def ask_user_for_permission(request): """ :param request: :param user: :param subacc: :return: """ if 'device_ask_permission' in request.session: ask_count = int(request.session['device_ask_permission']['count']) else: ask_count = 0 ask_count += 1 if 'device_permission' in request.session: device_id = request.session['device_permission']['subacc'] user_email = request.session['device_permission']['user'] if settings.DEBUG: print("User: "******"Device:", device_id) print("Ask Count:", ask_count) user = get_user_model().objects.get(email=user_email) device = Device.objects.get(pk=device_id) else: if settings.DEBUG: print("Not passed from Sub-account Login correctly") messages.error(request, "Unable to Check Permission") return HttpResponseRedirect(reverse("api:home")) # Check the number of attempts to get permission # DONE: Check ask_permission count against settings. if settings.DEVICE_PERMISSION_COUNT: max_count = settings.DEVICE_PERMISSION_COUNT else: # Set a default max_count = 3 if max_count > 0: # We need to check the number of attempts if ask_count > max_count: # Set subacc as used # set message # return to api:home device.set_used() # now we can clear down the count request.session['device_ask_permission'] = {} messages.error( request, "Too many permission attempts. " "This Sub-Account is locked. " "The account owner will need to reset " "this Sub-account") return HttpResponseRedirect(reverse("api:home")) # Now to Ask for Permission if settings.DEBUG: print("Entering apps.subacc.views.Ask_User_For_Permission") print("request.user:"******"request.session:", request.session) print("user passed via session:", user) print("subacc passed via session:", device) # We need to work out the user and subacc # should be able to use request.session # DONE: Create Ask User For Permission # DONE: Create Form and View to get permission # DONE: Add view to urls.py.py if request.POST: form = Question_Form(request.POST) if form.is_valid(): if Check_Answer(user, form.cleaned_data['question'], form.cleaned_data['answer']): # True is good. False is BAD # Finish the login process # Also have to set subacc.permitted to True permitted_result = Device_Set_To_Permitted(device) # DONE: Set subacc.used = True used_result = device.set_used() if settings.DEBUG: print("subacc is now permitted?:", permitted_result) print("subacc in set to used:", used_result) User_Model = get_user_model() user = User_Model.objects.get(email=device.user) user.backend = 'django.contrib.auth.backends.ModelBackend' # fix for user.backend attribute if settings.DEBUG: print("User_Model:", User_Model) print("user:"******"ET": # msg = PERM_MSG0 + user.email + PERM_MSG1 + subacc.subacc + PERM_MSG2 subject = "Device Connected to " + settings.APPLICATION_TITLE if user.notify_activity in "ET": send_activity_message( request, user, subject, template= "accounts/messages/device_permission_email", context={ 'subacc': device.device, 'email_mask': email_mask(user.email) }, ) # Otherwise don't send a message django_login(request, user) session_set = session_device(request, device.device) # DONE: Record Access in DeviceAccessLog dal_result = Post_Device_Access(request, device, action="PERMISSION") if settings.DEBUG: print("Post to Device Access Log:", dal_result) # CLEAR DOWN THE REQUEST.SESSION VARIABLE request.session['device_permission'] = {} request.session['device_ask_permission'] = {} if settings.DEBUG: print("User:"******"Sessions:", request.session) return HttpResponseRedirect(reverse("api:home")) else: # Failed - Go back to Login messages.error(request, "Sorry - that was the wrong answer") Post_Device_Access(request, device, action="WRONG") # DONE: increment counter in request.session request.session['device_ask_permission'] = {'count': ask_count} # DONE: Record Access in DeviceAccessLog return HttpResponseRedirect(reverse('subaccount:device_login')) else: messages.error(request, "I am sorry = there was a problem") render(request, 'subacc/subaccount_permission.html', { 'form': form, 'question': form['question'] }) else: print("In the GET - about to render question form") question = Get_Question(request, user) print("Got from Get_Question:", question[1]) form = Question_Form(initial={'question': question[1]}) if settings.DEBUG: print("Question to ask:", question) return render( request, 'subacc/subaccount_permission.html', { 'form': form, 'question': question, 'subacc': device }, )
def sms_login(request, *args, **kwargs): # Check session variables to find information carried forward. access_field = settings.USERNAME_FIELD # This is the key field name. Probably username or email if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" if settings.DEBUG: # print(request.GET) print("SMS_LOGIN.GET:", access_field, ":[%s]" % (access_key)) # print(request.POST) print(args) print(kwargs) next = "" # Passing next parameter through to form if request.GET: if 'next' in request.GET: next = request.GET['next'] next = request.get_full_path().split('next=')[1] if settings.DEBUG: print("We got a next value of:", next) print("full path = ", request.get_full_path()) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST[access_field]) # form = SMSCodeForm(request.POST) # form.username = request.POST['username'] request.session[access_field] = request.POST[access_field] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): print("Authenticating...") access_key = form.cleaned_data[access_field] # .lower() password = form.cleaned_data['password'] # .lower() sms_code = form.cleaned_data['sms_code'] if not validate_sms(access_key=access_key, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login.html', {'form': AuthenticationForm(), 'next': next}, RequestContext(request)) # DONE: Trying to handle LDAP Errors. eg. Not available try: user = authenticate(username=access_key, password=password) except (ldap3.LDAPBindError, ldap3.LDAPSASLPrepError, ldap3.LDAPSocketOpenError): print("We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError), "\nSASL Prep:", ldap3.LDAPSASLPrepError, "\nSocketOpenError:",ldap3.LDAPSocketOpenError) messages.error(request, "We had a problem reaching the Directory Server") return render_to_response('accounts/login.html', {'next': next}, RequestContext(request)) ####### if user is not None: if user.is_active: django_login(request, user) # DONE: Set a session variable to identify as # master account and not a subacc session_device(request, "True", Session="auth_master") # DONE: Now Send a message on login if user.notify_activity in "ET": send_activity_message(request, user) # Otherwise don't send a message if next != "": if settings.DEBUG: print("About to redirect to:", next ) print("QUERY_DICT:", dict(request.POST.items())) print("but what about kwargs", kwargs) return HttpResponseRedirect(next) else: return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") args = {'next': next} return HttpResponseRedirect(reverse('sms_code', args)) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', {'form': AuthenticationForm(), 'next': next}, RequestContext(request)) else: print("Error with the POST form", ) return render_to_response('accounts/login.html', {'form': form, 'next': next}, RequestContext(request)) else: if access_field in request.session: access_key = request.session[access_field] else: access_key = "" if settings.DEBUG: print("in sms_login. Setting up Form [", access_key, "]") form = AuthenticationForm(initial={access_field: access_key}) if settings.DEBUG: # print(form) print("Dropping to render_to_response in sms_login") return render_to_response('accounts/login.html', {'form': form, 'next': next}, RequestContext(request))
def ask_user_for_permission(request): """ :param request: :param user: :param subacc: :return: """ if 'device_ask_permission' in request.session: ask_count = int(request.session['device_ask_permission']['count']) else: ask_count = 0 ask_count += 1 if 'device_permission' in request.session: device_id = request.session['device_permission']['subacc'] user_email = request.session['device_permission']['user'] if settings.DEBUG: print("User: "******"Device:", device_id) print("Ask Count:", ask_count) user = get_user_model().objects.get(email=user_email) device = Device.objects.get(pk=device_id) else: if settings.DEBUG: print("Not passed from Sub-account Login correctly") messages.error(request, "Unable to Check Permission") return HttpResponseRedirect(reverse("api:home")) # Check the number of attempts to get permission # DONE: Check ask_permission count against settings. if settings.DEVICE_PERMISSION_COUNT: max_count = settings.DEVICE_PERMISSION_COUNT else: # Set a default max_count = 3 if max_count > 0: # We need to check the number of attempts if ask_count > max_count: # Set subacc as used # set message # return to api:home device.set_used() # now we can clear down the count request.session['device_ask_permission'] = {} messages.error(request, "Too many permission attempts. " "This Sub-Account is locked. " "The account owner will need to reset " "this Sub-account") return HttpResponseRedirect(reverse("api:home")) # Now to Ask for Permission if settings.DEBUG: print("Entering apps.subacc.views.Ask_User_For_Permission") print("request.user:"******"request.session:", request.session) print("user passed via session:", user ) print("subacc passed via session:", device) # We need to work out the user and subacc # should be able to use request.session # DONE: Create Ask User For Permission # DONE: Create Form and View to get permission # DONE: Add view to urls.py.py if request.POST: form = Question_Form(request.POST) if form.is_valid(): if Check_Answer(user, form.cleaned_data['question'], form.cleaned_data['answer']): # True is good. False is BAD # Finish the login process # Also have to set subacc.permitted to True permitted_result = Device_Set_To_Permitted(device) # DONE: Set subacc.used = True used_result = device.set_used() if settings.DEBUG: print("subacc is now permitted?:", permitted_result) print("subacc in set to used:", used_result) User_Model = get_user_model() user = User_Model.objects.get(email=device.user) user.backend = 'django.contrib.auth.backends.ModelBackend' # fix for user.backend attribute if settings.DEBUG: print("User_Model:", User_Model) print("user:"******"ET": # msg = PERM_MSG0 + user.email + PERM_MSG1 + subacc.subacc + PERM_MSG2 subject = "Device Connected to " + settings.APPLICATION_TITLE if user.notify_activity