encoder=nacl.encoding.Base64Encoder)
pk = res.json()["publicKey"]
# verify data
signedData = data['signedAttempt']
if not signedData:
return JsonResponse(
{
"_error_message": "Bad request, some params are missing",
"_error_type": ""
},
status=400)
verifiedData = user_pub_key.verify(base64.b64decode(signedData)).decode()
data = json.loads(verifiedData)
if not data:
return JsonResponse(
{
"_error_message": "Bad request, some params are missing",
"_error_type": ""
},
status=400)
if data['doubleName'] != username:
return JsonResponse(
{
"_error_message": "Bad request, some params are missing",
"_error_type": ""
},
status=400)
# verify state
state = data['signedState']
if not state or state != req.session.get("state"):
return JsonResponse(
{
"_error_message": "Invalid state",
"_error_type": ""
}, status=400)
nonce = base64.b64decode(data['data']['nonce'])
ciphertext = base64.b64decode(data['data']['ciphertext'])
private_key = nacl.signing.SigningKey(settings.PRIVATE_KEY,
encoder=nacl.encoding.Base64Encoder)
box = Box(private_key.to_curve25519_private_key(),
user_pub_key.to_curve25519_public_key())
try:
decrypted = box.decrypt(ciphertext, nonce)
result = json.loads(decrypted)
email = result["email"]["email"]
sei = result['email']['sei']
res = requests.post(settings.OPEN_KYC_URL,
headers={'Content-Type': 'application/json'},
json={'signedEmailIdentifier': sei})
if res.status_code != 200:
return JsonResponse(
{
"_error_message": "Email not verified",
"_error_type": ""
},
status=400)
user_model = get_user_model()
users_with_email = user_model.objects.filter(email=email)
if users_with_email:
user_with_email = users_with_email[0]
else:
user_with_email = None
# Link user to 3bot login account
if req.user.is_authenticated():
user = user_model.objects.filter(id=req.user.id)[0]
if user_with_email and user_with_email.id != req.user.id:
return JsonResponse(
{
"_error_message":
"Email address is linked with another active account",
"_error_type": ""
},
status=400)
# user already linked with 3 bot login
if user.public_key:
# user linking another account
if user.public_key != pk:
user.email = email
user.public_key = pk
user.threebot_name = username.replace('.3bot', '')
user.save()
else:
# user linking their account for first time
user.email = email
user.public_key = pk
user.threebot_name = username.replace('.3bot', '')
user.save()
else:
users = user_model.objects.filter(
Q(email=email) | Q(public_key=pk))
if len(users) == 0:
# new user
username = username.replace('.3bot', '')
user = user_model(username=username,
email=email,
full_name=username,
public_key=pk)
user.is_active = True
user.public_key = pk
user.threebot_name = username
user.save()
else:
# email or public key exists
user = users[0]
if user.public_key != pk:
user.public_key = pk
user.threebot_name = username.replace('.3bot', '')
user.save()
elif user.email != email:
user.email = email
user.threebot_name = username.replace('.3bot', '')
user.save()
login(req, user)
except:
raise
serializer = UserAdminSerializer(user)
data = dict(serializer.data)
data["auth_token"] = get_token_for_user(user, "authentication")
data['public_key'] = pk
data['email'] = email
data['threebot_name'] = username.replace('.3bot', '')
data['roles'] = [role for role in data['roles']]
return JsonResponse(data)
