def test_zinnia_entry_detail_login_password(self): user_logged_in.disconnect(update_last_login) setup_test_template_loader( {'zinnia/entry_detail.html': '', 'zinnia/login.html': '', 'zinnia/password.html': ''}) entry = self.create_published_entry() entry.password = '******' entry.login_required = True entry.save() with self.assertNumQueries(4): response = self.client.get('/2010/01/01/my-test-entry/') self.assertTemplateUsed(response, 'zinnia/login.html') with self.assertNumQueries(9): response = self.client.post('/2010/01/01/my-test-entry/', {'username': '******', 'password': '******'}) self.assertEquals(response.status_code, 200) self.assertTemplateUsed(response, 'zinnia/password.html') self.assertEquals(response.context['error'], False) with self.assertNumQueries(6): response = self.client.post('/2010/01/01/my-test-entry/', {'entry_password': '******'}) self.assertEquals(response.status_code, 200) self.assertTemplateUsed(response, 'zinnia/entry_detail.html') restore_template_loaders() user_logged_in.connect(update_last_login)
def ready(self): # Import all required stuff. from . import serializers # noqa from ..core.signals import post_permission_creation, permission_change from ..utils.rest_api import router from .projector import register_projector_slides from .signals import create_builtin_groups_and_admin, get_permission_change_data from .views import GroupViewSet, PersonalNoteViewSet, UserViewSet # Define projector elements. register_projector_slides() # Connect signals. post_permission_creation.connect( create_builtin_groups_and_admin, dispatch_uid="create_builtin_groups_and_admin", ) permission_change.connect( get_permission_change_data, dispatch_uid="users_get_permission_change_data" ) # Disconnect the last_login signal if not settings.ENABLE_LAST_LOGIN_FIELD: user_logged_in.disconnect(dispatch_uid="update_last_login") # Register viewsets. router.register(self.get_model("User").get_collection_string(), UserViewSet) router.register(self.get_model("Group").get_collection_string(), GroupViewSet) router.register( self.get_model("PersonalNote").get_collection_string(), PersonalNoteViewSet )
def ready(self): # Import all required stuff. from . import serializers # noqa from ..core.signals import post_permission_creation, permission_change from ..utils.rest_api import router from .projector import register_projector_slides from .signals import create_builtin_groups_and_admin, get_permission_change_data from .views import GroupViewSet, PersonalNoteViewSet, UserViewSet # Define projector elements. register_projector_slides() # Connect signals. post_permission_creation.connect( create_builtin_groups_and_admin, dispatch_uid="create_builtin_groups_and_admin", ) permission_change.connect( get_permission_change_data, dispatch_uid="users_get_permission_change_data") # Disconnect the last_login signal if not settings.ENABLE_LAST_LOGIN_FIELD: user_logged_in.disconnect(dispatch_uid="update_last_login") # Register viewsets. router.register( self.get_model("User").get_collection_string(), UserViewSet) router.register( self.get_model("Group").get_collection_string(), GroupViewSet) router.register( self.get_model("PersonalNote").get_collection_string(), PersonalNoteViewSet)
def disconnect(self): if self.started: user_logged_in.disconnect(self.logged_in) user_logged_out.disconnect(self.logged_out) user_login_failed.disconnect(self.login_failed) self.started = False return self
def test_zinnia_entry_detail_login_password(self): user_logged_in.disconnect(update_last_login) setup_test_template_loader({ 'zinnia/entry_detail.html': '', 'zinnia/login.html': '', 'zinnia/password.html': '' }) entry = self.create_published_entry() entry.password = '******' entry.login_required = True entry.save() with self.assertNumQueries(4): response = self.client.get('/2010/01/01/my-test-entry/') self.assertTemplateUsed(response, 'zinnia/login.html') with self.assertNumQueries(9): response = self.client.post('/2010/01/01/my-test-entry/', { 'username': '******', 'password': '******' }) self.assertEquals(response.status_code, 200) self.assertTemplateUsed(response, 'zinnia/password.html') self.assertEquals(response.context['error'], False) with self.assertNumQueries(6): response = self.client.post('/2010/01/01/my-test-entry/', {'entry_password': '******'}) self.assertEquals(response.status_code, 200) self.assertTemplateUsed(response, 'zinnia/entry_detail.html') restore_template_loaders() user_logged_in.connect(update_last_login)
def disconnect(self): if self.started: user_logged_in.disconnect(self.logged_in, weak=False, dispatch_uid="dsl-logged-in") user_logged_out.disconnect(self.logged_out, weak=False, dispatch_uid="dsl-logged-out") user_login_failed.disconnect(self.login_failed, weak=False, dispatch_uid="dsl-logged-failed") self.started = False return self
