def login(request, template="accounts/account_login.html"):
"""
Login form.
"""
isAjax = False
form = LoginForm(request.POST or None)
next = get_login_redirect_url(request)
if request.method == "POST" and form.is_valid():
authenticated_user = form.save()
#info(request, _("Successfully logged in"))
auth_login(request, authenticated_user)
if request.is_ajax():
if request.user.is_authenticated():
return HttpResponse(simplejson.dumps(dict(url=next,
success=True)))
else:
return HttpResponse(simplejson.dumps(dict(success=False)))
else:
return login_redirect(request)
elif form.errors:
return HttpResponse(simplejson.dumps(dict(errors=form.errors, success=False)))
if request.is_ajax():
template = "accounts/ajax_account_login.html"
context = {"form": form, "title": _("Log in"), "next":next}
return render(request, template, context)
def signup(request):
if request.method == 'POST':
form = SignupForm2(request.POST)
if form.is_valid():
user = form.save()
# backend_cls = get_backends()[0].__class__
# backend_path = backend_cls.__module__ + '.' + backend_cls.__name__
# https://github.com/django/django/blob/1.9/django/contrib/auth/__init__.py#L81
# user.backend = backend_path
authenticated_user = authenticate(
username=form.cleaned_data['username'],
password=form.cleaned_data['password1'])
auth_login(request, authenticated_user)
messages.info(request, '환영합니다. ;)')
return redirect(settings.LOGIN_REDIRECT_URL)
# 회원가입 시에, 이메일 승인
# user = form.save(commit=False)
# user.is_active = False
# user.save()
# send_signup_confirm_email(request, user)
# return redirect(settings.LOGIN_URL)
else:
form = SignupForm2()
return render(request, 'accounts/signup.html', {
'form': form,
})
def login(request):
"""
Log the user in. If successful, let the client handle the redirect.
If login fails, return a JSON response indicating failure, along with
the rendered html of the bound login form.
"""
if request.user.is_authenticated() or request.method != 'POST':
return {'success': True, 'redirect': reverse('overview')}
form = LoginForm(request.POST)
t = loader.get_template('login_modal.html')
if not form.is_valid():
c = RequestContext(request, {'login_form': form, 'form_only': True})
form_html = t.render(c)
return {'success': False, 'form_html': form_html}
user = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password'])
if not user:
c = RequestContext(request, {'login_form': form, 'form_only': True,
'extra_errors': ['Invalid password.']})
form_html = t.render(c)
return {'success': False, 'form_html': form_html}
auth_login(request, user)
return {'success': True, 'redirect': reverse('overview')}
def register(request):
if request.user.is_authenticated():
return HttpResponseRedirect("/login")
next = request.REQUEST.get('next', '')
if request.method == 'POST':
form = NewUserForm(request.POST)
if form.is_valid():
new_user = form.save()
user = authenticate(email=form.cleaned_data['email'],
password=form.cleaned_data['password1'])
auth_login(request, user)
UserProfile(id=user.id).assign_slug().save()
if "noredirect" in request.POST:
return HttpResponse("ok")
else:
next = request.POST.get("next", "/") + "?welcome=to-sefaria"
return HttpResponseRedirect(next)
else:
form = NewUserForm()
return render_to_response("registration/register.html",
{'form' : form, 'next': next},
RequestContext(request))
def register(request):
"""
Register a new user. If successful, log the user in and let the client
handle the redirect. If registration fails, return a JSON response indicating
failure, along with the rendered html of the bound registration form.
"""
if request.user.is_authenticated() or request.method != 'POST':
return {'success': True, 'redirect': reverse('overview')}
form = RegistrationForm(request.POST)
t = loader.get_template('registration_modal.html')
c = RequestContext(request, {'registration_form': form, 'form_only': True})
form_html = t.render(c)
if not form.is_valid():
return {'success': False, 'form_html': form_html}
# setup our new user and user profile
user = User.objects.create_user(username=form.cleaned_data['username'],
email=form.cleaned_data['email'],
password=form.cleaned_data['password1'])
user.save()
user = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password1'])
auth_login(request, user)
return {'success': True, 'redirect': reverse('overview')}
def login(request):
if request.method != u'POST':
communities = Community.objects.all()
response_data = random_captcha()
response_data['communities'] = communities
return render_to_response('login.html', response_data)
else:
captcha_list = CaptchaStore.objects.filter(hashkey=request.POST.get(u'cptch_key', None))
communities = Community.objects.all()
if len(captcha_list) == 0:
response_data = random_captcha()
response_data['communities'] = communities
response_data['captcha_info'] = u'验证码不正确.'
return render_to_response('login.html', response_data)
result = captcha_list[0].response
verify_code = request.POST.get(u'verify_code', None)
if result != verify_code:
response_data = random_captcha()
response_data['communities'] = communities
response_data['captcha_info'] = u'验证码不正确.'
return render_to_response('login.html', response_data)
username = request.POST.get(u'username', None)
password = request.POST.get(u'password', None)
if username and password:
user = authenticate(username=username, password=password)
if user is not None and user.is_active:
auth_login(request, user)
if not request.POST.get(u'remember_me', None):
request.session.set_expiry(0)
return redirect(index)
else:
response_data = random_captcha()
response_data['communities'] = communities
response_data['password_info'] = u'手机号码、账号或密码错误.'
return render_to_response('login.html', response_data)
def login_check_view(request):
"""
Checks login authentication result and gives failure alert if unsuccessful
:param request: user request
:return: renders a page with context
"""
username = request.POST.get(USERNAME)
password = request.POST.get(PASSWORD)
# Authenticate the user with the provided username and password.
# Django authentication is used here.
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
# Authentication successful
auth_login(request, user)
return HttpResponseRedirect(reverse(SERVICE_USER_SETUP))
else:
# Authentication failure as user was disabled.
# Creating respective alerts.
set_alert_session(session=request.session, message="This account has been disabled. Contact the admin.",
alert_type=DANGER)
return HttpResponseRedirect(reverse(SERVICE_MAIN_HOME))
else:
# Authentication failure
# the authentication system was unable to verify the username and password
set_alert_session(session=request.session, message="The username or password were incorrect.",
alert_type=DANGER)
return HttpResponseRedirect(reverse(SERVICE_MAIN_HOME))
def login_helper(request, email, password):
"""Determines whether email password pair exists.
