def validate(self): result = True key = 'da:failedlogin:ip:' + str(get_requester_ip(request)) failed_attempts = r.get(key) if failed_attempts is not None and int( failed_attempts) > daconfig['attempt limit']: abort(404) verification_key = 'da:phonelogin:'******':code' verification_code = r.get(verification_key) #r.delete(verification_key) supplied_verification_code = re.sub(r'[^0-9]', '', self.verification_code.data) logmessage("Supplied code is " + str(supplied_verification_code)) if verification_code is None: logmessage("Verification code with " + str(verification_key) + " is None") result = False elif verification_code.decode() != supplied_verification_code: logmessage("Verification code with " + str(verification_key) + " which is " + str(verification_code.decode()) + " does not match supplied code, which is " + str(self.verification_code.data)) result = False else: logmessage("Code matched") if result is False: logmessage("Problem with form") r.incr(key) r.expire(key, 86400) elif failed_attempts is not None: r.delete(key) return result
def validate(self): #import redis #import docassemble.base.util from docassemble.webapp.daredis import r from docassemble.base.logger import logmessage from flask import request, abort result = True #r = redis.StrictRedis(host=docassemble.base.util.redis_server, db=0) key = 'da:failedlogin:ip:' + str(request.remote_addr) failed_attempts = r.get(key) if failed_attempts is not None and int(failed_attempts) > daconfig['attempt limit']: abort(404) verification_key = 'da:phonelogin:'******':code' verification_code = r.get(verification_key) #r.delete(verification_key) supplied_verification_code = re.sub(r'[^0-9]', '', self.verification_code.data) logmessage("Supplied code is " + str(supplied_verification_code)) if verification_code is None: logmessage("Verification code with " + str(verification_key) + " is None") result = False elif verification_code != supplied_verification_code: logmessage("Verification code with " + str(verification_key) + " which is " + str(verification_code) + " does not match supplied code, which is " + str(self.verification_code.data)) result = False else: logmessage("Code matched") if result is False: logmessage("Problem with form") r.incr(key) r.expire(key, 86400) elif failed_attempts is not None: r.delete(key) return result
def validate(self): from docassemble.webapp.daredis import r from docassemble.base.logger import logmessage from flask import request, abort result = True key = 'da:failedlogin:ip:' + str(request.remote_addr) failed_attempts = r.get(key) if failed_attempts is not None and int(failed_attempts) > daconfig['attempt limit']: abort(404) verification_key = 'da:phonelogin:'******':code' verification_code = r.get(verification_key) #r.delete(verification_key) supplied_verification_code = re.sub(r'[^0-9]', '', self.verification_code.data) logmessage("Supplied code is " + str(supplied_verification_code)) if verification_code is None: logmessage("Verification code with " + str(verification_key) + " is None") result = False elif verification_code.decode() != supplied_verification_code: logmessage("Verification code with " + str(verification_key) + " which is " + str(verification_code.decode()) + " does not match supplied code, which is " + str(self.verification_code.data)) result = False else: logmessage("Code matched") if result is False: logmessage("Problem with form") r.incr(key) r.expire(key, 86400) elif failed_attempts is not None: r.delete(key) return result
def validate(self): #import redis from docassemble.webapp.daredis import r #import docassemble.base.util from flask import request, abort #r = redis.StrictRedis(host=docassemble.base.util.redis_server, db=0) key = 'da:failedlogin:ip:' + str(request.remote_addr) failed_attempts = r.get(key) if failed_attempts is not None and int( failed_attempts) > daconfig['attempt limit']: abort(404) if daconfig['ldap login'].get('enable', False): ldap_server = daconfig['ldap login'].get('server', 'localhost').strip() username = self.email.data password = self.password.data connect = ldap.open(ldap_server) try: connect.simple_bind_s(username, password) connect.unbind_s() from flask import current_app user_manager = current_app.user_manager user, user_email = user_manager.find_user_by_email( self.email.data) if not user: from docassemble.base.generate_key import random_alphanumeric from docassemble.webapp.db_object