def test_zinnia_entry_detail_login_password(self): user_logged_in.disconnect(update_last_login) entry = self.create_published_entry() entry.password = '******' entry.login_required = True entry.save() with self.assertNumQueries(1): response = self.client.get(entry.get_absolute_url()) self.assertTemplateUsed(response, 'zinnia/login.html') with self.assertNumQueries(3): response = self.client.post(entry.get_absolute_url(), { 'username': '******', 'password': '******' }) self.assertEqual(response.status_code, 200) self.assertTemplateUsed(response, 'zinnia/password.html') self.assertEqual(response.context['error'], False) with self.assertNumQueries(2): response = self.client.post(entry.get_absolute_url(), {'entry_password': '******'}) self.assertEqual(response.status_code, 200) self.assertTemplateUsed( response, 'zinnia/archives/2010/01/01/my-test-entry_entry_detail.html') user_logged_in.connect(update_last_login)
def login(request): if request.user.is_authenticated(): # TODO - logout return redirect('index') code = request.GET.get('code') token = request.GET.get('token') if not code and not token: return _fb_redirect(request) if code: resp = requests.get( FB_TOKEN_URL, params={ 'client_id': settings.FB_APP_ID, 'redirect_uri': request.build_absolute_uri(), 'client_secret': settings.FB_APP_SECRET, 'code': code, } ) if resp.status_code != 200: return _fb_redirect(request) token = resp.json()['access_token'] user = authenticate(token=token) if user is not None: user_logged_in.disconnect(update_last_login) auth_login(request, user) return redirect('index')
def ready(self): # Import all required stuff. from ..core.config import config from ..core.signals import post_permission_creation, permission_change from ..utils.rest_api import router from .config_variables import get_config_variables from .projector import get_projector_elements from .signals import create_builtin_groups_and_admin, get_permission_change_data from .views import GroupViewSet, PersonalNoteViewSet, UserViewSet # Define config variables and projector elements. config.update_config_variables(get_config_variables()) register_projector_elements(get_projector_elements()) # Connect signals. post_permission_creation.connect( create_builtin_groups_and_admin, dispatch_uid='create_builtin_groups_and_admin') permission_change.connect( get_permission_change_data, dispatch_uid='users_get_permission_change_data') # Disconnect the last_login signal if not settings.ENABLE_LAST_LOGIN_FIELD: user_logged_in.disconnect(dispatch_uid='update_last_login') # Register viewsets. router.register(self.get_model('User').get_collection_string(), UserViewSet) router.register(self.get_model('Group').get_collection_string(), GroupViewSet) router.register(self.get_model('PersonalNote').get_collection_string(), PersonalNoteViewSet)
def ready(self): # Import all required stuff. from ..core.config import config from ..core.signals import post_permission_creation, permission_change from ..utils.rest_api import router from .config_variables import get_config_variables from .projector import get_projector_elements from .signals import create_builtin_groups_and_admin, get_permission_change_data from .views import GroupViewSet, PersonalNoteViewSet, UserViewSet # Define config variables and projector elements. config.update_config_variables(get_config_variables()) register_projector_elements(get_projector_elements()) # Connect signals. post_permission_creation.connect( create_builtin_groups_and_admin, dispatch_uid='create_builtin_groups_and_admin') permission_change.connect( get_permission_change_data, dispatch_uid='users_get_permission_change_data') # Disconnect the last_login signal if not settings.ENABLE_LAST_LOGIN_FIELD: user_logged_in.disconnect(dispatch_uid='update_last_login') # Register viewsets. router.register( self.get_model('User').get_collection_string(), UserViewSet) router.register( self.get_model('Group').get_collection_string(), GroupViewSet) router.register( self.get_model('PersonalNote').get_collection_string(), PersonalNoteViewSet)
def post(self, request): logger = logging.getLogger('netbox.auth.login') form = LoginForm(request, data=request.POST) if form.is_valid(): logger.debug("Login form validation was successful") # Determine where to direct user after successful login redirect_to = request.POST.get('next') if redirect_to and not is_safe_url(url=redirect_to, allowed_hosts=request.get_host()): logger.warning(f"Ignoring unsafe 'next' URL passed to login form: {redirect_to}") redirect_to = reverse('home') # If maintenance mode is enabled, assume the database is read-only, and disable updating the user's # last_login time upon authentication. if settings.MAINTENANCE_MODE: logger.warning("Maintenance mode enabled: disabling update of most recent login time") user_logged_in.disconnect(update_last_login, dispatch_uid='update_last_login') # Authenticate user auth_login(request, form.get_user()) logger.info(f"User {request.user} successfully authenticated") messages.info(request, "Logged in as {}.".format(request.user)) logger.debug(f"Redirecting user to {redirect_to}") return HttpResponseRedirect(redirect_to) else: logger.debug("Login form validation failed") return render(request, self.template_name, { 'form': form, })