Login helper function to check that email password pair exists
and is active.
Args:
request: Django's HttpRequest object that contains metadata.
https://docs.djangoproject.com/en/dev/ref/request-response/
email: Email adress supplied to login form.
pssword: Password supplied to login form.
Returns:
ret: Boolean that is "False" if user doesn't exist or isn't active,
however only "True" if email password is exists and is active.
Raises:
None.
"""
ret = False
user = authenticate(email=email, password=password)
if user:
if user.is_active:
auth_login(request, user)
ret = True
return ret
def preview_login(request, course_prefix, course_suffix):
"""
Login to c2g in preview mode
"""
login_form = AuthenticationForm(data=request.POST)
if login_form.is_valid():
auth_login(request, login_form.get_user())
if not request.common_page_data['course'].preview_only_mode and \
date.today() >= request.common_page_data['course'].calendar_start :
redirect_to = 'courses.views.main'
else:
redirect_to = 'courses.preview.views.preview'
return redirect(reverse(redirect_to, args=[course_prefix, course_suffix]))
else:
form = form_class(initial={'course_prefix':course_prefix,'course_suffix':course_suffix})
context = RequestContext(request)
# default template, unless there is one in the soruce tree, then use that
template_name='previews/default.html'
class_template='previews/'+request.common_page_data['course'].handle+'.html'
dirs = getattr(settings,'TEMPLATE_DIRS', [])
for dir in dirs:
if os.path.isfile(dir+'/'+class_template):
template_name=class_template
return render_to_response(template_name,
{'form': form,
'login_form': login_form,
'common_page_data': request.common_page_data,
'display_login': True},
context_instance=context)
def register_action(request):
form = RegisterForm(request.POST)
if form.is_valid():
data = form.cleaned_data
if request.META.has_key('HTTP_X_FORWARDED_FOR'):
ip = request.META['HTTP_X_FORWARDED_FOR']
else:
ip = request.META['REMOTE_ADDR']
time_now = datetime.now()
username = data['username']
nickname = data['nickname']
password = data['password']
email = data['email']
user_profile_ip = UserProfile.objects.filter(ip=ip).order_by('-time')
if len(user_profile_ip) == 0 or time_now - user_profile_ip[0].time > timedelta(days=1):
user = User.objects.create_user(username=username, password=password, email=email)
if user is not None:
user_profile = UserProfile.objects.create(user=user, ip=ip, time=time_now, nickname=nickname)
user.save()
user_profile.save()
user = authenticate(username=username, password=password)
auth_login(request, user)
return render_to_response('result.jinja', {'state':'1', 'message':u'注册成功', 'url':'/'}, RequestContext(request))
else:
return render_to_response('result.jinja', {'state':'2', 'message':u'当前用户名已存在', 'url':'/account/register'}, RequestContext(request))
else:
return render_to_response('result.jinja', {'state':'2', 'message':u'相同ip24小时只能注册一次', 'url':'/account/register'}, RequestContext(request))
else:
for field in form:
if field.errors:
return render_to_response('result.jinja', {'state':'2', 'message':field.errors, 'url':'/account/register'}, RequestContext(request))
def login(request):
rtn_dict = {'success': False, "msg": ""}
login_failed = False
if request.method == "POST":
username = request.POST.get('username')
password = request.POST.get('password')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
auth_login(request, user)
else:
return HttpResponseForbidden(\
content='Your account is not active.')
status = 200
else:
login_failed = True
status = 401
try:
account = Account.objects.get(user=user)
rtn_dict['userid'] = account.id
except Exception as e:
print 'Unable to get account for user id {0}'.format(e)
logger.info('Unable to get account for user id {0}'.format(e))
return HttpResponse(json.dumps(rtn_dict, cls=DjangoJSONEncoder), content_type="application/json", status=status)
return HttpResponse(json.dumps(rtn_dict, cls=DjangoJSONEncoder), content_type="application/json")
def register_user(self, form):
"""
Create a user instance and send a new registration email (if configured
to).
"""
user = form.save()
if getattr(settings, 'OSCAR_SEND_REGISTRATION_EMAIL', True):
self.send_registration_email(user)
# Raise signal
user_registered.send_robust(sender=self, user=user)
# We have to authenticate before login
try:
user = authenticate(
username=user.email,
password=form.cleaned_data['password1'])
except User.MultipleObjectsReturned:
# Handle race condition where the registration request is made
# multiple times in quick succession. This leads to both requests
# passing the uniqueness check and creating users (as the first one
# hasn't committed when the second one runs the check). We retain
# the first one and delete the dupes.
users = User.objects.filter(email=user.email)
user = users[0]
for u in users[1:]:
u.delete()
auth_login(self.request, user)
return user
def loginajax(request):
"""
Displays the login form and handles the login action.
