def setUp(self): language = factories.LanguageEnFactory() hash_alg = Argon2PasswordHasher() hashpw = hash_alg.encode(password="******", salt="123salt123") secretariat = factories.SecretariatUserFactory(language=language, password=hashpw) self.client.login(username=secretariat.username, password="******") self.art7 = self.obligation_factory(ObligationTypes.ART7.value) self.raf = self.obligation_factory(ObligationTypes.ESSENCRIT.value) weur = factories.RegionFactory(abbr="WEUR", name="Western Europe and Others") unsp = factories.SubregionFactory(region=weur, abbr="UNK", name="Unspecified") self.treaty = factories.TreatyFactory() self.annex = factories.AnnexFactory() self.au = factories.PartyFactory(abbr="AU", name="Australia", subregion=unsp) self.p = { year: self.period_factory(year) for year in range(1980, 2020) } self.g = {gid: self.group_factory(gid) for gid in ["AI", "CI", "F"]}
def dang_ky(request): form = CustomerCreate() registered = False if request.method == "POST": form = CustomerCreate(data=request.POST) hasher = Argon2PasswordHasher() if form.is_valid( ) and form.cleaned_data['mat_khau'] == form.cleaned_data['confirm']: request.POST._mutable = True register = form.save(commit=False) register.ho_ten = form.cleaned_data['ho_ten'] register.user_name = form.cleaned_data['user_name'] register.mat_khau = hasher.encode(form.cleaned_data['mat_khau'], 'somewhere') register.email = form.cleaned_data['email'] register.phone = form.cleaned_data['phone'] register.dia_chi = form.cleaned_data['dia_chi'] register.save() registered = True return render(request, 'customers/profile.html', {'username': register.user_name}) elif form.cleaned_data['mat_khau'] != form.cleaned_data['confirm']: form.add_error('confirm', 'Mật khẩu không khớp') else: form = CustomerCreate() return render(request, 'customers/dang_ky.html', { 'form': form, 'registered': registered })
def setUp(self): super().setUp() self.maxDiff = None self.workflow_class = "default" self.obligation = ObligationFactory(_obligation_type="art7") self.region = RegionFactory.create() self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory(subregion=self.subregion) self.another_party = AnotherPartyFactory(subregion=self.subregion) self.language = LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = SecretariatUserFactory( language=self.language, password=hash_alg.encode(password="******", salt="123salt123")) self.client.login(username=self.secretariat_user.username, password='******') self.substance = SubstanceFactory() self.another_substance = AnotherSubstanceFactory() self.blend = BlendFactory() BlendComponentFactory(blend=self.blend, substance=self.substance, percentage=Decimal('0.5')) BlendComponentFactory(blend=self.blend, substance=self.another_substance, percentage=Decimal('0.5')) ReportingChannelFactory()
def setUp(self): super().setUp() self.workflow_class = "default" self.region = RegionFactory.create() self.period = ReportingPeriodFactory.create( name="2018 test", start_date=datetime.strptime('2018-01-01', '%Y-%m-%d'), end_date=datetime.strptime('2018-12-31', '%Y-%m-%d')) self.newer_period = ReportingPeriodFactory.create( name="2019 test", start_date=datetime.strptime('2019-01-01', '%Y-%m-%d'), end_date=datetime.strptime('2019-12-31', '%Y-%m-%d')) self.obligation = ObligationFactory.create( _obligation_type=self._obligation_type) self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory(subregion=self.subregion) self.another_party = AnotherPartyFactory(subregion=self.subregion) self.language = LanguageEnFactory() PartyHistoryFactory(party=self.party, reporting_period=self.period) hash_alg = Argon2PasswordHasher() self.secretariat_user = SecretariatUserFactory( language=self.language, password=hash_alg.encode(password="******", salt="123salt123")) self.client.login(username=self.secretariat_user.username, password='******') self.substance = SubstanceFactory() ReportingChannelFactory()
def get_hash(self): try: ph_obj = Argon2PasswordHasher() return ph_obj.encode(password=self.password, salt=get_random_string()) except HashingError: raise HashingError("Provide valid data type for password.")
