def form_valid(self, form): resp = super(EmailUserRegistrationView, self).form_valid(form) user = self.object signer = Signer() site = Site.objects.get(id=settings.SITE_ID) ref_url = 'http://{}/confirm-email/{}/{}/'.format(site.domain, user.id, signer.signature(user.email)) txt_body = render_to_string(self.email_text_template_name, {'reference': ref_url, 'site': site.name}) html_body = render_to_string(self.email_html_template_name, {'reference': ref_url, 'site': site.name}) from_email = '{}{}'.format(settings.DEFAULT_FROM_EMAIL, site.domain) send_mail( recipient_list = [user.email], subject = 'Account activation on the website online-polling.com', message=txt_body, html_message=html_body, from_email = from_email , fail_silently = True, ) #save early voting try: sch = self.request.session.pop('anonym_vote') #early voting ch = Choice.objects.get(pk=sch) user_choice = CUserChoice(choice=ch, cuser=user, date_vote = timezone.now()) user_choice.save() except: pass return resp
def _get_signature(params, secret, timestamp, expiry): signer = Signer(key=secret) encoded_params = json.dumps(params, sort_keys=True) timestamp = str(timestamp) expiry = str(expiry) return signer.signature(":".join([timestamp, expiry, encoded_params]))
class DataSigner(object): SIGNATURE_FIELD = 'signature' TIMESTAMP_FIELD = 'timestamp' SALT_BASE = 'rest-registration-default-salt' USE_TIMESTAMP = False VALID_PERIOD = None def __init__(self, data): if self.USE_TIMESTAMP and self.TIMESTAMP_FIELD not in data: data = data.copy() data[self.TIMESTAMP_FIELD] = get_current_timestamp() self._data = data self._salt = self._calculate_salt(data) self._signer = Signer(salt=self._salt) def _calculate_signature(self, data): if self.SIGNATURE_FIELD in data: data = data.copy() del data[self.SIGNATURE_FIELD] return self._signer.signature(get_dict_repr(data)) def calculate_signature(self): return self._calculate_signature(self._data) def get_signed_data(self): data = self._data.copy() data[self.SIGNATURE_FIELD] = self.calculate_signature() return data def get_valid_period(self): return self.VALID_PERIOD def _calculate_salt(self, data): return self.SALT_BASE def verify(self): data = self._data signature = data.get(self.SIGNATURE_FIELD, None) if signature is None: raise BadSignature() expected_signature = self.calculate_signature() if not constant_time_compare(signature, expected_signature): raise BadSignature() valid_period = self.get_valid_period() if self.USE_TIMESTAMP and valid_period is not None: timestamp = data[self.TIMESTAMP_FIELD] timestamp = int(timestamp) current_timestamp = get_current_timestamp() valid_period_secs = valid_period.total_seconds() if current_timestamp - timestamp > valid_period_secs: raise SignatureExpired()
def dispatch(self, request, *args, **kwargs): self.object = self.get_object() signer = Signer() s1 = signer.signature(self.object.email) s2 = kwargs.get('sign_user', None) if self.object.is_active == True: raise Http404("Account is active yet!") if s1<>s2: raise Http404("Invalid confirm email information") return super(EmailUserConfirmView, self).dispatch(request, *args, **kwargs)
def dispatch(self, request, *args, **kwargs): self.object = self.get_object() signer = Signer() s1 = signer.signature(self.object.email) s2 = kwargs.get('sign_user', None) if self.object.is_active == True: raise Http404("Account is active yet!") if s1 <> s2: raise Http404("Invalid confirm email information") return super(EmailUserConfirmView, self).dispatch(request, *args, **kwargs)
def _create_user(self, username: str, password: str): salt = 'blahfffffj349feiblah123' signer = Signer(salt=salt) user = Users() user.user_id = 324 user.first_name = 'Billy' user.last_name = 'Bobtest' user.user_name = username user.last_login_date = timezone.now() user.password_hash = signer.signature(password) user.salt_hash = salt user.save() return user