"""
redirect_to = request.REQUEST.get(REDIRECT_FIELD_NAME, "")
if request.method == "POST":
form = AuthenticationForm(data=request.POST)
if form.is_valid():
netloc = urlparse.urlparse(redirect_to)[1]
# Use default setting if redirect_to is empty
if not redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
# Heavier security check -- don't allow redirection to a different
# host.
elif netloc and netloc != request.get_host():
redirect_to = settings.LOGIN_REDIRECT_URL
# Okay, security checks complete. Log the user in.
auth_login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
login_output = {"status": True, "redirect_to": redirect_to}
return HttpResponse(simplejson.dumps(login_output))
else:
login_output = {"status": False, "error": "Could not find matching user."}
return HttpResponse(simplejson.dumps(login_output))
else:
# return HttpResponse("not ajax")
form = AuthenticationForm(request, label_suffix="")
return render_to_response("accounts/login.html", {"form": form}, context_instance=RequestContext(request))
def create_new_customer(request):
if request.method == "POST":
email = request.POST.get('email')
password = request.POST.get('password')
passwordConfirm = request.POST.get('passwordConfirm')
name = request.POST.get('name')
new_user = User.objects.create_user(username=email, email=email, password=password)
new_user.save()
new_user_profile = CustomerProfile.objects.create(customer=new_user, name=name)
new_user_profile.save()
user = authenticate(username=email, password=password)
if user is not None:
if user.is_active:
auth_login(request, user)
request.session.set_expiry(3600);
print(request.session.get_expiry_age());
print(request.session.get_expiry_date());
print(request.session.get_expire_at_browser_close());
return redirect('customer:dashboard')
else:
return redirect('customer:home')
return redirect('customer:dashboard')
return render(request, "customer/create_new_customer.html")
def login(request):
login_form = LoginForm(request.POST or None)
signup_form = SignUpForm(request.POST or None)
if request.method == 'POST':
print(request.POST)
if login_form.is_valid():
username = login_form.cleaned_data.get("username")
password = login_form.cleaned_data.get("password")
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
auth_login(request, user)
messages.success(request, "You have been securely logged in")
return redirect("home-page")
else:
messages.success(request, "The password is valid, but the account has been disabled!"
" Please contact Tom (+91 999 50 600 98) or mail : [email protected]")
return redirect("mylogin")
else:
messages.success(request, "The username and password were incorrect.")
return redirect("mylogin")
else:
messages.success(request, "The username and password were invalid.")
return redirect("mylogin")
context = {"Form": login_form, "SignUpForm": signup_form
}
return render(request, 'login.html', context)
def login_complete(request, redirect_field_name=REDIRECT_FIELD_NAME,
render_failure=None):
redirect_to = get_query_dict(request).get(redirect_field_name, '')
render_failure = (
render_failure or getattr(settings, 'OPENID_RENDER_FAILURE', None) or
default_render_failure)
openid_response = parse_openid_response(request)
if not openid_response:
return render_failure(
request, 'This is an OpenID relying party endpoint.')
if openid_response.status == SUCCESS:
try:
user = authenticate(openid_response=openid_response)
except DjangoOpenIDException, e:
return render_failure(request, e.message, exception=e)
if user is not None:
if user.is_active:
auth_login(request, user)
response = HttpResponseRedirect(
sanitise_redirect_url(redirect_to))
# Notify any listeners that we successfully logged in.
openid_login_complete.send(
sender=UserOpenID, request=request,
openid_response=openid_response)
return response
else:
return render_failure(request, 'Disabled account')
else:
return render_failure(request, 'Unknown user')
def login(request):
'''
Small wrapper around the django login view
'''
context = {}
if request.REQUEST.get('next'):
context['next'] = request.REQUEST.get('next')
# Sane login, with POST
if request.method == "POST":
return django_loginview(request,
template_name='user/login.html',
extra_context=context)
# log in with GET parameters so users can easily get in by scanning a QR code
elif request.REQUEST.get('get_login'):
form = AuthenticationForm(request, data=request.GET)
if form.is_valid():
auth_login(request, form.get_user())
return HttpResponseRedirect(reverse('oracle:dashboard'))
return django_loginview(request,
template_name='user/login.html',
extra_context=context)
def login(request, template_name='cas/login.html', \
success_redirect=settings.LOGIN_REDIRECT_URL,
warn_template_name='cas/warn.html'):
service = request.GET.get('service', None)
if request.user.is_authenticated():
if service is not None:
if request.GET.get('warn', False):
return render_to_response(warn_template_name, {
'service': service,
'warn': False
}, context_instance=RequestContext(request))
ticket = ServiceTicket.objects.create(service=service, user=request.user)
return HttpResponseRedirect(ticket.get_redirect_url())
else:
return HttpResponseRedirect(success_redirect)
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
user = form.get_user()
auth_login(request, user)
service = form.cleaned_data.get('service')
if service is not None:
ticket = ServiceTicket.objects.create(service=service, user=user)
success_redirect = ticket.get_redirect_url()
return HttpResponseRedirect(success_redirect)
else:
form = LoginForm(initial={
'service': service,
'lt': LoginTicket.objects.create()
})
return render_to_response(template_name, {
'form': form,
}, context_instance=RequestContext(request))
def register(request):
"""
User registration.
