def ask_user_for_permission(request):
"""
:param request:
:param user:
:param subacc:
:return:
"""
if 'device_ask_permission' in request.session:
ask_count = int(request.session['device_ask_permission']['count'])
else:
ask_count = 0
ask_count += 1
if 'device_permission' in request.session:
device_id = request.session['device_permission']['subacc']
user_email = request.session['device_permission']['user']
if settings.DEBUG:
print("User: "******"Device:", device_id)
print("Ask Count:", ask_count)
user = get_user_model().objects.get(email=user_email)
device = Device.objects.get(pk=device_id)
else:
if settings.DEBUG:
print("Not passed from Sub-account Login correctly")
messages.error(request, "Unable to Check Permission")
return HttpResponseRedirect(reverse("api:home"))
# Check the number of attempts to get permission
# DONE: Check ask_permission count against settings.
if settings.DEVICE_PERMISSION_COUNT:
max_count = settings.DEVICE_PERMISSION_COUNT
else:
# Set a default
max_count = 3
if max_count > 0:
# We need to check the number of attempts
if ask_count > max_count:
# Set subacc as used
# set message
# return to api:home
device.set_used()
# now we can clear down the count
request.session['device_ask_permission'] = {}
messages.error(
request, "Too many permission attempts. "
"This Sub-Account is locked. "
"The account owner will need to reset "
"this Sub-account")
return HttpResponseRedirect(reverse("api:home"))
# Now to Ask for Permission
if settings.DEBUG:
print("Entering apps.subacc.views.Ask_User_For_Permission")
print("request.user:"******"request.session:", request.session)
print("user passed via session:", user)
print("subacc passed via session:", device)
# We need to work out the user and subacc
# should be able to use request.session
# DONE: Create Ask User For Permission
# DONE: Create Form and View to get permission
# DONE: Add view to urls.py.py
if request.POST:
form = Question_Form(request.POST)
if form.is_valid():
if Check_Answer(user, form.cleaned_data['question'],
form.cleaned_data['answer']):
# True is good. False is BAD
# Finish the login process
# Also have to set subacc.permitted to True
permitted_result = Device_Set_To_Permitted(device)
# DONE: Set subacc.used = True
used_result = device.set_used()
if settings.DEBUG:
print("subacc is now permitted?:", permitted_result)
print("subacc in set to used:", used_result)
User_Model = get_user_model()
user = User_Model.objects.get(email=device.user)
user.backend = 'django.contrib.auth.backends.ModelBackend'
# fix for user.backend attribute
if settings.DEBUG:
print("User_Model:", User_Model)
print("user:"******"ET":
# msg = PERM_MSG0 + user.email + PERM_MSG1 + subacc.subacc + PERM_MSG2
subject = "Device Connected to " + settings.APPLICATION_TITLE
if user.notify_activity in "ET":
send_activity_message(
request,
user,
subject,
template=
"accounts/messages/device_permission_email",
context={
'subacc': device.device,
'email_mask': email_mask(user.email)
},
)
# Otherwise don't send a message
django_login(request, user)
session_set = session_device(request, device.device)
# DONE: Record Access in DeviceAccessLog
dal_result = Post_Device_Access(request,
device,
action="PERMISSION")
if settings.DEBUG:
print("Post to Device Access Log:", dal_result)
# CLEAR DOWN THE REQUEST.SESSION VARIABLE
request.session['device_permission'] = {}
request.session['device_ask_permission'] = {}
if settings.DEBUG:
print("User:"******"Sessions:", request.session)
return HttpResponseRedirect(reverse("api:home"))
else:
# Failed - Go back to Login
messages.error(request, "Sorry - that was the wrong answer")
Post_Device_Access(request, device, action="WRONG")
# DONE: increment counter in request.session
request.session['device_ask_permission'] = {'count': ask_count}
# DONE: Record Access in DeviceAccessLog
return HttpResponseRedirect(reverse('subaccount:device_login'))
else:
messages.error(request, "I am sorry = there was a problem")
render(request, 'subacc/subaccount_permission.html', {
'form': form,
'question': form['question']
})
else:
print("In the GET - about to render question form")
question = Get_Question(request, user)
print("Got from Get_Question:", question[1])
form = Question_Form(initial={'question': question[1]})
if settings.DEBUG:
print("Question to ask:", question)
return render(
request,
'subacc/subaccount_permission.html',
{
'form': form,
'question': question,
'subacc': device
},
)
def sms_login(request, *args, **kwargs):