def test_zinnia_entry_detail_login_password(self): user_logged_in.disconnect(update_last_login) self.inhibit_templates('zinnia/entry_detail.html', 'zinnia/login.html', 'zinnia/password.html') entry = self.create_published_entry() entry.password = '******' entry.login_required = True entry.save() with self.assertNumQueries(1): response = self.client.get(entry.get_absolute_url()) self.assertTemplateUsed(response, 'zinnia/login.html') with self.assertNumQueries(12): response = self.client.post(entry.get_absolute_url(), {'username': '******', 'password': '******'}) self.assertEqual(response.status_code, 200) self.assertTemplateUsed(response, 'zinnia/password.html') self.assertEqual(response.context['error'], False) with self.assertNumQueries(7): response = self.client.post(entry.get_absolute_url(), {'entry_password': '******'}) self.assertEqual(response.status_code, 200) self.assertTemplateUsed(response, 'zinnia/entry_detail.html') user_logged_in.connect(update_last_login)
def post(self, request): logger = logging.getLogger('netbox.auth.login') form = LoginForm(request, data=request.POST) if form.is_valid(): logger.debug("Login form validation was successful") # If maintenance mode is enabled, assume the database is read-only, and disable updating the user's # last_login time upon authentication. if settings.MAINTENANCE_MODE: logger.warning( "Maintenance mode enabled: disabling update of most recent login time" ) user_logged_in.disconnect(update_last_login, dispatch_uid='update_last_login') # Authenticate user auth_login(request, form.get_user()) logger.info(f"User {request.user} successfully authenticated") messages.info(request, "Logged in as {}.".format(request.user)) return self.redirect_to_next(request, logger) else: logger.debug("Login form validation failed") return render(request, self.template_name, { 'form': form, })
def post(self, request): form = LoginForm(request, data=request.POST) if form.is_valid(): # Determine where to direct user after successful login redirect_to = request.POST.get('next', '') if not is_safe_url(url=redirect_to, allowed_hosts=request.get_host()): redirect_to = reverse('home') # If maintenance mode is enabled, assume the database is read-only, and disable updating the user's # last_login time upon authentication. if settings.MAINTENANCE_MODE: user_logged_in.disconnect(update_last_login, dispatch_uid='update_last_login') # Authenticate user auth_login(request, form.get_user()) messages.info(request, "Logged in as {}.".format(request.user)) return HttpResponseRedirect(redirect_to) return render(request, self.template_name, { 'form': form, })
def authenticate(self, username=None, password=None): user_logged_in.disconnect(update_last_login) try: user = User.objects.get(username=username, is_active=True) if user.check_password(password): return user return None except User.DoesNotExist: return None
def ready(self): from django.contrib.auth.models import update_last_login as django_update_last_login user_logged_in.disconnect(django_update_last_login) from .signals.receivers import update_last_login user_logged_in.connect(update_last_login) from django.contrib.auth.models import User from .signals.receivers import on_user_updated pre_save.connect(on_user_updated, sender=User)
def ready(self): from django.contrib.auth.models import update_last_login # disconnect the buildin function "update_last_login", because we have our own and don't # want to send a post save message, which causes a user_logged_in.disconnect(update_last_login, dispatch_uid='update_last_login') # connect the receivers # https://docs.djangoproject.com/en/1.8/topics/signals/ # noinspection PyUnresolvedReferences from . import signals
def test_login_without_signal(self): """Login shouldn't send signal if user wasn't logged in""" def listener(*args, **kwargs): listener.executed = True listener.executed = False user_logged_in.connect(listener) self.client.login(username='******', password='******') user_logged_in.disconnect(listener) self.assertFalse(listener.executed)
def test_last_seen(self): self.editor.last_seen = None self.editor.save() self.client.cookies.clear() # login sends dud request without REQUEST dict user_logged_in.disconnect(views.set_session_expiry) self.client.login(username="******", password="******") user_logged_in.connect(views.set_session_expiry) self.client.get("/") last_seen = Member.objects.get(pk=self.editor.pk).last_seen self.assertTrue(last_seen) self.client.get("/") self.assertEqual(Member.objects.get(pk=self.editor.pk).last_seen, last_seen)