"""
user = request.user
if request.method == "POST":
form = UserCreationForm(request.POST)
if form.is_valid():
new_user = form.save()
# Login as the new user
if new_user.is_active:
username = form.cleaned_data["username"]
password = form.cleaned_data["password1"]
user = authenticate(username=username,
password=password)
auth_login(request, user)
return redirect(reverse("home"))
else:
form = UserCreationForm()
return render("register.html",
{"form":form,
"is_logged_in":user.is_authenticated()},
request)
def login(request, template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=LoginForm,
current_app=None, extra_context=None):
redirect_to = request.REQUEST.get(redirect_field_name, '')
if request.method == "POST":
form = authentication_form(request, data=request.POST)
if form.is_valid():
# Ensure the user-originating redirection url is safe.
if not is_safe_url(url=redirect_to, host=request.get_host()):
redirect_to = resolve_url(settings.LOGIN_REDIRECT_URL)
# Okay, security check complete. Log the user in.
auth_login(request, form.get_user())
return HttpResponseRedirect(redirect_to)
else:
form = authentication_form(request)
current_site = get_current_site(request)
context = {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
}
if extra_context is not None:
context.update(extra_context)
return TemplateResponse(request, template_name, context,
current_app=current_app)
def guest_login(request, user_id=0):
'''
editor: kamihati 2015/6/17 修改逻辑使支持使用user_id登录
:param request:
:param user_id:
:return:
'''
from library.models import Library
host = request.get_host()
try:
print 'guest_login...'
library = Library.objects.get(host=host)
print 'library_id=', library.id
except:
# 本地
if host.find("8000") > -1:
library = Library.objects.get(pk=3)
else:
return FailResponse(u"不存在的机构请求")
if user_id != 0:
# 当用户使用user_id登录
user = AuthUser.objects.filter(pk=user_id)
if not user:
return FailResponse(u'用户不存在')
user = user[0]
try:
auth_login(request, user)
except Exception, e:
print 'guest_login %s error:' % user_id
print e
request.session["is_logon"] = True
return SuccessResponse(user_data(user))
def register(request):
"""
Render and process a basic registration form.
"""
if not settings.PRETIX_REGISTRATION:
raise PermissionDenied('Registration is disabled')
ctx = {}
if request.user.is_authenticated:
return redirect(request.GET.get("next", 'control:index'))
if request.method == 'POST':
form = RegistrationForm(data=request.POST)
if form.is_valid():
user = User.objects.create_user(
form.cleaned_data['email'], form.cleaned_data['password'],
locale=request.LANGUAGE_CODE,
timezone=request.timezone if hasattr(request, 'timezone') else settings.TIME_ZONE
)
user = authenticate(request=request, email=user.email, password=form.cleaned_data['password'])
user.log_action('pretix.control.auth.user.created', user=user)
auth_login(request, user)
request.session['pretix_auth_login_time'] = int(time.time())
request.session['pretix_auth_long_session'] = (
settings.PRETIX_LONG_SESSIONS and form.cleaned_data.get('keep_logged_in', False)
)
return redirect('control:index')
else:
form = RegistrationForm()
ctx['form'] = form
return render(request, 'pretixcontrol/auth/register.html', ctx)
def login(request):
"""
Render and process a most basic login form. Takes an URL as GET
parameter "next" for redirection after successful login
"""
ctx = {}
if request.user.is_authenticated:
return redirect(request.GET.get("next", 'control:index'))
if request.method == 'POST':
form = LoginForm(data=request.POST)
if form.is_valid() and form.user_cache:
request.session['pretix_auth_long_session'] = (
settings.PRETIX_LONG_SESSIONS and form.cleaned_data.get('keep_logged_in', False)
)
if form.user_cache.require_2fa:
request.session['pretix_auth_2fa_user'] = form.user_cache.pk
request.session['pretix_auth_2fa_time'] = str(int(time.time()))
twofa_url = reverse('control:auth.login.2fa')
if "next" in request.GET and is_safe_url(request.GET.get("next"), allowed_hosts=None):
twofa_url += '?next=' + quote(request.GET.get('next'))
return redirect(twofa_url)
else:
auth_login(request, form.user_cache)
request.session['pretix_auth_login_time'] = int(time.time())
if "next" in request.GET and is_safe_url(request.GET.get("next"), allowed_hosts=None):
return redirect(request.GET.get("next"))
return redirect(reverse('control:index'))
else:
form = LoginForm()
ctx['form'] = form
ctx['can_register'] = settings.PRETIX_REGISTRATION
ctx['can_reset'] = settings.PRETIX_PASSWORD_RESET
return render(request, 'pretixcontrol/auth/login.html', ctx)
def signup(request, template="accounts/account_signup.html",
extra_context=None):
"""
Signup form.
"""
#Staat in admin_forms
form = NewUserCreationForm(request.POST or None, request.FILES or None)
if request.method == "POST" and form.is_valid():
new_user = form.save()
if not new_user.is_active:
if settings.ACCOUNTS_APPROVAL_REQUIRED:
send_approve_mail(request, new_user)
info(request, _("Thanks for signing up! You'll receive "
"an email when your account is activated."))
else:
send_verification_mail(request, new_user, "signup_verify")
info(request, _("A verification email has been sent with "
"a link for activating your account."))
return redirect(next_url(request) or "/")
else:
info(request, _("Successfully signed up"))
auth_login(request, new_user)
return login_redirect(request)
context = {"form": form, "title": _("Sign up")}
context.update(extra_context or {})
return render(request, template, context)
def login_validate(request,username,password):
rtvalue = False
user = authenticate(username=username,password=password)
if user is not None:
auth_login(request,user)
return True
return rtvalue
def create_account(request):
error=None
form = CreateUserForm()
if request.method=='POST':
form = CreateUserForm(request.POST)
if form.is_valid():
data = form.cleaned_data
try:
check_user = User.objects.get(username=data.get('username'))
error = "User with username: "******" already exists."
except User.DoesNotExist:
if data.get('password') != data.get('verify_password'):
error= "Passwords do not match."
