def clean(self):
username = self.cleaned_data.get("username")
password = self.cleaned_data.get("password")
if username and password:
if not check_rate_limit("login", self.request):
raise forms.ValidationError(
_("Too many authentication attempts from this location."))
self.user_cache = authenticate(self.request,
username=username,
password=password)
if self.user_cache is None:
for user in try_get_user(username, True):
audit = AuditLog.objects.create(
user,
self.request,
"failed-auth",
method="password",
name=username,
)
audit.check_rate_limit(self.request)
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages["invalid_login"], code="invalid_login")
if not self.user_cache.is_active:
raise forms.ValidationError(self.error_messages["inactive"],
code="inactive")
AuditLog.objects.create(self.user_cache,
self.request,
"login",
method="password",
name=username)
adjust_session_expiry(self.request)
reset_rate_limit("login", self.request)
return self.cleaned_data
def notify_connect(strategy,
backend,
user,
social,
new_association=False,
is_new=False,
**kwargs):
"""Notify about adding new link."""
if user and not is_new:
if new_association:
action = "auth-connect"
else:
action = "login"
adjust_session_expiry(strategy.request)
AuditLog.objects.create(
user,
strategy.request,
action,
method=backend.name,
name=social.uid,
)
# Remove partial pipeline
session = strategy.request.session
if PARTIAL_TOKEN_SESSION_NAME in session:
strategy.really_clean_partial_pipeline(
session[PARTIAL_TOKEN_SESSION_NAME])
def __call__(self, request):
# Django uses lazy object here, but we need the user in pretty
# much every request, so there is no reason to delay this
request.user = user = get_user(request)
# Get language to use in this request
if user.is_authenticated and user.profile.language:
language = user.profile.language
else:
language = get_language_from_request(request)
# Extend session expiry for authenticated users
if user.is_authenticated:
adjust_session_expiry(request)
# Based on django.middleware.locale.LocaleMiddleware
activate(language)
request.LANGUAGE_CODE = get_language()
# Invoke the request
response = self.get_response(request)
# Update the language cookie if needed
if user.is_authenticated and user.profile.language != request.COOKIES.get(
settings.LANGUAGE_COOKIE_NAME):
set_lang_cookie(response, user.profile)
return response
def clean(self):
username = self.cleaned_data.get("username")
password = self.cleaned_data.get("password")
if username and password:
if not check_rate_limit("login", self.request):
lockout_period = get_rate_setting("login", "LOCKOUT") // 60
raise forms.ValidationError(
ngettext(
(
"Too many authentication attempts from this location. "
"Please try again in %d minute."
),
(
"Too many authentication attempts from this location. "
"Please try again in %d minutes."
),
lockout_period,
)
% lockout_period
)
self.user_cache = authenticate(
self.request, username=username, password=password
)
if self.user_cache is None:
for user in try_get_user(username, True):
audit = AuditLog.objects.create(
user,
self.request,
"failed-auth",
method="password",
name=username,
)
audit.check_rate_limit(self.request)
rotate_token(self.request)
raise forms.ValidationError(
self.error_messages["invalid_login"], code="invalid_login"
)
if not self.user_cache.is_active or self.user_cache.is_bot:
raise forms.ValidationError(
self.error_messages["inactive"], code="inactive"
)
AuditLog.objects.create(
self.user_cache, self.request, "login", method="password", name=username
)
adjust_session_expiry(self.request)
reset_rate_limit("login", self.request)
return self.cleaned_data
def notify_connect(
strategy,
details,
backend,
user,
social,
new_association=False,
is_new=False,
**kwargs,
):
"""Notify about adding new link."""
# Adjust possibly pending email confirmation audit logs
AuditLog.objects.filter(
user=get_anonymous(),
activity="sent-email",
params={
"email": details["email"]
},
).update(user=user)
if user and not is_new:
if new_association:
action = "auth-connect"
else:
action = "login"
adjust_session_expiry(strategy.request)
AuditLog.objects.create(
user,
strategy.request,
action,
method=backend.name,
name=social.uid,
)
# Remove partial pipeline
session = strategy.request.session
if PARTIAL_TOKEN_SESSION_NAME in session:
strategy.really_clean_partial_pipeline(
session[PARTIAL_TOKEN_SESSION_NAME])