import db from docassemble.webapp.users.models import UserModel, Role while True: new_social = 'ldap$' + random_alphanumeric(32) existing_user = UserModel.query.filter_by( social_id=new_social).first() if existing_user: continue break user = UserModel(social_id=new_social, email=self.email.data, nickname='', active=True) user_role = Role.query.filter_by(name='user').first() user.roles.append(user_role) db.session.add(user) db.session.commit() result = True except ldap.LDAPError: connect.unbind_s() result = super(MySignInForm, self).validate() else: result = super(MySignInForm, self).validate() if result is False: r.incr(key) r.expire(key, daconfig['ban period']) elif failed_attempts is not None: r.delete(key) return result
def validate(self): key = 'da:failedlogin:ip:' + str(get_requester_ip(request)) failed_attempts = r.get(key) if failed_attempts is not None and int( failed_attempts) > daconfig['attempt limit']: abort(404) if daconfig['ldap login'].get('enable', False): ldap_server = daconfig['ldap login'].get('server', 'localhost').strip() username = self.email.data password = self.password.data connect = ldap.initialize('ldap://' + ldap_server) connect.set_option(ldap.OPT_REFERRALS, 0) try: connect.simple_bind_s(username, password) if connect.whoami_s() is not None: connect.unbind_s() user_manager = current_app.user_manager user, user_email = user_manager.find_user_by_email( self.email.data) if not user: while True: new_social = 'ldap$' + random_alphanumeric(32) existing_user = db.session.execute( select(UserModel).filter_by( social_id=new_social)).scalar() if existing_user: continue break user = UserModel(social_id=new_social, email=self.email.data, nickname='', active=True) user_role = db.session.execute( select(Role).filter_by(name='user')).scalar_one() user.roles.append(user_role) db.session.add(user) db.session.commit() result = True else: connect.unbind_s() result = super().validate() except (ldap.LDAPError, ldap.INVALID_CREDENTIALS): connect.unbind_s() result = super().validate() else: user_manager = current_app.user_manager user, user_email = user_manager.find_user_by_email(self.email.data) if user is None: if daconfig.get('confirm registration', False): self.email.errors = [] self.email.errors.append( word("Incorrect Email and/or Password")) self.password.errors = [] self.password.errors.append( word("Incorrect Email and/or Password")) else: self.email.errors = list(self.email.errors) self.email.errors.append(word("Account did not exist.")) return False if user and (user.password is None or (user.social_id is not None and not user.social_id.startswith('local$'))): self.email.errors = list(self.email.errors) if user.social_id.startswith('google$'): self.email.errors.append( word("You need to log in with Google.")) elif user.social_id.startswith('azure$'): self.email.errors.append( word("You need to log in with Azure.")) elif user.social_id.startswith('auth0$'): self.email.errors.append( word("You need to log in with Auth0.")) elif user.social_id.startswith('twitter$'): self.email.errors.append( word("You need to log in with Twitter.")) elif user.social_id.startswith('facebook$'): self.email.errors.append( word("You need to log in with Facebook.")) else: self.email.errors.append( word("You cannot log in this way.")) return False #sys.stderr.write("Trying super validate\n") result = super().validate() #sys.stderr.write("Super validate response was " + repr(result) + "\n") if result is False: r.incr(key) r.expire(key, daconfig['ban period']) elif failed_attempts is not None: r.delete(key) return result
def validate(self): from docassemble.webapp.daredis import r from flask import request, abort key = 'da:failedlogin:ip:' + str(request.remote_addr) failed_attempts = r.get(key) if failed_attempts is not None and int( failed_attempts) > daconfig['attempt limit']: abort(404) if daconfig['ldap login'].get('enable', False): ldap_server = daconfig['ldap login'].get('server', 'localhost').strip() username = self.email.data password = self.password.data connect = ldap.open(ldap_server) try: connect.simple_bind_s(username, password) connect.unbind_s() from flask import current_app user_manager = current_app.user_manager user, user_email = user_manager.find_user_by_email( self.email.data) if not user: from docassemble.base.generate_key import random_alphanumeric from docassemble.webapp.db_object import