else:
user = User()
user.username=data.get('username')
user.set_password(data.get('password'))
user.email=data.get('email')
user.save()
squirl=Squirl()
squirl.squirl_user=user
squirl.save()
auth_user = authenticate(username=data.get('username'), password=data.get('password'))
auth_login(request, auth_user)
return redirect(index)
else:
error = "Try Again"
return render(request, 'squirl/createAccount.html', {'form': form, 'error': error})
def register_loginza_user(uid, provider, defaults, request):
"""
Register user in the system from Loginza OpenID
:rtype: Profile
"""
# Check if user already exists but uses different OpenID
if 'email' in defaults:
try:
user = Profile.objects.get(email=defaults['email'])
except Profile.DoesNotExist:
pass
else:
user = authenticate(email=user.email)
auth_login(request, user)
return user
user, created = Profile.objects.get_or_create(uid=uid, provider=provider,
is_active=True, defaults=defaults)
if created:
user.set_unusable_password()
user.save()
transfer_objects(request.user, user)
user = authenticate(uid=uid, provider=provider)
if user.is_active:
auth_login(request, user)
return user
def post(self, request, *args, **kwargs):
token = request.POST.get('token', '').strip().replace(' ', '')
valid = False
if '_u2f_challenge' in self.request.session and token.startswith('{'):
devices = [DeviceRegistration.wrap(device.json_data)
for device in U2FDevice.objects.filter(confirmed=True, user=self.user)]
challenge = self.request.session.pop('_u2f_challenge')
try:
u2f.verify_authenticate(devices, challenge, token, [self.app_id])
valid = True
except Exception:
logger.exception('U2F login failed')
else:
valid = match_token(self.user, token)
if valid:
auth_login(request, self.user)
request.session['pretix_auth_login_time'] = int(time.time())
del request.session['pretix_auth_2fa_user']
del request.session['pretix_auth_2fa_time']
if "next" in request.GET and is_safe_url(request.GET.get("next"), allowed_hosts=None):
return redirect(request.GET.get("next"))
return redirect(reverse('control:index'))
else:
messages.error(request, _('Invalid code, please try again.'))
return redirect('control:auth.login.2fa')
def is_authenticated(self, request):
"""
if user is_authenticated: return True
else try to authenticate with django and return true/false dependent of
result
"""
# is authenticated
if request.user.is_authenticated():
return True
# not authenticated, call authentication form
f = AuthenticationForm(data={
'username': request.REQUEST.get('username',''),
'password': request.REQUEST.get('password',''),
})
# if authenticated log the user in.
if f.is_valid():
auth_login(request, f.get_user())
# this ** should ** return true
return request.user.is_authenticated()
else:
# fail to auth, save form errors
#self.errors = f.errors
return False
def user_creation(request):
if request.user.is_authenticated():
return redirect('common:dashboard')
user_create_form = forms.UserCreateForm(data=request.POST or None)
if request.POST and user_create_form.is_valid():
user = user_create_form.save()
user = authenticate(
username=request.POST['username'],
password=request.POST['password1'])
auth_login(request, user)
# In order to create an account they've already done the
# first 2 training Tasks
task = Task.objects.first()
badges.possibly_award_badge('skill_awarded', user=user, level=task.provides_qualification)
from django.contrib.contenttypes.models import ContentType
from django.utils import timezone
content_type = ContentType.objects.get_for_model(task)
Point.objects.create(user=request.user, amount=task.points, content_type=content_type, object_id=task.id, created=timezone.now())
UserQuestRelationship.objects.create(task=task, user=user, completed=True)
# Redirect them back b/c of the UserProfileForm
return redirect('registration:user_creation_settings')
return TemplateResponse(request, 'registration/create.jade', {'form': user_create_form})
def ldap_login(request, course_prefix, course_suffix):
#check if there is valid remote user.
#if one exists, try to match them
#if one does not exist, create it and assign to proper institution
#then redirect
#setup the redirect first: code borrowed from django contrib library
redir_to = request.GET.get('next', '/')
netloc = urlparse.urlparse(redir_to)[1]
# Heavier security check -- don't allow redirection to a different
# host.
if netloc and netloc != request.get_host():
redir_to = '/'
# check if username exists to find out what type of user
# this ensures that we don't unecessarily do the ldap auth
is_institution_logon = False
user_exists = False
username = request.POST['username']
password = request.POST['password']
user_exists = User.objects.filter(username=username).exists()
if user_exists:
user = User.objects.get(username=username)
is_institution_logon = user.get_profile().site_data == "UWA"
result = 'error'
# Check if can be internal i.e. numeric
if is_number(request.POST['username']):
client = SoapClient(
wsdl="https://www.socrates.uwa.edu.au/tisi/commonws.asmx?wsdl",
trace=True)
response = client.UserAuth(userName=request.POST['username'],
password=request.POST['password'])
result = response['UserAuthResult']
if 'error' in result:
''' Now try and do regular auth
'''
form = AuthenticationForm(data=request.POST)
if form.is_valid():
auth_login(request, form.get_user())
return HttpResponseRedirect(redir_to)
else:
# messages.add_message(request,messages.ERROR, 'Error with Username or Password')
extra_context = {}
context = RequestContext(request)
for key, value in extra_context.items():
context[key] = callable(value) and value() or value
layout = {'m': 800}
return render_to_response('registration/login.html', {
'form': form,
'next': request.GET.get('next', '/')
},
context_instance=context)
#return render_to_response('registration/login.html',
# {'form': form, 'layout': json.dumps(layout)},
# context_instance=context)
ldapUser = json.loads(result)
if not User.objects.filter(username=request.POST['username']).exists():
#here, we need to create the new user
ALPHABET = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
rg = random.SystemRandom(random.randint(0, 100000))
password = (''.join(rg.choice(ALPHABET) for i in range(
16))) + '1' #create a random password, which they will never use
User.objects.create_user(username, ldapUser[0]['mail'], password)
User.objects.create_user
# authenticate() always has to be called before login(), and
# will return the user we just created.
new_user = auth_authenticate(username=username, password=password)
new_user.first_name, new_user.last_name = ldapUser[0][
'givenname'].capitalize(), ldapUser[0]['sn'].capitalize()
new_user.save()
print new_user
profile = new_user.get_profile()
profile.site_data = 'UWA'
profile.institutions.add(Institution.objects.get(title='UWA'))
profile.save()
auth_login(request, new_user)
signals.user_registered.send(sender=__file__,
user=new_user,
request=request)
return HttpResponseRedirect(
request.GET.get('next', '/accounts/profile'))
else:
#User already exists, so log him/her in
user = User.objects.get(username=username)
user.backend = 'django.contrib.auth.backends.ModelBackend'
auth_login(request, user)
messages.add_message(request, messages.SUCCESS,
'You have successfully logged in!')
return HttpResponseRedirect(redir_to)
def shib_login(request):
#check if there is valid remote user.