def _create_user(self, username: str, password: str, userid: int): salt = 'blahfffff{}j349'.format(password) signer = Signer(salt=salt) user = Users() user.user_id = userid user.first_name = 'Billy' user.last_name = 'Bobtest' user.user_name = username user.email = '{}@gmail.com'.format(username) user.about = "This is about me and the things I like" user.last_login_date = timezone.now() user.password_hash = signer.signature(password) user.salt_hash = salt user.save() return user
def setUpClass(cls): super().setUpClass() salt = 'blahfffffj349feiblah123' signer = Signer(salt=salt) user = Users() user.user_id = 324 user.first_name = 'Billy' user.last_name = 'Bobtest' user.user_name = 'myUsername' user.last_login_date = timezone.now() user.password_hash = signer.signature('password123') user.salt_hash = salt user.save() cls.user = user cls.client = Client()
def test_registration_and_confirm_user(self): response = self.client.post('/registration/', {'email':'*****@*****.**'}) self.assertIn('reference',response.context) ref = response.context['reference'] signer = Signer() sign = signer.signature("*****@*****.**") self.assertRegexpMatches(ref, sign) response = self.client.post(ref, {'email':'*****@*****.**', 'password1':'Coxb2014', 'password2':'Coxb2014'}) log = self.client.login(username='******', password='******') self.assertTrue(log) ClearModels()
class DataSigner(object): signature_field = 'signature' timestamp_field = 'timestamp' salt = 'rest-registration-default-salt' use_timestamp = False valid_period = None def __init__(self, data): if self.use_timestamp and self.timestamp_field not in data: data = data.copy() data[self.timestamp_field] = get_current_timestamp() self._data = data self._signer = Signer(self.salt) def _calculate_signature(self, data): if self.signature_field in data: data = data.copy() del data[self.signature_field] return self._signer.signature(get_dict_repr(data)) def calculate_signature(self): return self._calculate_signature(self._data) def get_signed_data(self): data = self._data.copy() data[self.signature_field] = self.calculate_signature() return data def verify(self): data = self._data signature = data.get(self.signature_field, None) if signature is None: raise BadSignature() expected_signature = self.calculate_signature() if not constant_time_compare(signature, expected_signature): raise BadSignature() if self.use_timestamp and self.valid_period is not None: timestamp = data[self.timestamp_field] timestamp = int(timestamp) current_timestamp = get_current_timestamp() valid_period_secs = self.valid_period.total_seconds() if current_timestamp - timestamp > valid_period_secs: raise SignatureExpired()
def form_valid(self, form): resp = super(EmailUserRegistrationView, self).form_valid(form) user = self.object signer = Signer() site = Site.objects.get(id=settings.SITE_ID) ref_url = 'http://{}/confirm-email/{}/{}/'.format( site.domain, user.id, signer.signature(user.email)) txt_body = render_to_string(self.email_text_template_name, { 'reference': ref_url, 'site': site.name }) html_body = render_to_string(self.email_html_template_name, { 'reference': ref_url, 'site': site.name }) from_email = '{}{}'.format(settings.DEFAULT_FROM_EMAIL, site.domain) send_mail( recipient_list=[user.email], subject='Account activation on the website online-polling.com', message=txt_body, html_message=html_body, from_email=from_email, fail_silently=True, ) #save early voting try: sch = self.request.session.pop('anonym_vote') #early voting ch = Choice.objects.get(pk=sch) user_choice = CUserChoice(choice=ch, cuser=user, date_vote=timezone.now()) user_choice.save() except: pass return resp
def test_registration_and_confirm_user(self): response = self.client.post('/registration/', {'email': '*****@*****.**'}) self.assertIn('reference', response.context) ref = response.context['reference'] signer = Signer() sign = signer.signature("*****@*****.**") self.assertRegexpMatches(ref, sign) response = self.client.post( ref, { 'email': '*****@*****.**', 'password1': 'Coxb2014', 'password2': 'Coxb2014' }) log = self.client.login(username='******', password='******') self.assertTrue(log) ClearModels()