def setUp(self): super().setUp() ContentType.objects.clear_cache() self.workflow_class = "default" self.region = RegionFactory.create() self.period = ReportingPeriodFactory.create(name="Some period") self.obligation = ObligationFactory.create(name="Some obligation") self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory(subregion=self.subregion) self.another_party = AnotherPartyFactory(subregion=self.subregion) self.language = LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = SecretariatUserFactory( language=self.language, password=hash_alg.encode(password="******", salt="123salt123") ) self.party_user = ReporterUserFactory( language=self.language, party=self.party, password=hash_alg.encode(password="******", salt="123salt123"), ) self.another_party_user = ReporterUserAnotherPartyFactory( language=self.language, party=self.another_party, password=hash_alg.encode(password="******", salt="123salt123"), ) self.substance = SubstanceFactory() ReportingChannelFactory()
def setUp(self): super().setUp() self.workflow_class = 'base' self.region = RegionFactory.create() self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory(subregion=self.subregion) self.another_party = AnotherPartyFactory(subregion=self.subregion) self.language = LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = SecretariatUserFactory( language=self.language, password=hash_alg.encode(password='******', salt='123salt123')) self.secretariat_user_ro = SecretariatUserROFactory( language=self.language, password=hash_alg.encode(password='******', salt='123salt123')) self.reporter = ReporterUserFactory(language=self.language, party=self.party, password=hash_alg.encode( password='******', salt='123salt123')) self.reporter_same_party = ReporterUserSamePartyFactory( language=self.language, party=self.party, password=hash_alg.encode(password='******', salt='123salt123')) self.reporter_another_party = ReporterUserAnotherPartyFactory( language=self.language, party=self.another_party, password=hash_alg.encode(password='******', salt='123salt123')) ReportingChannelFactory()
def setUp(self): super().setUp() hash_alg = Argon2PasswordHasher() region = RegionFactory.create() subregion = SubregionFactory.create(region=region) party = PartyFactory.create(subregion=subregion) another_party = AnotherPartyFactory(subregion=subregion) self.language_en = LanguageEnFactory() self.language_fr = LanguageFrFactory() self.reporter = ReporterUserFactory.create( first_name='Test', last_name='Test', email='*****@*****.**', language=self.language_en, party=party, password=hash_alg.encode(password='******', salt='123salt123'), ) self.reporter_same_party = ReporterUserSamePartyFactory( language=self.language_en, party=party, password=hash_alg.encode(password='******', salt='123salt123') ) self.reporter_another_party = ReporterUserAnotherPartyFactory( language=self.language_en, party=another_party, password=hash_alg.encode(password='******', salt='123salt123') ) self.secretariat_user = SecretariatUserFactory( language=self.language_en, password=hash_alg.encode(password='******', salt='123salt123') ) self.client.login(username=self.reporter.username, password='******') ReportingChannelFactory()
def setUp(self): super().setUp() self.workflow_class = 'base' self.region = RegionFactory.create() self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory(subregion=self.subregion) self.language = LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = SecretariatUserFactory( language=self.language, password=hash_alg.encode(password='******', salt='123salt123')) self.reporter = ReporterUserFactory(language=self.language, party=self.party, password=hash_alg.encode( password='******', salt='123salt123')) ReportingChannelFactory.create(name='Web form', is_default_party=True, is_default_secretariat=False) ReportingChannelFactory.create(name='Email', is_default_party=False, is_default_secretariat=True) ReportingChannelFactory.create(name='API', is_default_party=False, is_default_secretariat=False) SubmissionFormatFactory()
def setUp(self): super().setUp() self.workflow_class = "default" self.obligation = ObligationFactory(_obligation_type=self._obligation_type) self.region = RegionFactory.create() self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory(subregion=self.subregion) self.another_party = AnotherPartyFactory(subregion=self.subregion) self.language = LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = SecretariatUserFactory( language=self.language, password=hash_alg.encode(password="******", salt="123salt123") ) self.party_user = ReporterUserFactory( language=self.language, party=self.party, password=hash_alg.encode(password="******", salt="123salt123"), ) self.another_party_user = ReporterUserFactory( language=self.language, username="******", party=self.another_party, password=hash_alg.encode(password="******", salt="123salt123"), ) ReportingChannelFactory()