# Check session variables to find information carried forward.
access_field = settings.USERNAME_FIELD
# This is the key field name. Probably username or email
if access_field in request.session:
if request.session[access_field] != "":
access_key = request.session[access_field]
else:
access_key = ""
else:
access_key = ""
if settings.DEBUG:
# print(request.GET)
print("SMS_LOGIN.GET:", access_field, ":[%s]" % (access_key))
# print(request.POST)
print(args)
print(kwargs)
next = ""
# Passing next parameter through to form
if request.GET:
if 'next' in request.GET:
next = request.GET['next']
next = request.get_full_path().split('next=')[1]
if settings.DEBUG:
print("We got a next value of:", next)
print("full path = ", request.get_full_path())
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST[access_field])
# form = SMSCodeForm(request.POST)
# form.username = request.POST['username']
request.session[access_field] = request.POST[access_field]
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
print("Authenticating...")
access_key = form.cleaned_data[access_field] # .lower()
password = form.cleaned_data['password'] # .lower()
sms_code = form.cleaned_data['sms_code']
if not validate_sms(access_key=access_key, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm(),
'next': next},
RequestContext(request))
# DONE: Trying to handle LDAP Errors. eg. Not available
try:
user = authenticate(username=access_key, password=password)
except (ldap3.LDAPBindError,
ldap3.LDAPSASLPrepError,
ldap3.LDAPSocketOpenError):
print("We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError),
"\nSASL Prep:", ldap3.LDAPSASLPrepError,
"\nSocketOpenError:",ldap3.LDAPSocketOpenError)
messages.error(request, "We had a problem reaching the Directory Server")
return render_to_response('accounts/login.html', {'next': next},
RequestContext(request))
#######
if user is not None:
if user.is_active:
django_login(request, user)
# DONE: Set a session variable to identify as
# master account and not a subacc
session_device(request,
"True",
Session="auth_master")
# DONE: Now Send a message on login
if user.notify_activity in "ET":
send_activity_message(request,
user)
# Otherwise don't send a message
if next != "":
if settings.DEBUG:
print("About to redirect to:", next )
print("QUERY_DICT:", dict(request.POST.items()))
print("but what about kwargs", kwargs)
return HttpResponseRedirect(next)
else:
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
args = {'next': next}
return HttpResponseRedirect(reverse('sms_code', args))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm(),
'next': next},
RequestContext(request))
else:
print("Error with the POST form", )
return render_to_response('accounts/login.html',
{'form': form,
'next': next},
RequestContext(request))
else:
if access_field in request.session:
access_key = request.session[access_field]
else:
access_key = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", access_key, "]")
form = AuthenticationForm(initial={access_field: access_key})
if settings.DEBUG:
# print(form)
print("Dropping to render_to_response in sms_login")
return render_to_response('accounts/login.html', {'form': form,
'next': next},
RequestContext(request))
def ask_user_for_permission(request):
"""
:param request:
:param user:
:param subacc:
:return:
"""
if 'device_ask_permission' in request.session:
ask_count = int(request.session['device_ask_permission']['count'])
else:
ask_count = 0
ask_count += 1
if 'device_permission' in request.session:
device_id = request.session['device_permission']['subacc']
user_email = request.session['device_permission']['user']
if settings.DEBUG:
print("User: "******"Device:", device_id)
print("Ask Count:", ask_count)
user = get_user_model().objects.get(email=user_email)
device = Device.objects.get(pk=device_id)
else:
if settings.DEBUG:
print("Not passed from Sub-account Login correctly")
messages.error(request, "Unable to Check Permission")
return HttpResponseRedirect(reverse("api:home"))