def setup_user_model(UserModel): for attr, val in dict( USERNAME_FIELD = 'name', REQUIRED_FIELDS = [], is_active = True, get_full_name = lambda self: self.name, get_short_name = lambda self: self.name, is_authenticated = lambda self: True, ).items(): setattr(UserModel, attr, val) from django.contrib.auth.signals import user_logged_in from django.contrib.auth.models import update_last_login user_logged_in.disconnect(update_last_login)
def authenticate(self, username=None, password=None): if not all([username, password]): return None result = rpc.staff.auth_staff_member( identifier=username, password=password ) if result['success']: user_logged_in.disconnect(update_last_login) return Staff(result['data']) return None
def login_user(request, hijacked): ''' hijack mechanism ''' hijacker = request.user hijack_history = [request.user._meta.pk.value_to_string(hijacker)] if request.session.get('hijack_history'): hijack_history = request.session['hijack_history'] + hijack_history check_hijack_authorization(request, hijacked) backend = get_used_backend(request) hijacked.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) # Prevent update of hijacked user last_login signal_was_connected = user_logged_in.disconnect(update_last_login) # Actually log user in login(request, hijacked) # Restore signal if needed if signal_was_connected: user_logged_in.connect(update_last_login) post_superuser_login.send(sender=None, user_id=hijacked.pk) # Send legacy signal hijack_started.send(sender=None, hijacker_id=hijacker.pk, hijacked_id=hijacked.pk, request=request) # Send official, documented signal request.session['hijack_history'] = hijack_history request.session['is_hijacked_user'] = True request.session['display_hijack_warning'] = True request.session.modified = True return redirect_to_next( request, default_url=hijack_settings.HIJACK_LOGIN_REDIRECT_URL)
def no_update_last_login(): """ Disconnect any signals to update_last_login() for the scope of the context manager, then restore. """ kw = {'receiver': update_last_login} kw_id = {'receiver': update_last_login, 'dispatch_uid': 'update_last_login'} was_connected = user_logged_in.disconnect(**kw) was_connected_id = not was_connected and user_logged_in.disconnect(**kw_id) yield # Restore signal if needed if was_connected: user_logged_in.connect(**kw) elif was_connected_id: user_logged_in.connect(**kw_id)
def login_user(request, hijacked): ''' hijack mechanism ''' hijacker = request.user hijack_history = [request.user._meta.pk.value_to_string(hijacker)] if request.session.get('hijack_history'): hijack_history = request.session['hijack_history'] + hijack_history check_hijack_authorization(request, hijacked) backend = get_used_backend(request) hijacked.backend = "%s.%s" % (backend.__module__, backend.__class__.__name__) # Prevent update of hijacked user last_login signal_was_connected = user_logged_in.disconnect(update_last_login) # Actually log user in login(request, hijacked) # Restore signal if needed if signal_was_connected: user_logged_in.connect(update_last_login) post_superuser_login.send(sender=None, user_id=hijacked.pk) # Send legacy signal hijack_started.send(sender=None, hijacker_id=hijacker.pk, hijacked_id=hijacked.pk, request=request) # Send official, documented signal request.session['hijack_history'] = hijack_history request.session['is_hijacked_user'] = True request.session['display_hijack_warning'] = True request.session.modified = True return redirect_to_next(request, default_url=hijack_settings.HIJACK_LOGIN_REDIRECT_URL)
def no_update_last_login(): """Disconnect any signals to ``update_last_login`` and reconnect them on exit.""" kw = {"receiver": update_last_login} kw_id = { "receiver": update_last_login, "dispatch_uid": "update_last_login" } was_connected = user_logged_in.disconnect(**kw) was_connected_id = not was_connected and user_logged_in.disconnect(**kw_id) yield # Restore signal if needed if was_connected: user_logged_in.connect(**kw) elif was_connected_id: user_logged_in.connect(**kw_id)
def Login(request): """ Description: Производит аутентификацию пользователя с помощью полученных в запросе данных(email,пароль), после аутентификации регистрирует новую сессию пользователя. Args: request - запрос от клиента с методом POST содержащий в себе Email и Password. """ try: data = json.loads(request.body) user = authenticate(username=data['Email'], password=data['Password']) except: return HttpResponse('Bad request', status=400) if not user == None: user_logged_in.disconnect(update_last_login, dispatch_uid='update_last_login') login(request, user) return HttpResponse("Login") else: return HttpResponse("Login failed", status=401)
