def save(self, request, **kwargs):
email = self.cleaned_data["email"]
token_generator = kwargs.get("token_generator",
default_token_generator)
for user in self.users:
temp_key = token_generator.make_token(user)
# save it to the password reset model
# password_reset = PasswordReset(user=user, temp_key=temp_key)
# password_reset.save()
current_site = get_current_site(request)
# send the password reset email
path = reverse("account_reset_password_from_key",
kwargs=dict(uidb36=user_pk_to_url_str(user),
key=temp_key))
url = build_absolute_uri(
request, path,
protocol=app_settings.DEFAULT_HTTP_PROTOCOL)
context = {"site": current_site,
"user": user,
"password_reset_url": url,
"request": request}
if app_settings.AUTHENTICATION_METHOD \
!= AuthenticationMethod.EMAIL:
context['username'] = user_username(user)
get_adapter().send_mail('account/email/password_reset_key',
email,
context)
return self.cleaned_data["email"]
def password_reset(request):
''' A modified version of password_reset view from account.views.
Can be removed once we get emails in the user table unique.
'''
form_class=PasswordResetForm
if 'POST' == request.method:
form = form_class(request.POST)
else:
form = form_class()
if form.is_valid():
#user = UserModel.objects.get(email=form.cleaned_data['email'])
username = form.cleaned_data['username']
email = form.cleaned_data['email']
hostname = Site.objects.get_current().domain
user = User.objects.get(username__in=expanded_username_list(username.lower()), email=email)
temp_key = default_token_generator.make_token(user)
path = reverse("account_reset_password_from_key",
kwargs=dict(uidb36=user_pk_to_url_str(user),
key=temp_key))
url = build_absolute_uri(request, path, protocol=DEFAULT_HTTP_PROTOCOL)
args = {'domain': hostname, 'url': url, 'user': user}
if email_template(user.email, 'account/mail/password_reset', **args):
#return message(request, 'Check the mail please')
return render_to_response(request, 'auth/password_reset_request_done.html')
else:
msg = ('Unfortunately we could not send you email '
'in current time. Please, try later')
return message_view(request, msg)
return {'form': form}
def get_client(self, request, app):
callback_url = reverse(self.adapter.provider_id + "_callback")
callback_url = build_absolute_uri(
request, callback_url,
protocol=self.adapter.redirect_uri_protocol)
provider = self.adapter.get_provider()
client = OAuth2Client(self.request, app.client_id, app.secret,
self.adapter.access_token_url,
callback_url,
provider.get_scope())
return client
def get_client(self, request, app):
callback_url = reverse(self.adapter.provider_id + "_callback")
protocol = (self.adapter.redirect_uri_protocol
or app_settings.DEFAULT_HTTP_PROTOCOL)
callback_url = build_absolute_uri(
request, callback_url,
protocol=protocol)
provider = self.adapter.get_provider()
client = OAuth2Client(self.request, app.client_id, app.secret,
self.adapter.access_token_method,
self.adapter.access_token_url,
callback_url,
provider.get_scope())
return client
def get_client(self, request, app):
callback_url = reverse(self.adapter.provider_id + "_callback")
callback_url = build_absolute_uri(
request, callback_url,
protocol=self.adapter.redirect_uri_protocol)
provider = self.adapter.get_provider()
scope = provider.get_scope(request)
client = OAuth2Client(self.request, app.client_id, app.secret,
self.adapter.access_token_method,
self.adapter.access_token_url,
callback_url,
scope,
scope_delimiter=self.adapter.scope_delimiter,
headers=self.adapter.headers,
basic_auth=self.adapter.basic_auth)
return client
def get_client(self, request, app):
callback_url = reverse(self.adapter.provider_id + "_callback")
protocol = (self.adapter.redirect_uri_protocol
or app_settings.DEFAULT_HTTP_PROTOCOL)
callback_url = build_absolute_uri(
request, callback_url,