def setUp(self): super().setUp() self.language = factories.LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = factories.SecretariatUserFactory( language=self.language, password=hash_alg.encode(password="******", salt="123salt123"), ) subregion = factories.SubregionFactory() parties = ['TP', 'NPA', 'NPB'] for party in parties: factories.PartyFactory( abbr=party, name=f"{party} party", subregion=subregion, ) factories.ReportingPeriodFactory( name='2000', start_date=datetime.strptime('2000-01-01', '%Y-%m-%d'), end_date=datetime.strptime('2000-12-31', '%Y-%m-%d'), ) factories.ReportingChannelFactory(name="Legacy") substances = [100, 101, 102, 103, 104, 105, 106, 999] for substance_id in substances: factories.SubstanceFactory( substance_id=substance_id, name=f"Chemical {substance_id}", ) factories.ObligationFactory(pk=1)
def verify_password(self, p): passwordHasher = Argon2PasswordHasher() try: if passwordHasher.verify(self.password, p.objects.get(email=self.email).password): return True except p.DoesNotExist: return False
def setUp(self): super().setUp() self.hash_alg = Argon2PasswordHasher() self.region = RegionFactory.create() self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory.create(subregion=self.subregion) self.obligation = ObligationFactory.create(_form_type=self._form_type) self.language = LanguageEnFactory() ReportingChannelFactory()
def register(request): if request.method == 'POST': register_form = RegisterFormInput(data=request.POST) if not register_form.is_valid(): # Redirect with Unknown Error return redirect('index') full_name = register_form.cleaned_data.get('full_name') user_name = register_form.cleaned_data.get('user_name') password = register_form.cleaned_data.get('password') repeat_password = register_form.cleaned_data.get('repeat_password') # Check whether user_name is available to be taken or not try: user = SiteUser.objects.get(email__exact=user_name) # User already exists in the database if user: set_alert(request, 'user_exists') return redirect('index') except ObjectDoesNotExist: user = SiteUser(email=user_name) # Check whether user has properly entered the password if password != repeat_password: set_alert(request, 'password_mismatch') return redirect('index') user.password = make_password(password, hasher=Argon2PasswordHasher()) # Split to obtain first and last name of the user name = full_name.split() if(len(name) == 1): user.first_name = name[0] else: user.first_name = name[0] user.last_name = ' '.join(name[1:]) # Finally generate a Session ID session_id = uuid.uuid4().hex user.session_id = session_id try: user.save() create_session(request, user_name, name[0]) except Error: # Inform user there was some problem creating the user report to administrator set_alert(request, 'generic_error') return redirect('index') set_alert(request, 'user_logged_in') return redirect('home')
def setUp(self): super().setUp() self.language = factories.LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = factories.SecretariatUserFactory( language=self.language, password=hash_alg.encode(password="******", salt="123salt123"), ) self.subregion = factories.SubregionFactory() factories.ReportingChannelFactory(name="Legacy") factories.ObligationFactory(pk=1)
def dang_nhap(request): err = '' if request.session.has_key('username'): return redirect('customers:profile') elif request.method == "POST": hashers = Argon2PasswordHasher() _ten = request.POST.get('user_name') _mat_khau = hashers.encode(request.POST.get('mat_khau'), 'somewhere') kh = Customer.objects.filter(user_name=_ten, mat_khau=_mat_khau) if kh.count() > 0: request.session['username'] = kh[0].ho_ten return redirect('customers:profile') else: err = "thong tin dang nhap khong dung" return render(request, 'customers/dang_nhap.html', {'err': err})
def setUp(self): super().setUp() self.region = RegionFactory.create() self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory(subregion=self.subregion) self.language = LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = SecretariatUserFactory( language=self.language, password=hash_alg.encode(password="******", salt="123salt123")) self.client.login(username=self.secretariat_user.username, password='******') self.obligation = ObligationFactory(name="Other obligation", other=True, _obligation_type="other") ReportingChannelFactory()
def setUp(self): super().setUp() self.workflow_class = "default_exemption" self.obligation = ObligationFactory(_obligation_type="exemption") self.region = RegionFactory.create() self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory(subregion=self.subregion) self.language = LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = SecretariatUserFactory( language=self.language, password=hash_alg.encode(password="******", salt="123salt123")) self.reporter = ReporterUserFactory(language=self.language, party=self.party, password=hash_alg.encode( password='******', salt='123salt123')) self.another_substance = AnotherSubstanceFactory() self.substance = SubstanceFactory() ReportingChannelFactory()