def super_login(request, form_class=SuperLoginForm, extra_context=None): if request.method == "POST": form = form_class(data=request.POST) if form.is_valid(): if form.cleaned_data["recruiter"]: user = User.objects.get(username=form.cleaned_data["recruiter"]) else: user = CampusOrg.objects.get(name=form.cleaned_data["campus_org"]).user user.backend = s.AUTHENTICATION_BACKENDS[0] user_logged_in.disconnect(update_last_login) auth_login(request, user) return redirect(reverse("home")) else: form = form_class() context = {"form": form} context.update(extra_context or {}) return context
def ready(self): from django.contrib.auth.models import update_last_login as django_update_last_login user_logged_in.disconnect(django_update_last_login) from .signals.receivers import update_last_login user_logged_in.connect(update_last_login) from django.contrib.auth.models import User from .signals.receivers import on_user_updated pre_save.connect(on_user_updated, sender=User) # The django-simple-history model on CourseEnrollment creates performance # problems in testing, we mock it here so that the mock impacts all tests. if os.environ.get('DISABLE_COURSEENROLLMENT_HISTORY', False): import student.models as student_models from mock import MagicMock student_models.CourseEnrollment.history = MagicMock()
def ready(self): from django.contrib.auth.models import update_last_login as django_update_last_login user_logged_in.disconnect(django_update_last_login) from .signals.receivers import update_last_login user_logged_in.connect(update_last_login) from django.contrib.auth.models import User from .signals.receivers import on_user_updated pre_save.connect(on_user_updated, sender=User) rate_limit_override = settings.EDRAAK_STUDENTCONFIG_OVERRIDE_RATE_LIMIT_VALUE if rate_limit_override: if settings.FEATURES.get('EDRAAK_RATELIMIT_APP'): raise ValueError('Cannot activate (EDRAAK_RATELIMIT_APP) and override default limit at the same time!') from ratelimitbackend.backends import RateLimitMixin RateLimitMixin.requests = rate_limit_override RateLimitMixin.ratelimit_rate = '{rate_limit_override}/m'.format(rate_limit_override=rate_limit_override)
def ready(self): from django.contrib.auth.models import update_last_login from django.contrib.auth.signals import user_logged_in, user_logged_out from watson import search as watson_search from inboxen import checks, search, signals Inbox = self.get_model("Inbox") Email = self.get_model("Email") Request = self.get_model("Request") # Unregister update_last_login handler user_logged_in.disconnect(update_last_login) # Search watson_search.register(Email, search.EmailSearchAdapter) watson_search.register(Inbox, search.InboxSearchAdapter) user_logged_out.connect(signals.logout_message)
def super_login(request, form_class=SuperLoginForm, extra_context=None): if request.method == "POST": form = form_class(data=request.POST) if form.is_valid(): if form.cleaned_data["recruiter"]: user = User.objects.get( username=form.cleaned_data['recruiter']) else: user = CampusOrg.objects.get( name=form.cleaned_data['campus_org']).user user.backend = s.AUTHENTICATION_BACKENDS[0] user_logged_in.disconnect(update_last_login) auth_login(request, user) return redirect(reverse("home")) else: form = form_class() context = {'form': form} context.update(extra_context or {}) return context
def ready(self): from django.contrib.auth.models import update_last_login from django.contrib.auth.signals import user_logged_in, user_logged_out from watson import search as watson_search from inboxen import checks # noqa from inboxen import signals from inboxen.search import watson as search Inbox = self.get_model("Inbox") Email = self.get_model("Email") # Unregister update_last_login handler user_logged_in.disconnect(update_last_login) # Search watson_search.register(Email, search.EmailSearchAdapter) watson_search.register(Inbox, search.InboxSearchAdapter) user_logged_out.connect(signals.logout_message)
def ready(self): from django.contrib.auth.models import update_last_login from django.contrib.auth.signals import user_logged_in, user_logged_out from watson import search as watson_search from inboxen import checks, search, signals Inbox = self.get_model("Inbox") Email = self.get_model("Email") Request = self.get_model("Request") # Unregister update_last_login handler user_logged_in.disconnect(update_last_login) # Search watson_search.register(Email, search.EmailSearchAdapter) watson_search.register(Inbox, search.InboxSearchAdapter) pre_save.connect(signals.decided_checker, sender=Request, dispatch_uid="request_decided_checker") user_logged_out.connect(signals.logout_message)