protocol=protocol)
provider = self.adapter.get_provider()
scope = provider.get_scope(request)
client = OAuth2Client(self.request, app.client_id, app.secret,
self.adapter.access_token_method,
self.adapter.access_token_url,
callback_url,
scope)
custom_header = headers = {"User-Agent": "django-allauth-header"}
client.set_http_auth(True)
client.set_custom_header(custom_header)
return client
def send(self, request, signup=False, **kwargs):
current_site = kwargs["site"] if "site" in kwargs \
else Site.objects.get_current()
activate_url = reverse("account_confirm_email", kwargs={'key':self.key})
activate_url = build_absolute_uri(request,
activate_url,
protocol=app_settings.DEFAULT_HTTP_PROTOCOL)
ctx = {
"user": self.email_address.user,
"activate_url": activate_url,
"current_site": current_site,
"key": self.key,
}
if signup:
email_template = 'account/email/email_confirmation_signup'
else:
email_template = 'account/email/email_confirmation'
get_adapter().send_mail(email_template,
self.email_address.email,
ctx)
self.sent = timezone.now()
self.save()
signals.email_confirmation_sent.send(sender=self.__class__,
confirmation=self)
def get_callback_url(provider: OAuth2Adapter, request, app):
callback_url = reverse(provider.provider_id + "_callback")
protocol = getattr(
settings, 'OAUTH_CALLBACK_PROTOCOL') or provider.redirect_uri_protocol
return build_absolute_uri(request, callback_url, protocol)
def clean(self):
"""
Override to verify Stellar account using Data Entry added client-side.
Decoded data entry must match request.user.id
"""
# TODO: HANDLE THE RAISED ERRORS TO OUTPUT A VALIDATION ERROR (WORRY ABOUT TAMPERED WITH SIGNATURE ERROR)
# Call the super
super(AccountCreateForm, self).clean()
# Obtain form input parameters
creating_stellar = self.cleaned_data.get("creating_stellar")
public_key = self.cleaned_data.get("public_key")
if creating_stellar:
# Creating a new Stellar account
# NOTE: https://stellar-base.readthedocs.io/en/latest/quickstart.html#create-an-account
request_user = self.request_user
# Check current request user is an admin allowed to approve funding
if not request_user.is_superuser:
raise ValidationError(
_('Invalid request. You must be an admin to approve funding of new accounts.'
))
# Check that account for this public key does not already exist
elif Account.objects.filter(public_key=public_key).exists():
raise ValidationError(
_('Invalid public key. This account has already been funded.'
))
# Check that a funding request exists for this public key and fetch it
try:
funding_request = AccountFundRequest.objects.get(
public_key=public_key)
except ObjectDoesNotExist:
funding_request = None
raise ValidationError(
_('Funding request for this public key does not exist.'))
# Make a call to Horizon to fund new account with Nucleo base account
horizon = settings.STELLAR_HORIZON_INITIALIZATION_METHOD()
# Assemble the CreateAccount operation
amount = settings.STELLAR_CREATE_ACCOUNT_MINIMUM_BALANCE
memo = TextMemo('Nucleo Created Account')
op_create = CreateAccount({
'destination': public_key,
'starting_balance': amount,
})
# Get the current sequence of the source account by contacting Horizon.
# TODO: You should also check the response for errors!
sequence = horizon.account(
settings.STELLAR_BASE_KEY_PAIR.address()).get('sequence')
# Create a transaction with our single create account operation, with the
# default fee of 100 stroops as of this writing (0.00001 XLM)
tx = Transaction(
source=settings.STELLAR_BASE_KEY_PAIR.address().decode(),
opts={
'sequence': sequence,
'memo': memo,
'operations': [op_create],
},
)
# Build a transaction envelope, ready to be signed.
envelope = Te(tx=tx, opts={"network_id": settings.STELLAR_NETWORK})
# Sign the transaction envelope with the source keypair
envelope.sign(settings.STELLAR_BASE_KEY_PAIR)