def setUp(self): super().setUp() self.workflow_class = "default" self.obligation = ObligationFactory(_form_type="hat") self.region = RegionFactory.create() self.subregion = SubregionFactory.create(region=self.region) self.party = PartyFactory(subregion=self.subregion) self.another_party = AnotherPartyFactory(subregion=self.subregion) self.language = LanguageEnFactory() hash_alg = Argon2PasswordHasher() self.secretariat_user = SecretariatUserFactory( language=self.language, password=hash_alg.encode(password="******", salt="123salt123")) self.client.login(username=self.secretariat_user.username, password='******') self.substance = SubstanceFactory() self.another_substance = AnotherSubstanceFactory() ReportingChannelFactory()
def save(self): passwordHasher = Argon2PasswordHasher() self.password = passwordHasher.encode(self.password, passwordHasher.salt()) super().save()
# active_token = PasswordResetTokenGenerator().make_token(Shops.objects.get(email=request.data['email'])) # # subject, from_email, to = 'confirm your email', '*****@*****.**', request.data['email'] # text_content = 'Confirmation of registration' # html_content = '<a href="' + env('SITE_URL') + '/face_tracking/confirm?token=' + str(active_token) + '&email=' + \ # request.data['email'] + '">Confirm Registretion</a>' # msg = EmailMultiAlternatives(subject, text_content, from_email, [to]) # msg.attach_alternative(html_content, "text/html") # msg.send() # # # generator = SchemaGenerator() # # schema = generator.get_schema(request=request) # # return Response(serializer.data, status=status.HTTP_201_CREATED) ph = Argon2PasswordHasher() @api_view(['POST']) @permission_classes([ AllowAny, ]) def authenticate_user(request): try: email = request.data['email'] password = request.data['password'] shop = Shops.objects.get(email=email) if not (ph.verify(password, shop.password)): res = {'error': 'invalid email of password'}
def verify_hash(self, _hash): try: ph_obj = Argon2PasswordHasher() return ph_obj.verify(password=self.password, encoded=_hash) except VerificationError: return False
class User(models.Model, CustomModelMixin): """ Custom user model """ id = models.UUIDField(primary_key= True, default= uuid.uuid4, editable= False) email = models.EmailField(_("Email"), max_length= 256, blank= False, unique= True) password = models.CharField(_("Password"), max_length= 265, blank= False) is_active = models.BooleanField(_("Is active?"), default= True) deleted_date = models.DateTimeField(_("Deleted date"), blank= True) created_at = models.DateTimeField(_("Created at"), auto_now_add= True) updated_at = models.DateTimeField(_("Updated at"), auto_now= True) class Meta: verbose_name = _('user') verbose_name_plural = _('users') app_label = 'users_app' _tokenize_fields = ( 'id', 'email', 'password', 'created_at' ) hasher = Argon2PasswordHasher() @property def tokenize_fields(self): payload = {} print("META: ", self._meta) for field in self._tokenize_fields: payload[field] = getattr(self, field) return payload def __str__(self): return self.email def _generate_confirm_code(self): return restore_password_link + get_random_string() @classmethod def _hash_password(cls, password): cls.hasher.encode(password, get_random_string()) def _check_hash(self, password): cls.hasher.verify(password) def _encode_token(self): return jwt.encode( self.tokenize_fields, jwt_settings['JWT_SECRET_KEY'], jwt_settings['JWT_ALGORITHM'], ).decode('utf-8') @staticmethod def _decode_token(token, context= None): return jwt.decode( token, jwt_settings['JWT_SECRET_KEY'], jwt_settings['JWT_VERIFY'], options= { 'verify_exp': jwt_settings['JWT_VERIFY_EXPIRATION'], }, leeway= jwt_settings['JWT_LEEWAY'], audience= jwt_settings['JWT_AUDIENCE'], issuer= jwt_settings['JWT_ISSUER'], algorithms= [jwt_settings['JWT_ALGORITHM']] ) @classmethod def login(cls, login, password): user = cls.objects.filter(email= login).first() if not (user or user._check_hash(password)): raise Exception("Invalid password or email") return user._encode_token() @classmethod def find_by_token(cls, token, context= None): try: payload = cls._decode_token(token, context) user = cls.objects.filter(email= payload['email'], id= payload['id']).first() if not (user or user._check_hash(payload['password'])): raise GraphQLJWTError(_('Password was changed')) del payload['password'] except jwt.ExpiredSignature: raise GraphQLJWTError(_('Signature has expired')) except jwt.DecodeError: raise GraphQLJWTError(_('Error decoding signature')) except jwt.InvalidTokenError: raise GraphQLJWTError(_('Invalid token')) return payload @classmethod def find_by_id(cls, user_id): return cls.objects.filter(id= user_id).first() def delete(self): self.deleted_date = datetime.utcnow() self.is_active = False self.profile.delete() self.save()