#if one exists, try to match them
#if one does not exist, create it and assign to proper institution
#then redirect
#setup the redirect first: code borrowed from django contrib library
redir_to = request.GET.get('next', '/accounts/profile')
netloc = urlparse.urlparse(redir_to)[1]
# Heavier security check -- don't allow redirection to a different
# host.
if netloc and netloc != request.get_host():
redir_to = '/accounts/profile'
#Use EduPersonPrincipalName http://www.incommonfederation.org/attributesummary.html#eduPersonPrincipal
#as username in our system. We could support other persistent identifiers later, but it will take some
#work
if ('REMOTE_USER' in request.META) and ('eppn' in request.META) and (
request.META['REMOTE_USER']
== request.META['eppn']) and request.META['eppn']:
#if we get here, the user has authenticated properly
shib = {
'givenName': '',
'sn': '',
'mail': '',
'affiliation': '',
'Shib-Identity-Provider': '',
}
shib.update(request.META)
#Clean up first name, last name, and email address
shib['sn'] = string.split(shib['sn'], ";")[0]
shib['givenName'] = string.split(shib['givenName'], ";")[0]
if not shib['mail']:
shib['mail'] = shib['eppn']
if not User.objects.filter(username=shib['REMOTE_USER']).exists():
#here, we need to create the new user
ALPHABET = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
rg = random.SystemRandom(random.randint(0, 100000))
password = (''.join(
rg.choice(ALPHABET) for i in range(16)
)) + '1' #create a random password, which they will never use
User.objects.create_user(shib['REMOTE_USER'], shib['mail'],
password)
# authenticate() always has to be called before login(), and
# will return the user we just created.
new_user = auth_authenticate(username=shib['REMOTE_USER'],
password=password)
new_user.first_name, new_user.last_name = shib[
'givenName'].capitalize(), shib['sn'].capitalize()
new_user.save()
profile = new_user.get_profile()
profile.site_data = shib['affiliation']
if 'stanford.edu' in shib['affiliation']:
profile.institutions.add(
Institution.objects.get(title='Stanford'))
profile.save()
auth_login(request, new_user)
signals.user_registered.send(sender=__file__,
user=new_user,
request=request)
else:
#User already exists, so log him/her in
user = User.objects.get(username=shib['REMOTE_USER'])
user.backend = 'django.contrib.auth.backends.ModelBackend'
auth_login(request, user)
messages.add_message(request, messages.SUCCESS,
'You have successfully logged in!')
else:
messages.add_message(
request, messages.ERROR,
'WebAuth did not return your identity to us! Please try logging in again. If the problem continues please contact [email protected]'
)
return HttpResponseRedirect(redir_to)
def login(request, next_page=None, required=False):
"""Forwards to CAS login URL or verifies CAS ticket"""
service_url = get_service_url(request, next_page)
client = get_cas_client(request=request,
service_url=service_url)
if not next_page and settings.CAS_STORE_NEXT and 'CASNEXT' in request.session:
next_page = request.session['CASNEXT']
del request.session['CASNEXT']
if not next_page:
next_page = get_redirect_url(request)
if request.method == 'POST' and request.POST.get('logoutRequest'):
clean_sessions(client, request)
return HttpResponseRedirect(next_page)
if request.user.is_authenticated():
if settings.CAS_LOGGED_MSG is not None:
message = settings.CAS_LOGGED_MSG % request.user.get_username()
messages.success(request, message)
return HttpResponseRedirect(next_page)
ticket = request.GET.get('ticket')
if ticket:
user = authenticate(ticket=ticket,
service=service_url,
request=request)
pgtiou = request.session.get("pgtiou")
if user is not None:
if not request.session.exists(request.session.session_key):
request.session.create()
auth_login(request, user)
SessionTicket.objects.create(
session_key=request.session.session_key,
ticket=ticket
)
if pgtiou and settings.CAS_PROXY_CALLBACK:
# Delete old PGT
ProxyGrantingTicket.objects.filter(
user=user,
session_key=request.session.session_key
).delete()
# Set new PGT ticket
try:
pgt = ProxyGrantingTicket.objects.get(pgtiou=pgtiou)
pgt.user = user
pgt.session_key = request.session.session_key
pgt.save()
except ProxyGrantingTicket.DoesNotExist:
pass
if settings.CAS_LOGIN_MSG is not None:
name = user.get_username()
message = settings.CAS_LOGIN_MSG % name
messages.success(request, message)
return HttpResponseRedirect(next_page)
elif settings.CAS_RETRY_LOGIN or required:
return HttpResponseRedirect(client.get_login_url())
else:
raise PermissionDenied(_('Login failed.'))