# Submit the transaction to Horizon
# TODO: Make sure to look at the response body carefully, as it can be an error or a successful response.
te_xdr = envelope.xdr()
response = horizon.submit(te_xdr)
# Check whether account actually created on ledger
if 'hash' not in response:
raise ValidationError(
_('Nucleo was not able to create a Stellar account at this time'
))
# If successful, increment the user's account quota val by one
user_funding = funding_request.requester
self.account_user = user_funding
profile_funding = user_funding.profile
profile_funding.accounts_created += 1
profile_funding.save()
# Delete the funding request
funding_request.delete()
# Email the requester to notify them of approved funding for new account
profile_path = reverse('nc:user-detail',
kwargs={'slug': user_funding.username})
profile_url = build_absolute_uri(self.request, profile_path)
current_site = get_current_site(self.request)
email_settings_path = reverse('nc:user-settings-redirect')
email_settings_url = build_absolute_uri(self.request,
email_settings_path)
ctx_email = {
'current_site': current_site,
'username': user_funding.username,
'account_public_key': public_key,
'profile_url': profile_url,
'email_settings_url': email_settings_url,
}
get_adapter(self.request).send_mail('nc/email/account_create',
user_funding.email, ctx_email)
else:
# Verify Stellar public key with the added Data Entry
# Get the Stellar account for given public key
# NOTE: Need to decouple Address initialization from get() method to work!
address = Address(address=public_key,
network=settings.STELLAR_NETWORK)
try:
address.get()
except AccountNotExistError:
raise ValidationError(_(
'Invalid account. Stellar Account associated with given public key does not exist.'
),
code='invalid_account')
# Obtain the signed_user data entry
signed_user = address.data.get(
settings.STELLAR_DATA_VERIFICATION_KEY, None)
if not signed_user:
raise ValidationError(_(
'Invalid data entry. Decoded Stellar Data Entry does not exist.'
),
code='invalid_data_entry')
# Now decode and verify data
self.loaded_user_id = signing.loads(base64.b64decode(signed_user))
if self.request_user.id != self.loaded_user_id:
raise ValidationError(_(
'Invalid user id. Decoded Stellar Data Entry does not match your user id.'
),
code='invalid_user')
# Associate request user with this account
self.account_user = self.request_user
# Delete any existing funding request associated with that key
AccountFundRequest.objects.filter(public_key=public_key).delete()
# TODO: SEND EMAIL IF KEY HAS BEEN COMPROMISED, SOMEHOW ALLOW UNFUNDED ACCOUNTS TO BE SEEN?
return self.cleaned_data
def save(self):
"""
Add new activity associated with given tx ops to request_user
stream feed.
Activity types we send to stream:
1. Payments (verb: send)
2. Token issuance (verb: issue)
3. Trusting of asset (verb: trust)
4. Buy/sell of asset (verb: offer)
5. Follow user (verb: follow; not handled by this form but
instead in UserFollowUpdateView)
For verb = 'follow', 'send' should trigger email(s)/notif(s) to only
recipient of the action. For verb = 'issue', 'offer' send email(s)/notif(s)
to all followers of the activity actor.
"""
if not self.ops:
# TODO: This is a band-aid for times when tx_ops call gives a 404,
# which seems to happen most often on offers (settlement time?).
# Get rid of this once implement a transaction_operations nodejs listener?
return {'activity': None, 'success_url': self.success_url}
# Determine activity type and update kwargs for stream call
request_user_profile = self.request_user.profile
current_site = get_current_site(self.request)
tx_hash = self.cleaned_data.get("tx_hash")
kwargs = {
'actor': self.request_user.id,
'actor_username': self.request_user.username,
'actor_pic_url': request_user_profile.pic_url(),
'actor_href': request_user_profile.href(),
'tx_hash': self.cleaned_data.get("tx_hash"),
'tx_href': self.tx_href,
'foreign_id': tx_hash,
'memo': self.memo,
'time': self.time,
}
# Payment
if len(self.ops) == 1 and self.ops[0]['type_i'] == Xdr.const.PAYMENT:
record = self.ops[0]
# Get the user associated with to account if registered in our db
try:
object = get_user_model().objects.get(
accounts__public_key=record['to'])
except ObjectDoesNotExist:
object = None
object_id = object.id if object else record[
'to'] # NOTE: if no Nucleo user has that account, use public_key for object_id in r
object_username = object.username if object else None
object_email = object.email if object else None
object_profile = object.profile if object else None
object_pic_url = object_profile.pic_url(
) if object_profile else None
object_href = object_profile.href() if object_profile else None
# Get the details of asset sent if registered in our db
try:
asset_id = '{0}-{1}'.format(record['asset_code'], record['asset_issuer'])\
if record['asset_type'] != 'native' else 'XLM-native'
asset = Asset.objects.get(asset_id=asset_id)
except ObjectDoesNotExist:
asset = None
asset_pic_url = asset.pic_url() if asset else None
asset_href = asset.href() if asset else None
kwargs.update({
'verb': 'send',
'asset_type': record['asset_type'],
'asset_code': record.get('asset_code', None),
'asset_issuer': record.get('asset_issuer', None),
'asset_pic_url': asset_pic_url,
'asset_href': asset_href,
'amount': record['amount'],
'object': object_id,
'object_username': object_username,
'object_pic_url': object_pic_url,
'object_href': object_href
})
# Send an email to user receiving funds
if object_email and object_profile and object_profile.allow_payment_email:
object_account = object.accounts.get(public_key=record['to'])
asset_display = record['asset_code'] if record[
'asset_type'] != 'native' else 'XLM'
profile_path = reverse('nc:user-detail',
kwargs={'slug': object_username})
profile_url = build_absolute_uri(self.request, profile_path)
email_settings_path = reverse('nc:user-settings-redirect')
email_settings_url = build_absolute_uri(
self.request, email_settings_path)
ctx_email = {
'current_site': current_site,
'username': self.request_user.username,
'amount': record['amount'],
'asset': asset_display,
'memo': self.memo,
'account_name': object_account.name,
'account_public_key': object_account.public_key,
'profile_url': profile_url,
'email_settings_url': email_settings_url,
}
get_adapter(self.request).send_mail(
'nc/email/feed_activity_send', object_email, ctx_email)
# Token issuance
elif len(self.ops) == 3 and self.ops[0]['type_i'] == Xdr.const.CHANGE_TRUST\
and self.ops[1]['type_i'] == Xdr.const.PAYMENT\
and self.ops[0]['asset_code'] == self.ops[1]['asset_code']\
and self.ops[0]['asset_issuer'] == self.ops[1]['asset_issuer']:
payment_record = self.ops[1]
# Get account for issuer and either retrieve or create new asset in our db
issuer = self.request_user.accounts.get(
public_key=payment_record['source_account'])
asset, created = Asset.objects.get_or_create(
code=payment_record['asset_code'],
issuer_address=payment_record['asset_issuer'],
issuer=issuer)
# Set the kwargs for feed activity
kwargs.update({
'verb': 'issue',
'amount': payment_record['amount'],
'object': asset.id,
'object_type': asset.type(),
'object_code': asset.code,
'object_issuer': asset.issuer_address,
'object_pic_url': asset.pic_url(),
'object_href': asset.href()
})
# Send a bulk email to all followers that a new token has been issued
recipient_list = [ u.email for u in request_user_profile.followers\
.filter(profile__allow_token_issuance_email=True) ]
asset_path = reverse('nc:asset-detail',
kwargs={'slug': asset.asset_id})
asset_url = build_absolute_uri(self.request, asset_path)
email_settings_path = reverse('nc:user-settings-redirect')
email_settings_url = build_absolute_uri(self.request,
email_settings_path)
ctx_email = {
'current_site': current_site,
'username': self.request_user.username,
'amount': payment_record['amount'],
'asset': asset.code,
'asset_url': asset_url,
'account_name': issuer.name,
'account_public_key': issuer.public_key,
'email_settings_url': email_settings_url,
}
get_adapter(self.request).send_mail_to_many(
'nc/email/feed_activity_issue', recipient_list, ctx_email)
# Trusting of asset
elif len(self.ops
) == 1 and self.ops[0]['type_i'] == Xdr.const.CHANGE_TRUST:
record = self.ops[0]
# Get account for issuer and either retrieve or create new asset in our db
asset, created = Asset.objects.get_or_create(
code=record['asset_code'],
issuer_address=record['asset_issuer'])
# Set the redirect URL to the asset detail page
if not self.success_url:
trust_path = reverse('nc:asset-trust-list',
kwargs={'slug': asset.asset_id})
trust_url = build_absolute_uri(self.request, trust_path)
self.success_url = trust_url
# Test for whether adding/removing trust
if float(self.ops[0]['limit']) == 0.0:
# Removing trust, so don't add an activity, but remove from
# user's asset trusting list.
self.account.assets_trusting.remove(asset)
if not self.request_user.accounts.filter(
assets_trusting=asset).exists():
self.request_user.assets_trusting.remove(asset)
return {'activity': None, 'success_url': self.success_url}
else:
# Adding trust, so add activity and add to user's asset trusting list.
self.account.assets_trusting.add(asset)
self.request_user.assets_trusting.add(asset)
# Set the kwargs for feed activity
kwargs.update({
'verb': 'trust',
'object': asset.id,
'object_type': asset.type(),
'object_code': asset.code,
'object_issuer': asset.issuer_address,
'object_pic_url': asset.pic_url(),
'object_href': asset.href()
})
# Send an email to issuer of asset
asset_issuer_account = asset.issuer
asset_issuer_user = asset.issuer.user if asset_issuer_account else None
asset_issuer_profile = asset_issuer_user.profile if asset_issuer_user else None
if asset_issuer_account and asset_issuer_user and asset_issuer_profile and asset_issuer_profile.allow_trust_email:
asset_display = record['asset_code']
profile_path = reverse(
'nc:user-detail',
kwargs={'slug': self.request_user.username})
profile_url = build_absolute_uri(self.request,
profile_path)
email_settings_path = reverse('nc:user-settings-redirect')
email_settings_url = build_absolute_uri(
self.request, email_settings_path)
ctx_email = {
'current_site': current_site,
'username': self.request_user.username,
'asset': asset_display,
'account_name': asset_issuer_account.name,
'account_public_key': asset_issuer_account.public_key,
'profile_url': profile_url,
'email_settings_url': email_settings_url,
}
get_adapter(self.request).send_mail(
'nc/email/feed_activity_trust',
asset_issuer_user.email, ctx_email)
# Buy/sell of asset
elif len(self.ops
) == 1 and self.ops[0]['type_i'] == Xdr.const.MANAGE_OFFER:
record = self.ops[0]
# Given we only allow buying/selling of token with respect to XLM,
# the offer_type is the non-XLM side.
# TODO: Generalize for non XLM related offers
offer_type = 'buying' if record[
'buying_asset_type'] != 'native' else 'selling'
# Get account for issuer and either retrieve or create new asset in our db
asset, created = Asset.objects.get_or_create(
code=record[offer_type + '_asset_code'],
issuer_address=record[offer_type + '_asset_issuer'])
# Set the kwargs for feed activity
kwargs.update({
'verb': 'offer',
'offer_type': offer_type,
'amount': record['amount'],
'price': record['price'],
'object': asset.id,
'object_type': asset.type(),
'object_code': asset.code,
'object_issuer': asset.issuer_address,
'object_pic_url': asset.pic_url(),
'object_href': asset.href()
})
# Send a bulk email to all followers that user has made a trade
recipient_list = [ u.email for u in request_user_profile.followers\
.filter(profile__allow_trade_email=True) ]
offer_type_display = 'buy' if record[
'buying_asset_type'] != 'native' else 'sell'
amount_display = str(
float(record['price']) * float(record['amount'])
) if offer_type == 'buying' else record['amount']
price_display = str(
round(1 / float(record['price']),
7)) if offer_type == 'buying' else record['price']
asset_path = reverse('nc:asset-detail',
kwargs={'slug': asset.asset_id})
asset_url = build_absolute_uri(self.request, asset_path)
email_settings_path = reverse('nc:user-settings-redirect')
email_settings_url = build_absolute_uri(self.request,
email_settings_path)
ctx_email = {
'current_site': current_site,
'username': self.request_user.username,
'offer_type': offer_type_display,
'amount': amount_display,
'memo': self.memo,
'price': price_display,
'asset': asset.code,
'asset_url': asset_url,