db from docassemble.webapp.users.models import UserModel, Role while True: new_social = 'ldap$' + random_alphanumeric(32) existing_user = UserModel.query.filter_by( social_id=new_social).first() if existing_user: continue break user = UserModel(social_id=new_social, email=self.email.data, nickname='', active=True) user_role = Role.query.filter_by(name='user').first() user.roles.append(user_role) db.session.add(user) db.session.commit() result = True except ldap.LDAPError: connect.unbind_s() result = super(MySignInForm, self).validate() else: from flask import current_app user_manager = current_app.user_manager user, user_email = user_manager.find_user_by_email(self.email.data) if user is None: return False if user and (user.password is None or (user.social_id is not None and not user.social_id.startswith('local$'))): self.email.errors = list(self.email.errors) if user.social_id.startswith('google$'): self.email.errors.append( word("You need to log in with Google.")) elif user.social_id.startswith('azure$'): self.email.errors.append( word("You need to log in with Azure.")) elif user.social_id.startswith('auth0$'): self.email.errors.append( word("You need to log in with Auth0.")) elif user.social_id.startswith('twitter$'): self.email.errors.append( word("You need to log in with Twitter.")) elif user.social_id.startswith('facebook$'): self.email.errors.append( word("You need to log in with Facebook.")) else: self.email.errors.append( word("You cannot log in this way.")) return False #sys.stderr.write("Trying super validate\n") result = super(MySignInForm, self).validate() #sys.stderr.write("Super validate response was " + repr(result) + "\n") if result is False: r.incr(key) r.expire(key, daconfig['ban period']) elif failed_attempts is not None: r.delete(key) return result
def validate(self): from docassemble.webapp.daredis import r from flask import request, abort key = 'da:failedlogin:ip:' + str(request.remote_addr) failed_attempts = r.get(key) if failed_attempts is not None and int(failed_attempts) > daconfig['attempt limit']: abort(404) if daconfig['ldap login'].get('enable', False): ldap_server = daconfig['ldap login'].get('server', 'localhost').strip() username = self.email.data password = self.password.data connect = ldap.open(ldap_server) try: connect.simple_bind_s(username, password) connect.unbind_s() from flask import current_app user_manager = current_app.user_manager user, user_email = user_manager.find_user_by_email(self.email.data) if not user: from docassemble.base.generate_key import random_alphanumeric from docassemble.webapp.db_object import db from docassemble.webapp.users.models import UserModel, Role while True: new_social = 'ldap$' + random_alphanumeric(32) existing_user = UserModel.query.filter_by(social_id=new_social).first() if existing_user: continue break user = UserModel(social_id=new_social, email=self.email.data, nickname='', active=True) user_role = Role.query.filter_by(name='user').first() user.roles.append(user_role) db.session.add(user) db.session.commit() result = True except ldap.LDAPError: connect.unbind_s() result = super(MySignInForm, self).validate() else: from flask import current_app user_manager = current_app.user_manager user, user_email = user_manager.find_user_by_email(self.email.data) if user is None: return False if user and (user.password is None or (user.social_id is not None and not user.social_id.startswith('local$'))): self.email.errors = list(self.email.errors) if user.social_id.startswith('google$'): self.email.errors.append(word("You need to log in with Google.")) elif user.social_id.startswith('azure$'): self.email.errors.append(word("You need to log in with Azure.")) elif user.social_id.startswith('auth0$'): self.email.errors.append(word("You need to log in with Auth0.")) elif user.social_id.startswith('twitter$'): self.email.errors.append(word("You need to log in with Twitter.")) elif user.social_id.startswith('facebook$'): self.email.errors.append(word("You need to log in with Facebook.")) else: self.email.errors.append(word("You cannot log in this way.")) return False #sys.stderr.write("Trying super validate\n") result = super(MySignInForm, self).validate() #sys.stderr.write("Super validate response was " + repr(result) + "\n") if result is False: r.incr(key) r.expire(key, daconfig['ban period']) elif failed_attempts is not None: r.delete(key) return result