# Check the number of attempts to get permission
# DONE: Check ask_permission count against settings.
if settings.DEVICE_PERMISSION_COUNT:
max_count = settings.DEVICE_PERMISSION_COUNT
else:
# Set a default
max_count = 3
if max_count > 0:
# We need to check the number of attempts
if ask_count > max_count:
# Set subacc as used
# set message
# return to api:home
device.set_used()
# now we can clear down the count
request.session['device_ask_permission'] = {}
messages.error(request, "Too many permission attempts. "
"This Sub-Account is locked. "
"The account owner will need to reset "
"this Sub-account")
return HttpResponseRedirect(reverse("api:home"))
# Now to Ask for Permission
if settings.DEBUG:
print("Entering apps.subacc.views.Ask_User_For_Permission")
print("request.user:"******"request.session:", request.session)
print("user passed via session:", user )
print("subacc passed via session:", device)
# We need to work out the user and subacc
# should be able to use request.session
# DONE: Create Ask User For Permission
# DONE: Create Form and View to get permission
# DONE: Add view to urls.py.py
if request.POST:
form = Question_Form(request.POST)
if form.is_valid():
if Check_Answer(user, form.cleaned_data['question'], form.cleaned_data['answer']):
# True is good. False is BAD
# Finish the login process
# Also have to set subacc.permitted to True
permitted_result = Device_Set_To_Permitted(device)
# DONE: Set subacc.used = True
used_result = device.set_used()
if settings.DEBUG:
print("subacc is now permitted?:", permitted_result)
print("subacc in set to used:", used_result)
User_Model = get_user_model()
user = User_Model.objects.get(email=device.user)
user.backend = 'django.contrib.auth.backends.ModelBackend'
# fix for user.backend attribute
if settings.DEBUG:
print("User_Model:", User_Model)
print("user:"******"ET":
# msg = PERM_MSG0 + user.email + PERM_MSG1 + subacc.subacc + PERM_MSG2
subject = "Device Connected to " + settings.APPLICATION_TITLE
if user.notify_activity in "ET":
send_activity_message(request,
user,
subject,
template="accounts/messages/device_permission_email",
context={'subacc':device.device,
'email_mask':email_mask(user.email)},
)
# Otherwise don't send a message
django_login(request, user)
session_set = session_device(request, device.device)
# DONE: Record Access in DeviceAccessLog
dal_result = Post_Device_Access(request, device, action="PERMISSION")
if settings.DEBUG:
print("Post to Device Access Log:", dal_result)
# CLEAR DOWN THE REQUEST.SESSION VARIABLE
request.session['device_permission'] = {}
request.session['device_ask_permission'] = {}
if settings.DEBUG:
print("User:"******"Sessions:", request.session )
return HttpResponseRedirect(reverse("api:home"))
else:
# Failed - Go back to Login
messages.error(request, "Sorry - that was the wrong answer")
Post_Device_Access(request, device, action="WRONG")
# DONE: increment counter in request.session
request.session['device_ask_permission'] = {'count': ask_count}
# DONE: Record Access in DeviceAccessLog
return HttpResponseRedirect(reverse('subaccount:device_login'))
else:
messages.error(request,"I am sorry = there was a problem")
render(request,
'subacc/subaccount_permission.html',
{'form': form,
'question': form['question']})
else:
print("In the GET - about to render question form")
question = Get_Question(request, user)
print("Got from Get_Question:",question[1])
form = Question_Form(initial={'question': question[1]})
if settings.DEBUG:
print("Question to ask:", question)
return render(request,
'subacc/subaccount_permission.html',
{'form': form,
'question': question,
'subacc': device},
)
def sms_login(request, *args, **kwargs):
# Check session variables to find information carried forward.
access_field = settings.USERNAME_FIELD
# This is the key field name. Probably username or email
if access_field in request.session:
if request.session[access_field] != "":
access_key = request.session[access_field]
else:
access_key = ""
else:
access_key = ""
if settings.DEBUG:
# print(request.GET)
print("SMS_LOGIN.GET:", access_field, ":[%s]" % (access_key))
# print(request.POST)
print(args)
print(kwargs)
next = ""
# Passing next parameter through to form
if request.GET:
if 'next' in request.GET:
next = request.GET['next']
next = request.get_full_path().split('next=')[1]
if settings.DEBUG:
print("We got a next value of:", next)
print("full path = ", request.get_full_path())
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST[access_field])
# form = SMSCodeForm(request.POST)
# form.username = request.POST['username']
request.session[access_field] = request.POST[access_field]
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
print("Authenticating...")