def save(self, *args, **kwargs): # При сохранении пользователя добавляем ему реферальную ссылку if not self.refer_code: signer = Signer() self.refer_code = signer.signature(self.chat_id) super(ReferralUser, self).save(*args, **kwargs)
def test_base_account_methods(self): # no user else (401) fill = {'email': self.EMAIL, 'password': self.PASS} # no user else (401) self.post(self.login_url, data=fill, status_code=HTTP_401_UNAUTHORIZED) # invaite user fill = { 'first_name': self.FIRST_NAME, 'last_name': self.LAST_NAME, 'email': self.EMAIL, } # anonymous invaiting self.post(self.invaite_url, data=fill, status_code=HTTP_403_FORBIDDEN) # admin invation User.objects.create_superuser(self.ADMIN_EMAIL, self.ADMIN_PASS) self._login_adm() mail_count = len(mail.outbox) self.post(self.invaite_url, data=fill, status_code=201) self.assertEqual(len(mail.outbox), mail_count + 1) # user properties user = User.objects.get(email=self.EMAIL) self.assertEqual(user.is_active, False) self.assertEqual(user.is_admin, False) self.assertEqual(user.is_staff, False) self.assertEqual(user.get_full_name(), '{} {}'.format(self.FIRST_NAME, self.LAST_NAME)) self.assertEqual(user.get_short_name(), self.FIRST_NAME) self.assertEqual(user.__unicode__(), self.EMAIL) self.assertEqual(user.has_perm(None), True) self.assertEqual(user.has_module_perms(None), True) self.assertEqual(user.username, self.EMAIL) # confim user signer = Signer() sign = signer.signature(self.EMAIL) fill = {'pk': user.id, 'token': sign} response = self.get(self.confirm_url, data=fill, status_code=HTTP_200_OK) # confim wrong user.id fill = {'pk': user.id + 10, 'token': sign} self.get(self.confirm_url, data=fill, status_code=HTTP_400_BAD_REQUEST) # confim wrong token fill = {'pk': user.id, 'token': sign + '1'} self.get(self.confirm_url, data=fill, status_code=HTTP_400_BAD_REQUEST) # activates user fill = { 'pk': user.id, 'token': sign, 'first_name': self.FIRST_NAME, 'last_name': self.LAST_NAME, 'email': self.EMAIL, 'password': self.PASS, 'phone': '+7800800800' } # activate wrong user.id fill['pk'] = user.id + 10 self.post(self.activate_url, data=fill, status_code=HTTP_400_BAD_REQUEST) # activate wrong token fill['pk'] = user.id fill['token'] = sign + '1' self.post(self.activate_url, data=fill, status_code=HTTP_400_BAD_REQUEST) # activate and login user fill['token'] = sign response = self.post(self.activate_url, data=fill, status_code=HTTP_200_OK) self.assertEqual(response.json['success'], _('User logged in')) # password change wrong old password fill = {'password': self.NEW_PASS, 'old_password': self.WRONG_PASS} response = self.post(self.password_change_url, data=fill, status_code=HTTP_400_BAD_REQUEST) self.assertEqual(response.json['status'], _('Current password is wrong')) # password change fill = {'password': self.NEW_PASS, 'old_password': self.PASS} self.post(self.password_change_url, data=fill, status_code=HTTP_200_OK) # login wrong password fill = {'email': self.EMAIL, 'password': self.WRONG_PASS} self.post(self.login_url, data=fill, status_code=401) # login success fill = {'email': self.EMAIL, 'password': self.NEW_PASS} self.post(self.login_url, data=fill, status_code=HTTP_200_OK) # logout self.get(self.logout_url, status_code=HTTP_200_OK)
def _verify_user_password(self, user: Users, pass_check: str) -> bool: signer = Signer(salt=user.salt_hash) user_pass_hash = user.password_hash challenge_hash = signer.signature(pass_check) return user_pass_hash == challenge_hash