'email_settings_url': email_settings_url,
}
get_adapter(self.request).send_mail_to_many(
'nc/email/feed_activity_offer', recipient_list, ctx_email)
# Set the redirect URL to the asset detail page
if not self.success_url:
self.success_url = asset_url
else:
# Not a supported activity type
return {'activity': None, 'success_url': self.success_url}
return {
'activity': self.feed.add_activity(kwargs),
'success_url': self.success_url,
}
def get_callback_url(self, request, app):
client_identifier = self.get_oauth2_client_identifier()
callback_url = reverse(self.provider_id + "_callback",
kwargs={'client_identifier': client_identifier})
protocol = self.redirect_uri_protocol
return build_absolute_uri(request, callback_url, protocol)
def get_email_confirmation_url(self, request, emailconfirmation):
url = reverse("allauth_account_confirm_email",
args=[emailconfirmation.key])
ret = build_absolute_uri(None, url)
return ret
def invitation_url(self, invitation):
action_url = reverse('contests:join_team',
args=(self.contest.code, self.team.id))
base_url = build_absolute_uri(self.request, action_url)
url = base_url + '?code=' + invitation.secret_code
return url
def get_callback_url(self, request, app):
callback_url = reverse(self.provider_id + "_callback")
protocol = self.redirect_uri_protocol
return build_absolute_uri(request, callback_url, protocol)
def get_callback_url(self, request, app):
callback_url = reverse(self.provider_id + "_callback")
protocol = self.redirect_uri_protocol
return build_absolute_uri(request, callback_url, protocol)
def get_callback_url(self, login_request, app):
""" Get the local URL for the OpenID callback """
callback_url = reverse(self.slug + "_callback")
return build_absolute_uri(login_request, callback_url, 'https')
def get_email_confirmation_url(self, request, emailconfirmation):
url = settings.CUSTOM_ACCOUNT_CONFIRM_EMAIL_URL.format(emailconfirmation.key)
ret = build_absolute_uri(
request,
url)
return ret
def get_email_confirmation_url(self, request, emailconfirmation):
uri = '/email-confirmation/' + emailconfirmation.key
return build_absolute_uri(request, uri)
def get_callback_url(self, login_request, app):
""" Get the local URL for the OAuth2 callback """
callback_url = reverse(self.slug + "_callback")
protocol = self.redirect_uri_protocol
return build_absolute_uri(login_request, callback_url, protocol)
def avatar_url(self):
url = self.avatar.url if self.avatar else static(
'/images/user_default_avatar.png')
return build_absolute_uri(None, url)
def image_url(self):
return build_absolute_uri(None, self.image.url) if self.image else None
def get_email_confirmation_url(self, request, emailconfirmation):
url = reverse("account_confirm_email", args=[emailconfirmation.key])
ret = build_absolute_uri(request, url)
return ret.replace('api/rest-auth/registration/', '')
def get_connect_redirect_url(self, request, socialaccount):
return build_absolute_uri(request, settings.LOGIN_REDIRECT_URL)
def get_email_confirmation_url_override(self, request, emailconfirmation):
url = reverse("users:account_confirm_email", args=[emailconfirmation.key])
ret = build_absolute_uri(request, url)
return ret
def get_email_confirmation_url(self, request, emailconfirmation):
url = reverse("rest_verify_email",
kwargs={'key': emailconfirmation.key})
ret = build_absolute_uri(request, url)
return ret
def get_callback_url(self, request, app):
assert 'process' in request.query_params
callback_url = reverse(SOCIAL_LOGIN_CALLBACK_NAME)
protocol = self.redirect_uri_protocol
url = build_absolute_uri(request, callback_url, protocol)
return url + f'?provider={self.provider_id}&process={request.query_params["process"]}'