def login_as(user, request, store_original_user=True): """ Utility function for forcing a login as specific user -- be careful about calling this carelessly :) """ # Save the original user pk before it is replaced in the login method original_user_pk = request.user.pk # Find a suitable backend. if not hasattr(user, 'backend'): for backend in django_settings.AUTHENTICATION_BACKENDS: if not hasattr(load_backend(backend), 'get_user'): continue if user == load_backend(backend).get_user(user.pk): user.backend = backend break else: raise ImproperlyConfigured('Could not found an appropriate authentication backend') # Add admin audit log entry change_message = 'User {0} logged in as {1}.'.format(request.user, user) LogEntry.objects.log_action( user_id=original_user_pk, content_type_id=ContentType.objects.get_for_model(user).pk, object_id=user.pk, object_repr=str(user), change_message=change_message, action_flag=CHANGE ) # Log the user in. if hasattr(user, 'backend'): signal_was_connected = False if not la_settings.UPDATE_LAST_LOGIN: # Prevent update of user last_login signal_was_connected = user_logged_in.disconnect(update_last_login) try: # Actually log user in login(request, user) finally: # Restore signal if needed if signal_was_connected: user_logged_in.connect(update_last_login) else: return # Set a flag on the session if store_original_user: messages.warning(request, la_settings.MESSAGE_LOGIN_SWITCH.format(username=user.__dict__[username_field]), extra_tags=la_settings.MESSAGE_EXTRA_TAGS) request.session[la_settings.USER_SESSION_FLAG] = signer.sign(original_user_pk)
def php_login(request): from django.contrib.auth.views import logout auth = request.POST.get('auth', '') customer_id = request.POST.get('customer_id', '') admin_id = request.POST.get('admin_id', '') if auth == hashlib.md5( '%s-%s' % (settings.WEB_API_AUTH_KEY, datetime.datetime.now().strftime("%Y%m%d")) ).hexdigest() and admin_id and customer_id: logout(request) obj = Customer.objects.get(id=customer_id) user = authenticate(username=obj.username, password='', t_password=obj.password) request.session['is_admin'] = True request.session['admin_id'] = admin_id user_logged_in.disconnect(update_last_login) auth_login(request, user) return HttpResponseRedirect(reverse('home')) raise Http404
def login_user(request, emulated_user): logged_in_user = request.user emulated_user.backend = settings.AUTHENTICATION_BACKENDS[0] # we don't want login to trigger update of last login date user_logged_in.disconnect(update_last_login) # Actually log user in login(request, emulated_user) # turn back on login signal to update last login user_logged_in.connect(update_last_login) emulation_started.send(sender=None, logged_in_user_id=logged_in_user.pk, emulated_user_id=emulated_user.pk, request=request) # Send official, documented signal request.session['logged_in_user'] = logged_in_user.pk request.session['is_emulating'] = True request.session.modified = True return redirect_to_next(request)
def sub_account_login(request): from django.contrib.auth.models import update_last_login from django.contrib.auth.views import logout, auth_login from django.contrib.auth import authenticate from django.contrib.auth.signals import user_logged_in parent_user_id = request.user.id client_ip = get_client_ip(request) agent = request.META.get('HTTP_USER_AGENT', None) ip_search = IpSearch() ip_info = ip_search.Find(client_ip) area, title = split_ip_to_area_title(ip_info) customer_id = request.POST.get('subloging_customer_id', '') auth = request.POST.get('subloging_auth', '') obj = get_customer_child_obj(request, customer_id) if auth == hashlib.md5( '%s-%s' % (settings.WEB_API_AUTH_KEY, datetime.datetime.now().strftime("%Y%m%d"))).hexdigest(): logout(request) CoreLog.objects.create( user_id=parent_user_id, user_type='users', target_id=customer_id, target_name=u'{0} - {0}'.format(obj.username), action='user_login', ip=client_ip, desc=u'登录IP:{}<br>登录地区:{}<br>浏览器信息:{}'.format( client_ip, title, agent), ) user = authenticate(username=obj.username, password='', t_password=obj.password) user_logged_in.disconnect(update_last_login) auth_login(request, user) user_logged_in.connect(update_last_login) return HttpResponseRedirect(reverse('home')) raise Http404
def test_zinnia_entry_detail_login_password(self): user_logged_in.disconnect(update_last_login) setup_test_template_loader( {"zinnia/entry_detail.html": "", "zinnia/login.html": "", "zinnia/password.html": ""} ) entry = self.create_published_entry() entry.password = "******" entry.login_required = True entry.save() with self.assertNumQueries(4): response = self.client.get("/2010/01/01/my-test-entry/") self.assertTemplateUsed(response, "zinnia/login.html") with self.assertNumQueries(9): response = self.client.post("/2010/01/01/my-test-entry/", {"username": "******", "password": "******"}) self.assertEquals(response.status_code, 200) self.assertTemplateUsed(response, "zinnia/password.html") self.assertEquals(response.context["error"], False) with self.assertNumQueries(6): response = self.client.post("/2010/01/01/my-test-entry/", {"entry_password": "******"}) self.assertEquals(response.status_code, 200) self.assertTemplateUsed(response, "zinnia/entry_detail.html") restore_template_loaders() user_logged_in.connect(update_last_login)