def post(self, request: HttpRequest): try: request_json = json.loads(request.body.decode('UTF-8')) except json.JSONDecodeError: return JSONResponse.new( code=400, message='request decode error, bad data sent to the server') # these are required keys _user_name = request_json.get('username') _first_name = request_json.get('firstname') _last_name = request_json.get('lastname') _password = request_json.get('password') try: self._check_required_inputs( [_user_name, _first_name, _last_name, _password]) except ValueError as err: return JSONResponse.new(code=400, message='{}'.format(err.args[0])) try: Users.objects.get(user_name__exact=_user_name) except ObjectDoesNotExist: # GOOD, lets create a new user new_user = Users() salt = token_hex(16) signer = Signer(salt=salt) new_user.user_id = uuid4().time_mid new_user.first_name = _first_name new_user.last_name = _last_name new_user.user_name = _user_name new_user.salt_hash = salt new_user.password_hash = signer.signature(_password) new_user.email = request_json.get( 'email', '{}@noemail.set'.format(_user_name)) new_user.about = request_json.get('about', '') new_user.last_login_date = timezone.now() new_user.is_active = True if request_json.get('profilepic') is not None: aws = AWS('snap-life') key_name = '{}.png'.format(request_json.get('profilepic')) url = aws.upload_profile_image(new_user.user_name, key_name) new_user.profile_url = url else: new_user.profile_url = 'static/assets/usericon.png' try: new_user.save() request.session['{}'.format(new_user.user_id)] = True except IntegrityError as err: # if this is because we have a collision with our random numbers # hash, userID etc. re-create them del request.session['{}'.format(new_user.user_id)] return JSONResponse.new( code=500, message='username and email need to be unique') else: return JSONResponse.new( code=400, message='username {} is already taken'.format(_user_name)) return JSONResponse.new(code=200, message='success', userid=new_user.user_id)
def _generate_signature(params, secret, timestamp): signer = Signer(key=secret) encoded_params = json.dumps(params, sort_keys=True) return signer.signature(":".join([timestamp, encoded_params]))
def test_base_account_methods(self): # no user else (401) fill = { 'email': self.EMAIL, 'password': self.PASS } # no user else (401) self.post(self.login_url, data=fill, status_code=HTTP_401_UNAUTHORIZED) # invaite user fill = { 'first_name': self.FIRST_NAME, 'last_name': self.LAST_NAME, 'email': self.EMAIL, } # anonymous invaiting self.post(self.invaite_url, data=fill, status_code=HTTP_403_FORBIDDEN) # admin invation User.objects.create_superuser(self.ADMIN_EMAIL, self.ADMIN_PASS) self._login_adm() mail_count = len(mail.outbox) self.post(self.invaite_url, data=fill, status_code=201) self.assertEqual(len(mail.outbox), mail_count + 1) # user properties user = User.objects.get(email=self.EMAIL) self.assertEqual(user.is_active, False) self.assertEqual(user.is_admin, False) self.assertEqual(user.is_staff, False) self.assertEqual( user.get_full_name(), '{} {}'.format(self.FIRST_NAME, self.LAST_NAME) ) self.assertEqual(user.get_short_name(), self.FIRST_NAME) self.assertEqual(user.__unicode__(), self.EMAIL) self.assertEqual(user.has_perm(None), True) self.assertEqual(user.has_module_perms(None), True) self.assertEqual(user.username, self.EMAIL) # confim user signer = Signer() sign = signer.signature(self.EMAIL) fill = { 'pk': user.id, 'token': sign } response = self.get( self.confirm_url, data=fill, status_code=HTTP_200_OK ) # confim wrong user.id fill = { 'pk': user.id+10, 'token': sign } self.get(self.confirm_url, data=fill, status_code=HTTP_400_BAD_REQUEST) # confim wrong token fill = { 'pk': user.id, 'token': sign+'1' } self.get(self.confirm_url, data=fill, status_code=HTTP_400_BAD_REQUEST) # activates user fill = { 'pk': user.id, 'token': sign, 'first_name': self.FIRST_NAME, 'last_name': self.LAST_NAME, 'email': self.EMAIL, 'password': self.PASS, 'phone': '+7800800800' } # activate wrong user.id fill['pk'] = user.id + 10 self.post( self.activate_url, data=fill, status_code=HTTP_400_BAD_REQUEST ) # activate wrong token