in "ET": send_activity_message(request, user, subject, template="accounts/messages/device_permission_email", context={'subacc':device.device, 'email_mask':email_mask(user.email)}, ) # Otherwise don't send a message django_login(request, user) session_set = session_device(request, device.device) # DONE: Record Access in DeviceAccessLog dal_result = Post_Device_Access(request, device, action="PERMISSION") if settings.DEBUG: print("Post to Device Access Log:", dal_result) # CLEAR DOWN THE REQUEST.SESSION VARIABLE request.session['device_permission'] = {} request.session['device_ask_permission'] = {} if settings.DEBUG: print("User:"******"Sessions:", request.session ) return HttpResponseRedirect(reverse("api:home")) else: # Failed - Go back to Login messages.error(request, "Sorry - that was the wrong answer") Post_Device_Access(request, device, action="WRONG") # DONE: increment counter in request.session request.session['device_ask_permission'] = {'count': ask_count} # DONE: Record Access in DeviceAccessLog return HttpResponseRedirect(reverse('subaccount:device_login')) else: messages.error(request,"I am sorry = there was a problem") render(request, 'subacc/subaccount_permission.html', {'form': form, 'question': form['question']}) else: print("In the GET - about to render question form") question = Get_Question(request, user) print("Got from Get_Question:",question[1]) form = Question_Form(initial={'question': question[1]}) if settings.DEBUG: print("Question to ask:", question) return render(request, 'subacc/subaccount_permission.html', {'form': form, 'question': question, 'subacc': device}, )
def sms_login(request, *args, **kwargs): # Check session variables to find information carried forward. access_field = settings.USERNAME_FIELD # This is the key field name. Probably username or email if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" if settings.DEBUG: # print(request.GET) print("SMS_LOGIN.GET:", access_field, ":[%s]" % (access_key)) # print(request.POST) print(args) print(kwargs) next = "" # Passing next parameter through to form if request.GET: if 'next' in request.GET: next = request.GET['next'] next = request.get_full_path().split('next=')[1] if settings.DEBUG: print("We got a next value of:", next) print("full path = ", request.get_full_path()) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST[access_field]) # form = SMSCodeForm(request.POST) # form.username = request.POST['username'] request.session[access_field] = request.POST[access_field] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): print("Authenticating...") access_key = form.cleaned_data[access_field] # .lower() password = form.cleaned_data['password'] # .lower() sms_code = form.cleaned_data['sms_code'] if not validate_sms(access_key=access_key, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login.html', { 'form': AuthenticationForm(), 'next': next }, RequestContext(request)) # DONE: Trying to handle LDAP Errors. eg. Not available try: user = authenticate(username=access_key, password=password) except (ldap3.LDAPBindError, ldap3.LDAPSASLPrepError, ldap3.LDAPSocketOpenError): print("We got an LDAP Error - Bind:", dir(ldap3.LDAPBindError), "\nSASL Prep:", ldap3.LDAPSASLPrepError, "\nSocketOpenError:", ldap3.LDAPSocketOpenError) messages.error( request, "We had a problem reaching the Directory Server") return render_to_response('accounts/login.html', {'next': next}, RequestContext(request)) ####### if user is not None: if user.is_active: django_login(request, user) # DONE: Set a session variable to identify as # master account and not a subacc session_device(request, "True", Session="auth_master") # DONE: Now Send a message on login if user.notify_activity in "ET": send_activity_message(request, user) # Otherwise don't send a message if next != "": if settings.DEBUG: print("About to redirect to:", next) print("QUERY_DICT:", dict(request.POST.items())) print("but what about kwargs", kwargs) return HttpResponseRedirect(next) else: return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") args = {'next': next} return HttpResponseRedirect(reverse('sms_code', args)) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', { 'form': AuthenticationForm(), 'next': next }, RequestContext(request)) else: print("Error with the POST form", ) return render_to_response('accounts/login.html', { 'form': form, 'next': next }, RequestContext(request)) else: if access_field in request.session: access_key = request.session[access_field] else: access_key = "" if settings.DEBUG: print("in sms_login. Setting up Form [", access_key, "]") form = AuthenticationForm(initial={access_field: access_key}) if settings.DEBUG: # print(form) print("Dropping to render_to_response in sms_login") return render_to_response('accounts/login.html', { 'form': form, 'next': next }, RequestContext(request))