def post(self, request): form = LoginForm(request, data=request.POST) if form.is_valid(): # Determine where to direct user after successful login redirect_to = request.POST.get('next', '') if not is_safe_url(url=redirect_to, allowed_hosts=request.get_host()): redirect_to = reverse('home') # If maintenance mode is enabled, assume the database is read-only, and disable updating the user's # last_login time upon authentication. if settings.MAINTENANCE_MODE: user_logged_in.disconnect(update_last_login, dispatch_uid='update_last_login') # Authenticate user auth_login(request, form.get_user()) messages.info(request, "Logged in as {}.".format(request.user)) return HttpResponseRedirect(redirect_to) return render(request, self.template_name, { 'form': form, })
def login_as(user, request, store_original_user=True): """ Utility function for forcing a login as specific user -- be careful about calling this carelessly :) """ # Logout from other las modules. Reason: if we don't, and the user has already opened a module # once the new user is logged in, the module won't switch to the new user since the previous session # is still open and valid (so it won't even go to the lasauthserver to check if the current user is logged in) #home.views.logoutFromLASModules(request) # Save the original user pk before it is replaced in the login method original_user_pk = request.user.pk if store_original_user == False: logout(request) # Find a suitable backend. if not hasattr(user, 'backend'): for backend in django_settings.AUTHENTICATION_BACKENDS: if user == load_backend(backend).get_user(user.pk): user.backend = backend break # Log the user in. if hasattr(user, 'backend'): signal_was_connected = False if not la_settings.UPDATE_LAST_LOGIN: # Prevent update of user last_login signal_was_connected = user_logged_in.disconnect(update_last_login) try: # Actually log user in login(request, user) finally: # Restore signal if needed if signal_was_connected: user_logged_in.connect(update_last_login) else: return # Set a flag on the session if store_original_user: messages.warning(request, la_settings.MESSAGE_LOGIN_SWITCH.format(username=user.__dict__[username_field]), extra_tags=la_settings.MESSAGE_EXTRA_TAGS) request.session[la_settings.USER_SESSION_FLAG] = signer.sign(original_user_pk)
def login_as(user, request, store_original_user=True): """ Utility function for forcing a login as specific user -- be careful about calling this carelessly :) """ # Save the original user pk before it is replaced in the login method original_user_pk = request.user.pk # Find a suitable backend. if not hasattr(user, 'backend'): for backend in django_settings.AUTHENTICATION_BACKENDS: if user == load_backend(backend).get_user(user.pk): user.backend = backend break # Log the user in. if hasattr(user, 'backend'): signal_was_connected = False if not la_settings.UPDATE_LAST_LOGIN: # Prevent update of user last_login signal_was_connected = user_logged_in.disconnect(update_last_login) try: # Actually log user in login(request, user) finally: # Restore signal if needed if signal_was_connected: user_logged_in.connect(update_last_login) else: return # Set a flag on the session if store_original_user: messages.warning(request, la_settings.MESSAGE_LOGIN_SWITCH.format( username=user.__dict__[username_field]), extra_tags=la_settings.MESSAGE_EXTRA_TAGS) request.session[la_settings.USER_SESSION_FLAG] = signer.sign( original_user_pk)
def ready(self): from django.contrib.auth.signals import user_logged_in, user_logged_out from watson import search as watson_search from inboxen import checks # noqa from inboxen import signals from inboxen.search import watson as search Inbox = self.get_model("Inbox") Email = self.get_model("Email") # Unregister update_last_login handler assert user_logged_in.disconnect( dispatch_uid='update_last_login'), "Last login not disconnected" # Search watson_search.register(Email, search.EmailSearchAdapter) watson_search.register(Inbox, search.InboxSearchAdapter) user_logged_out.connect(signals.logout_message, dispatch_uid='inboxen_logout_message')