fill['pk'] = user.id fill['token'] = sign+'1' self.post( self.activate_url, data=fill, status_code=HTTP_400_BAD_REQUEST ) # activate and login user fill['token'] = sign response = self.post( self.activate_url, data=fill, status_code=HTTP_200_OK ) self.assertEqual(response.json['success'], _('User logged in')) # password change wrong old password fill = { 'password': self.NEW_PASS, 'old_password': self.WRONG_PASS } response = self.post( self.password_change_url, data=fill, status_code=HTTP_400_BAD_REQUEST ) self.assertEqual( response.json['status'], _('Current password is wrong') ) # password change fill = { 'password': self.NEW_PASS, 'old_password': self.PASS } self.post(self.password_change_url, data=fill, status_code=HTTP_200_OK) # login wrong password fill = { 'email': self.EMAIL, 'password': self.WRONG_PASS } self.post(self.login_url, data=fill, status_code=401) # login success fill = { 'email': self.EMAIL, 'password': self.NEW_PASS } self.post(self.login_url, data=fill, status_code=HTTP_200_OK) # logout self.get(self.logout_url, status_code=HTTP_200_OK)
def get_object_signature(obj): signer = Signer() return signer.signature(get_value_to_sign(obj))
def generateHash(self): signer = Signer(salt=self.user.date_joined.strftime("%Y-%m-%d %H:%i:%s") + str(random.randint(1, 100))) self.temp_hash = signer.signature(self.user.username) self.save() return self.temp_hash # def getHash(self): # return self.temp_hash # def getType(self): # return self.user_type # def setType(self, newType): # TYPES_TO_GROUPS = { # 'regular': ['Regular', ], # 'admin': ['Administrators', 'Staff', 'Photographers', 'Journalists', 'Regular'], # 'staff': ['Staff', 'Photographers', 'Journalists', 'Regular'], # 'photographer': ['Photographers', 'Regular'], # 'journalist': ['Journalists', 'Regular'], # } # # self.user_type = newType # # if newType == 'admin' or newType == 'staff': # self.user.is_staff = True # else: # self.user.is_staff = False # # for groupName in TYPES_TO_GROUPS[newType]: # group, _ = Group.objects.get_or_create(name=groupName) # group.user_set.add(self.user) # # self.temp_hash = '' # self.save() # # return True # Create a new user profile # @staticmethod # def createUser(username, email, password): # try: # user = User.objects.get(username=username) # signer = Signer(salt=user.date_joined.strftime("%Y-%m-%d %H:%i:%s") + str(random.randint(1, 100))) # regHash = signer.signature(user.username) # registration confirmation hash # SiteUser.objects.create(user=user, temp_hash=regHash, saved_new_password=True) # # return regHash # except IntegrityError as e: # # Duplicate entry # if e.args[0] == 1062: # raise CreateUserError(u'Toks vartotojo vardas jau užregistruotas.') # except Exception as e: # plainText = get_template('registration_error_email.txt') # subject = u'Klaida vartotojo registracijos metu' # c = Context({ # 'username': username, # 'email_address': email, # 'error_message': e, # }) # # mail_admins(subject, plainText.render(c)) # raise CreateUserError(u'Klaidos priežastis nežinoma. Svetainės administratoriai buvo informuoti apie šią klaidą.') #class Organizer(models.Model): # #organizer_id = models.PositiveIntegerField(primary_key = True) # organization_title = models.CharField(max_length = 40, blank = True) # first_name = models.CharField(max_length = 30, blank = True) # last_name = models.CharField(max_length = 30, blank = True) # # class Meta: # db_table = 'organizers' # # def __unicode__(self): # if self.first_name: # return u'%s %s' % (self.first_name, self.last_name) # else: # return self.organization_title # Data model containing addresses; allows to specify a title for concise references; allows to specify an address type; a Person entity can have multiple addresses; #class GenericAddress(models.Model): # #address_id = models.PositiveIntegerField(primary_key = True) # title = models.CharField(max_length = 20, blank = True) # title of the address (e.g. "Susivienijimas Lietuvių Amerikoje"), used to concisely reference an Address entity # street_address1 = models.CharField(max_length = 30) # street_address2 = models.CharField(max_length = 30, blank = True) # street_address3 = models.CharField(max_length = 30, blank = True) # street_address4 = models.CharField(max_length = 30, blank = True) # city = models.CharField(max_length = 20, blank = True) # zip_code = models.CharField(max_length = 10, blank = True) # state = USStateField(blank = True, null = True) # country = models.ForeignKey(Country, blank = True) # type = models.CharField(max_length = 20, verbose_name='Address type') # e.g. Home address, Work address, Headquarters, etc. # #entity = models.ForeignKey(Entity) # entity owning this address entry # # class Meta: # abstract = True # # def __unicode__(self): # if self.title: # return self.title # else: # return self.street_address1 # #class UserAddress(GenericAddress): # user = models.ForeignKey(SiteUser) # site user owning this address entry # # class Meta: # db_table = 'user_addresses' #class AuthorAddress(GenericAddress): # author = models.ForeignKey(Author) # author owning this address entry # # class Meta: # db_table = 'author_addresses' #class OrganizerAddress(GenericAddress): # organizer = models.ForeignKey(Organizer) # organizer owning this address entry # # class Meta: # db_table = 'organizer_addresses' # Data model containing phones; allows to specify a phone type; a Person entity can have multiple phone numbers #class GenericPhone(models.Model): # #phone_id = models.PositiveIntegerField(primary_key = True) # country = models.ForeignKey(Country) # number = models.CharField(max_length = 20) # type = models.CharField(max_length = 20, verbose_name='Phone type') # e.g. Home phone, Cell phone, etc. # #Entityt = models.ForeignKey(Entity) # entity owning this phone entry # # class Meta: # abstract = True # # def __unicode__(self): # return '%s (%s)' % (self.number, self.country.name) #class UserPhone(GenericPhone): # user = models.ForeignKey(SiteUser) # site user owning this phone entry # # class Meta: # db_table = 'user_phones' #class AuthorPhone(GenericPhone): # author = models.ForeignKey(Author) # author owning this phone entry # # class Meta: # db_table = 'author_phones' #class OrganizerPhone(GenericPhone): # organizer = models.ForeignKey(Organizer) # organizer owning this phone entry # # class Meta: # db_table = 'organizer_phones' # Data model containing e-mails; allows to specify an e-mail type; a Person entity can have multiple e-mails # For a SiteUser entity, these are secondary e-mail addresses; the main e-mail address of a SiteUser entity # is specified in SiteUser.user.email field #class GenericEmail(models.Model): # #email_id = models.PositiveIntegerField(primary_key = True) # address = models.EmailField() # type = models.CharField(max_length = 20, verbose_name='E-mail type') # e.g. Home e-mail, Work e-mail, etc. # #entity = models.ForeignKey(Entity) # site user owning this e-mail entry # # class Meta: # abstract = True # # def __unicode__(self): # return self.address #class UserEmail(GenericEmail): # user = models.ForeignKey(SiteUser) # site user owning this e-mail entry # # class Meta: # db_table = 'user_emails' #class AuthorEmail(GenericEmail): # author = models.ForeignKey(Author) # author owning this e-mail entry # # class Meta: # db_table = 'author_emails' #class OrganizerEmail(GenericEmail): # organizer = models.ForeignKey(Organizer) # organizer owning this e-mail entry # # class Meta: # db_table = 'organizer_emails'
def get_signature(secret, body, timestamp, url): if not body: body = "" signer = Signer(key=secret) return signer.signature( ":".join([body, timestamp, url]) )
def get_token(email): signer = Signer() return signer.signature(email)
def get_token(self, obj): if obj.is_active: return None signer = Signer() return signer.signature(obj.email)