access_key = form.cleaned_data[access_field] # .lower()
password = form.cleaned_data['password'] # .lower()
sms_code = form.cleaned_data['sms_code']
if not validate_sms(access_key=access_key, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login.html', {
'form': AuthenticationForm(),
'next': next
}, RequestContext(request))
# DONE: Trying to handle LDAP Errors. eg. Not available
try:
user = authenticate(username=access_key, password=password)
except (ldap3.LDAPBindError, ldap3.LDAPSASLPrepError,
ldap3.LDAPSocketOpenError):
print("We got an LDAP Error - Bind:", dir(ldap3.LDAPBindError),
"\nSASL Prep:", ldap3.LDAPSASLPrepError,
"\nSocketOpenError:", ldap3.LDAPSocketOpenError)
messages.error(
request, "We had a problem reaching the Directory Server")
return render_to_response('accounts/login.html',
{'next': next},
RequestContext(request))
#######
if user is not None:
if user.is_active:
django_login(request, user)
# DONE: Set a session variable to identify as
# master account and not a subacc
session_device(request, "True", Session="auth_master")
# DONE: Now Send a message on login
if user.notify_activity in "ET":
send_activity_message(request, user)
# Otherwise don't send a message
if next != "":
if settings.DEBUG:
print("About to redirect to:", next)
print("QUERY_DICT:", dict(request.POST.items()))
print("but what about kwargs", kwargs)
return HttpResponseRedirect(next)
else:
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
args = {'next': next}
return HttpResponseRedirect(reverse('sms_code', args))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html', {
'form': AuthenticationForm(),
'next': next
}, RequestContext(request))
else:
print("Error with the POST form", )
return render_to_response('accounts/login.html', {
'form': form,
'next': next
}, RequestContext(request))
else:
if access_field in request.session:
access_key = request.session[access_field]
else:
access_key = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", access_key, "]")
form = AuthenticationForm(initial={access_field: access_key})
if settings.DEBUG:
# print(form)
print("Dropping to render_to_response in sms_login")
return render_to_response('accounts/login.html', {
'form': form,
'next': next
}, RequestContext(request))
def sms_login(request, *args, **kwargs):
if 'email' in request.session:
if request.session['email'] != "":
email = request.session['email']
else:
email = ""
else:
email = ""
if settings.DEBUG:
# print(request.GET)
print("SMS_LOGIN.GET:email:[%s]" % (email))
# print(request.POST)
print(args)
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST['email'])
# form = SMSCodeForm(request.POST)
# form.email = request.POST['email']
request.session['email'] = request.POST['email']
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
# print("Authenticate")
email = form.cleaned_data['email'].lower()
password = form.cleaned_data['password'].lower()
sms_code = form.cleaned_data['sms_code']
if not validate_sms(username=email, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
# DONE: Trying to handle LDAP Errors. eg. Not available
try:
user = authenticate(username=email, password=password)
except (ldap3.LDAPBindError,
ldap3.LDAPSASLPrepError,
ldap3.LDAPSocketOpenError):
print("We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError),
"\nSASL Prep:", ldap3.LDAPSASLPrepError,
"\nSocketOpenError:",ldap3.LDAPSocketOpenError)
messages.error(request, "We had a problem reaching the Directory Server")
return render_to_response('accounts/login.html',
RequestContext(request))
#######
if user is not None:
if user.is_active:
django_login(request, user)
# DONE: Set a session variable to identify as
# master account and not a subacc
session_device(request,
"True",
Session="auth_master")
# DONE: Now Send a message on login
if user.notify_activity in "ET":
send_activity_message(request,
user)
# Otherwise don't send a message
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('sms_code'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
else:
return render_to_response('accounts/login.html',
{'form': form},
RequestContext(request))
else:
if 'email' in request.session:
email = request.session['email']
else:
email = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", email, "]")
form = AuthenticationForm(initial={'email': email, })
if settings.DEBUG:
# print(form)
print("Dropping to render_to_response in sms_login")
return render_to_response('accounts/login.html', {'form': form},
RequestContext(request))
def sms_login(request, *args, **kwargs):