def login_as(user, request, store_original_user=True): """ Utility function for forcing a login as specific user -- be careful about calling this carelessly :) """ # Save the original user pk before it is replaced in the login method original_user_pk = request.user.pk # Find a suitable backend. if not hasattr(user, 'backend'): for backend in django_settings.AUTHENTICATION_BACKENDS: if user == load_backend(backend).get_user(user.pk): user.backend = backend break # Log the user in. if hasattr(user, 'backend'): signal_was_connected = False if not la_settings.UPDATE_LAST_LOGIN: # Prevent update of user last_login signal_was_connected = user_logged_in.disconnect(update_last_login) try: # Actually log user in login(request, user) finally: # Restore signal if needed if signal_was_connected: user_logged_in.connect(update_last_login) else: return # Set a flag on the session if store_original_user: messages.warning(request, la_settings.MESSAGE_LOGIN_SWITCH.format(username=user.__dict__[username_field]), extra_tags=la_settings.MESSAGE_EXTRA_TAGS) request.session[la_settings.USER_SESSION_FLAG] = signer.sign(original_user_pk)
def tearDown(self): """Disconnect the listeners""" user_logged_in.disconnect(update_last_login)
) if language and hasattr(request, 'session'): request.session['django_language'] = language def safe_update_last_login(sender, user, **kwargs): """ Identical to Django's built-in handler except that we gracefully handle database failures. tl;dr logging in should not fail when a db is read-only """ try: update_last_login(sender, user, **kwargs) except DatabaseError as exc: logging.warn(six.text_type(exc), exc_info=True) user_logged_in.disconnect(update_last_login) user_logged_in.connect( safe_update_last_login, dispatch_uid="safe_update_last_login", weak=False, ) user_logged_in.connect( set_language_on_logon, dispatch_uid="set_language_on_logon", weak=False )
Copyright (c) 2018 InnoGames GmbH """ from importlib import import_module from django.conf import settings from django.conf.urls import include, url from django.conf.urls.static import static from django.contrib import admin from django.contrib.auth.models import update_last_login from django.contrib.auth.signals import user_logged_in from django.contrib.auth.views import logout_then_login from django.shortcuts import redirect user_logged_in.disconnect(update_last_login) admin.autodiscover() urlpatterns = [ url(r'^$', lambda req: redirect('servershell_index'), name='home'), url(r'^logout', logout_then_login, name='logout'), url(r'^admin/', include(admin.site.urls)), ] for app in settings.INSTALLED_APPS: try: module = import_module(app + '.urls') except ImportError: continue
from django.contrib import admin from django.contrib.auth import models as auth_models from django.contrib.auth.signals import user_logged_in import models import udf user_logged_in.disconnect(auth_models.update_last_login) admin.site.register(models.Instance) admin.site.register(models.FieldPermission) admin.site.register(models.Role) admin.site.register(models.BenefitCurrencyConversion) admin.site.register(models.Species) admin.site.register(models.Tree) admin.site.register(models.User) admin.site.register(models.StaticPage) admin.site.register(udf.UserDefinedFieldDefinition)
def ready(self): user_logged_in.disconnect(dispatch_uid='update_last_login')
from django.contrib import admin from django.contrib.auth import models as auth_models from django.contrib.auth.signals import user_logged_in import models user_logged_in.disconnect(auth_models.update_last_login) admin.site.register(models.Instance) admin.site.register(models.Species) admin.site.register(models.Tree)
user.current_login_ip = request.META.get('REMOTE_ADDR', '0.0.0.0') user.login_times += 1 user.scores += LOGIN_SCR user.experience += LOGIN_EXP user.wealth += LOGIN_WLT user.save(update_fields=['current_login', 'current_login_ip', 'login_times', 'scores', 'experience', 'wealth']) def update_pilot_last_login(sender, user, **kwargs): """ 用户注销后将本次登录的时间和IP存入上次登录的时间和IP """ user.last_login = user.current_login user.last_login_ip = user.current_login_ip user.save(update_fields=['last_login', 'last_login_ip']) user_logged_in.disconnect(update_last_login) # 去掉django.contrib.auth的默认登录更新操作 user_logged_in.connect(update_pilot_current_login) user_logged_out.connect(update_pilot_last_login) class Pilot(AbstractUser): """ 在Django自带的用户类基础上略做扩展的克隆飞行员类,增加了上次、本次登录时间和IP的记录 """ current_login = models.DateTimeField(u'本次登录时间', default=timezone.now) current_login_ip = models.GenericIPAddressField(u'本次登录IP', default='0.0.0.0') last_login_ip = models.GenericIPAddressField(u'上次登录IP', default='0.0.0.0') login_times = models.PositiveIntegerField(u'登录次数', default=0) topic_num = models.PositiveIntegerField(u'发布主题数', default=0) post_num = models.PositiveIntegerField(u'发布帖子数', default=0) scores = models.PositiveIntegerField(u'积分', default=0) experience = models.PositiveIntegerField(u'经验', default=0)
def login(self, user): user.backend = 'todo.backends.FacebookBackend' user_logged_in.disconnect(update_last_login) super(TestClient, self)._login(user) return True
def tearDown(self): """Disconnect the listeners""" user_logged_in.disconnect(update_last_login)