else:
if settings.CAS_STORE_NEXT:
request.session['CASNEXT'] = next_page
return HttpResponseRedirect(client.get_login_url())
def login(request):
if request.user.is_authenticated():
return redirect('index')
if request.method == 'POST':
token = request.POST.get('token', None)
username = request.POST.get('username', None)
password = request.POST.get('password', None)
if token is not None:
otpdigit1 = request.POST.get('otpdigit1', '')
otpdigit2 = request.POST.get('otpdigit2', '')
otpdigit3 = request.POST.get('otpdigit3', '')
otpdigit4 = request.POST.get('otpdigit4', '')
otp = otpdigit1 + otpdigit2 + otpdigit3 + otpdigit4
if len(otp) == 4:
ua = UnauthenticatedSession.objects.get(token=str(token))
if ua.guesses_left > 0:
if ua.successful == False:
if otp == ua.otp:
ua.successful = True
ua.save()
auth_login(request, ua.user)
return redirect('index')
else:
ua.guesses_left -= 1
ua.save()
return render(
request, "2ndfactor.html", {
'error': "The entered code was incorrect.",
'token': token
})
else:
return render(request, "2ndfactor.html", {
'error': "Token has already been used.",
})
else:
return render(
request, "2ndfactor.html", {
'error':
"Code has been entered incorrectly too many times.",
})
else:
return render(request, "2ndfactor.html", {'error': True})
elif username and password:
user = auth_authenticate(request,
username=username,
password=password)
if user is not None:
token = str(uuid4())
otp = str(randint(1111, 9999))
gwapi = OAuth1Session(
os.environ['VICTORY_GATEWAYAPI_KEY'],
client_secret=os.environ['VICTORY_GATEWAYAPI_SECRET'])
req = {
'message':
'Victory login code:\n{} {} {} {}'.format(
otp[0:1], otp[1:2], otp[2:3], otp[3:4]),
'recipients': [{
'msisdn': user.extendeduser.phone_number[1:]
}],
'destaddr':
'DISPLAY',
'sender':
'VICTORY',
}
res = gwapi.post('https://gatewayapi.com/rest/mtsms', json=req)
res.raise_for_status()
us = UnauthenticatedSession()
us.user = user
us.token = token
us.otp = otp
us.save()
return render(request, "2ndfactor.html", {'token': token})
else:
return render(request, "login.html", {'invalid': True})
else:
return render(request, "login.html")
else:
return render(request, 'login.html')
def form_valid(self, form):
user = form.save()
auth_login(self.request, user)
return redirect(self.get_success_url())
def post(self, request, *args, **kwargs):
auth_login(self.request, request.user)
return Response()
def ldap_preview_login(request, course_prefix, course_suffix):
# check if username exists to find out what type of user
# this ensures that we don't unecessarily do the ldap auth
is_institution_logon = False
user_exists = False
username = request.POST['username']
password = request.POST['password']
user_exists = User.objects.filter(username=username).exists()
if user_exists:
user = User.objects.get(username=username)
is_institution_logon = user.get_profile().site_data == "UWA"
result = 'error'
if is_number(request.POST['username']):
client = SoapClient(
wsdl="https://www.socrates.uwa.edu.au/tisi/commonws.asmx?wsdl",
trace=True)
response = client.UserAuth(userName=request.POST['username'],
password=request.POST['password'])
result = response['UserAuthResult']
if 'error' in result:
''' Now try and do regular auth
'''
login_form = AuthenticationForm(data=request.POST)
if login_form.is_valid():
auth_login(request, login_form.get_user())
if not request.common_page_data['course'].preview_only_mode and \
date.today() >= request.common_page_data['course'].calendar_start :
redirect_to = 'courses.views.main'
else:
redirect_to = 'courses.preview.views.preview'
return redirect(
reverse(redirect_to, args=[course_prefix, course_suffix]))
else:
form_class = RegistrationFormUniqueEmail
form = form_class(initial={
'course_prefix': course_prefix,
'course_suffix': course_suffix
})
context = RequestContext(request)
try:
video = Video.objects.getByCourse(
course=request.common_page_data['course']).get(
slug='intro')
except Video.DoesNotExist:
video = None
course_instructors = CourseInstructor.objects.getByCourse(
course=request.common_page_data['course'])
instructors = []
for ci in course_instructors:
instructors.append(ci.instructor)
template_name = 'previews/default.html'
return render_to_response(
template_name, {
'form': form,
'login_form': login_form,
'video': video,
'instructors': instructors,
'common_page_data': request.common_page_data,
'course': request.common_page_data['course'],
'display_login': True
},
context_instance=context)
ldapUser = json.loads(result)
if not User.objects.filter(username=request.POST['username']).exists():
#here, we need to create the new user
ALPHABET = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
rg = random.SystemRandom(random.randint(0, 100000))
password = (''.join(rg.choice(ALPHABET) for i in range(
16))) + '1' #create a random password, which they will never use
User.objects.create_user(username, ldapUser[0]['mail'], password)
User.objects.create_user
# authenticate() always has to be called before login(), and
# will return the user we just created.
new_user = auth_authenticate(username=username, password=password)
new_user.first_name, new_user.last_name = ldapUser[0][
'givenname'].capitalize(), ldapUser[0]['sn'].capitalize()
new_user.save()
print new_user
profile = new_user.get_profile()
profile.site_data = 'UWA'
profile.institutions.add(Institution.objects.get(title='UWA'))
profile.save()
auth_login(request, new_user)
signals.user_registered.send(sender=__file__,
user=new_user,
request=request)
# return HttpResponseRedirect(request.GET.get('next', '/accounts/profile'))
else:
#User already exists, so log him/her in
user = User.objects.get(username=username)
user.backend = 'django.contrib.auth.backends.ModelBackend'
auth_login(request, user)
# messages.add_message(request,messages.SUCCESS, 'You have successfully logged in!')
if not request.common_page_data['course'].preview_only_mode and \
date.today() >= request.common_page_data['course'].calendar_start :
redirect_to = 'courses.views.main'
else:
redirect_to = 'courses.preview.views.preview'
return redirect(reverse(redirect_to, args=[course_prefix, course_suffix]))
def registration(request):
"""
Navigates to the registration page. POST will create a user and log in,
GET will display the form.