def sms_login(request, *args, **kwargs): if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" if settings.DEBUG: # print(request.GET) print("SMS_LOGIN.GET:email:[%s]" % (email)) # print(request.POST) print(args) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST['email']) # form = SMSCodeForm(request.POST) # form.email = request.POST['email'] request.session['email'] = request.POST['email'] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): # print("Authenticate") email = form.cleaned_data['email'].lower() password = form.cleaned_data['password'].lower() sms_code = form.cleaned_data['sms_code'] if not validate_sms(username=email, smscode=sms_code): messages.error(request, "Invalid Access Code.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) # DONE: Trying to handle LDAP Errors. eg. Not available try: user = authenticate(username=email, password=password) except (ldap3.LDAPBindError, ldap3.LDAPSASLPrepError, ldap3.LDAPSocketOpenError): print("We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError), "\nSASL Prep:", ldap3.LDAPSASLPrepError, "\nSocketOpenError:",ldap3.LDAPSocketOpenError) messages.error(request, "We had a problem reaching the Directory Server") return render_to_response('accounts/login.html', RequestContext(request)) ####### if user is not None: if user.is_active: django_login(request, user) # DONE: Set a session variable to identify as # master account and not a subacc session_device(request, "True", Session="auth_master") # DONE: Now Send a message on login if user.notify_activity in "ET": send_activity_message(request, user) # Otherwise don't send a message return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") return HttpResponseRedirect(reverse('sms_code')) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) else: return render_to_response('accounts/login.html', {'form': form}, RequestContext(request)) else: if 'email' in request.session: email = request.session['email'] else: email = "" if settings.DEBUG: print("in sms_login. Setting up Form [", email, "]") form = AuthenticationForm(initial={'email': email, }) if settings.DEBUG: # print(form) print("Dropping to render_to_response in sms_login") return render_to_response('accounts/login.html', {'form': form}, RequestContext(request))
def sms_login(request, *args, **kwargs): # Step 2 of the login process. if settings.USERNAME_FIELD in request.session: if request.session[settings.USERNAME_FIELD] != "": key_field = request.session[settings.USERNAME_FIELD] else: key_field = "" else: key_field = "" if settings.DEBUG: # print(request.GET) print("SMS_LOGIN.GET:%s:[%s]" % (settings.USERNAME_FIELD, key_field)) # print(request.POST) print("args:", args) if request.method == 'POST': form = AuthenticationForm(request.POST) if request.POST['login'].lower() == 'resend code': if settings.DEBUG: print("Resending Code for %s" % request.POST[settings.USERNAME_FIELD]) # form = SMSCodeForm(request.POST) # form.email = request.POST['email'] request.session[settings.USERNAME_FIELD] = request.POST[settings.USERNAME_FIELD] return HttpResponseRedirect(reverse('accounts:sms_code')) if form.is_valid(): print("Authenticating...") key_field = form.cleaned_data[settings.USERNAME_FIELD].lower() password = form.cleaned_data['password'].lower() sms_code = form.cleaned_data['sms_code'] if settings.DEBUG: print("working with ", key_field) if not validate_sms(username=key_field, smscode=sms_code): messages.error(request, "Invalid Access Code.") if settings.DEBUG: print("Going to sms_login loop back") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) # DONE: Trying to handle LDAP Errors. eg. Not available check = User.objects.get(user=key_field) if settings.DEBUG: print("checking with ", key_field, "/", check) try: # user = authenticate(user=key_field, password=password) user = authenticate(email=check.email, password=password) if settings.DEBUG: print("Authenticated User:"******"We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError), "\nSASL Prep:", ldap3.LDAPSASLPrepError, "\nSocketOpenError:",ldap3.LDAPSocketOpenError) messages.error(request, "We had a problem reaching the Directory Server") return render_to_response('accounts/login.html', RequestContext(request)) ####### if settings.DEBUG: print("authentication with", user) if user is not None: if user.is_active: django_login(request, user) # DONE: Set a session variable to identify as # master account and not a subacc # session_device(request, # "True", # Session="auth_master") # DONE: Now Send a message on login request.session['auth_master']= "True" if user.notify_activity in "ET": send_activity_message(request, user) # Otherwise don't send a message return HttpResponseRedirect(reverse('home')) else: messages.error(request, "Your account is not active.") return HttpResponseRedirect(reverse('sms_code')) else: messages.error(request, "Invalid username or password.") return render_to_response('accounts/login.html', {'form': AuthenticationForm()}, RequestContext(request)) else: return render_to_response('accounts/login.html', {'form': form}, RequestContext(request)) else: if settings.USERNAME_FIELD in request.session: key_field = request.session[settings.USERNAME_FIELD] else: key_field = "" if settings.DEBUG: print("in sms_login. Setting up Form [", settings.USERNAME_FIELD, "]") form = AuthenticationForm(initial={settings.USERNAME_FIELD: key_field, }) if settings.DEBUG: # print(form) print("Dropping to render_to_response in sms_login") return render_to_response('accounts/login.html', {'form': form}, RequestContext(request))