# Step 2 of the login process.
if settings.USERNAME_FIELD in request.session:
if request.session[settings.USERNAME_FIELD] != "":
key_field = request.session[settings.USERNAME_FIELD]
else:
key_field = ""
else:
key_field = ""
if settings.DEBUG:
# print(request.GET)
print("SMS_LOGIN.GET:%s:[%s]" % (settings.USERNAME_FIELD, key_field))
# print(request.POST)
print("args:", args)
if request.method == 'POST':
form = AuthenticationForm(request.POST)
if request.POST['login'].lower() == 'resend code':
if settings.DEBUG:
print("Resending Code for %s" % request.POST[settings.USERNAME_FIELD])
# form = SMSCodeForm(request.POST)
# form.email = request.POST['email']
request.session[settings.USERNAME_FIELD] = request.POST[settings.USERNAME_FIELD]
return HttpResponseRedirect(reverse('accounts:sms_code'))
if form.is_valid():
print("Authenticating...")
key_field = form.cleaned_data[settings.USERNAME_FIELD].lower()
password = form.cleaned_data['password'].lower()
sms_code = form.cleaned_data['sms_code']
if settings.DEBUG:
print("working with ", key_field)
if not validate_sms(username=key_field, smscode=sms_code):
messages.error(request, "Invalid Access Code.")
if settings.DEBUG:
print("Going to sms_login loop back")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
# DONE: Trying to handle LDAP Errors. eg. Not available
check = User.objects.get(user=key_field)
if settings.DEBUG:
print("checking with ", key_field, "/", check)
try:
# user = authenticate(user=key_field, password=password)
user = authenticate(email=check.email, password=password)
if settings.DEBUG:
print("Authenticated User:"******"We got an LDAP Error - Bind:",dir(ldap3.LDAPBindError),
"\nSASL Prep:", ldap3.LDAPSASLPrepError,
"\nSocketOpenError:",ldap3.LDAPSocketOpenError)
messages.error(request, "We had a problem reaching the Directory Server")
return render_to_response('accounts/login.html',
RequestContext(request))
#######
if settings.DEBUG:
print("authentication with", user)
if user is not None:
if user.is_active:
django_login(request, user)
# DONE: Set a session variable to identify as
# master account and not a subacc
# session_device(request,
# "True",
# Session="auth_master")
# DONE: Now Send a message on login
request.session['auth_master']= "True"
if user.notify_activity in "ET":
send_activity_message(request,
user)
# Otherwise don't send a message
return HttpResponseRedirect(reverse('home'))
else:
messages.error(request, "Your account is not active.")
return HttpResponseRedirect(reverse('sms_code'))
else:
messages.error(request, "Invalid username or password.")
return render_to_response('accounts/login.html',
{'form': AuthenticationForm()},
RequestContext(request))
else:
return render_to_response('accounts/login.html',
{'form': form},
RequestContext(request))
else:
if settings.USERNAME_FIELD in request.session:
key_field = request.session[settings.USERNAME_FIELD]
else:
key_field = ""
if settings.DEBUG:
print("in sms_login. Setting up Form [", settings.USERNAME_FIELD, "]")
form = AuthenticationForm(initial={settings.USERNAME_FIELD: key_field, })
if settings.DEBUG:
# print(form)
print("Dropping to render_to_response in sms_login")
return render_to_response('accounts/login.html', {'form': form},
RequestContext(request))