**Context**
``message``
An error message in the event that something is incorrect.
``next``
The redirect page upon successfull login.
**Template**
:template:`registration/registration.html`
"""
if request.method == 'POST':
form = RegistrationForm(request.POST)
if form.is_valid():
user = User.objects.create_user(form.cleaned_data['username'], form.cleaned_data['email'],
form.cleaned_data['password'])
#user.is_active = False
user.save()
user = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password'])
next = request.POST.get('next', "/")
if user is not None:
if user.is_active:
auth_login(request, user)
# Redirect to a success page.
return redirect(next)
"""activation = Activation(username=user.username, time=datetime.datetime.now())
activation.save()
if user is not None:
subject, from_email, to_email = "CEOS Datacube Account Activation", "*****@*****.**", [user.email]
msg = EmailMessage()
msg['From'] = from_email
msg['To'] = to_email
msg['Subject'] = subject
msg.set_content('')
# It is possible to use msg.add_alternative() to add HTML content too
html_content = ""
activation_url = settings.BASE_HOST + "/accounts/" + str(activation.url) + "/activate"
from os import path
with open(path.join(settings.BASE_DIR, 'static/assets/media/email_template.html')) as f:
for line in f:
if (line == "\t\t\tAVAILABLE_TOOLS\n"):
for app in Application.objects.all():
html_content += "<li>" + app.application_name + "</li>"
elif (line == "\t\t\tAVAILABLE_AREAS\n"):
for area in Area.objects.all():
html_content += "<li>" + area.area_name + "</li>"
elif ("HOME_URL" in line):
html_content += line.replace("HOME_URL", settings.BASE_HOST)
else:
html_content += line
if 'str' in line:
break
html_content = html_content.replace("ACTIVATION_URL", activation_url)
msg.add_alternative(html_content, subtype='html')
# Attaching content:
fp = open(path.join(settings.BASE_DIR, 'static/assets/media/banner.png'),
'rb')
att = MIMEImage(fp.read()) # Or use MIMEImage, etc
fp.close()
# The following line is to control the filename of the attached file
att.add_header('Content-Disposition', 'attachment', filename='banner.png')
msg.make_mixed() # This converts the message to multipart/mixed
msg.attach(att) # Don't forget to convert the message to multipart first!
# Sending the email:
with smtplib.SMTP('localhost') as s:
s.send_message(msg)
form = LoginForm()
form.cleaned_data = {}
form.add_error(NON_FIELD_ERRORS, _("Activate your account using the url that has been emailed to you and log in."))
context = {
'title': _("Log in"),
'form': form,
}
return render(request, 'registration/login.html', context)"""
context = {
'title': _("Registration"),
'form': form,
}
return render(request, 'registration/registration.html', context)
else:
context = {'title': _("Registration"), 'form': RegistrationForm(),}
if request.GET:
next = request.POST.get('next', "/")
if request.user.is_authenticated:
return redirect(next)
context['next'] = next
return render(request, 'registration/registration.html', context)
def login_it(self, user):
auth_login(self.request, user)
# 如果设置了自动登录,那需要设置 session_id cookie 的有效期
if self.request.session.get('auto_login'):
age = self.request.session.get_expiry_age()
self.request.session.set_expiry(age)
def callback(request):
if request.method == "GET":
code = request.GET.get('code')
state = request.GET.get("state")
# Then if we get a response from Ion with the authorization code
if code is not None and state is not None:
# We send it back to fetch the acess_token
payload = {
'grant_type': 'authorization_code',
'code': code,
'redirect_uri': redirect_uri,
'client_id': client_id,
'client_secret': client_secret,
'csrfmiddlewaretoken': state
}
token = requests.post("https://ion.tjhsst.edu/oauth/token/",
data=payload).json()
headers = {'Authorization': f"Bearer {token['access_token']}"}
# And finally get the user's profile!
profile = requests.get("https://ion.tjhsst.edu/api/profile",
headers=headers).json()
username = profile['ion_username']
email = profile['tj_email']
first_name = profile['first_name']
last_name = profile['last_name']
# First we need to check if this user is authoized to post, as defined in the global array above
if username in authorized_users:
# Then we check if this user exists in the system, we log them in, and if not we create a user for them
user = authenticate(request,
username=username,
password=username)
if user is not None:
auth_login(request, user)
messages.success(request, f"Welcome back {first_name}!")
else:
user = User.objects.create_user(username=username,
email=email,
password=username,
first_name=first_name,
last_name=last_name)
user.save()
auth_login(
request,
user,
backend='django.contrib.auth.backends.ModelBackend')
messages.success(
request,
f"Welcome to Chirper, {first_name}, we hope you enjoy your stay!"
)
return redirect('profile')
else:
messages.error(request,
"Sorry, you're not an authorized Ion user!",
extra_tags='danger')
return redirect('blog-home')
messages.warning(request, "Invalid Callback Response")
return redirect('blog-home')
def bind_email(request):
sex = request.GET.get('sex', request.POST.get('sex', ''))
openid = request.GET.get('openid', request.POST.get('openid', ''))
nickname = request.GET.get('nickname', request.POST.get('nickname', ''))
type = request.GET.get('type', request.POST.get('type', ''))
signature = request.GET.get('signature', request.POST.get('signature', ''))
image_url = request.GET.get('image_url', request.POST.get('image_url', ''))
if request.method == 'POST':
froms = BindEmail(request.POST)
if froms.is_valid():
openid = froms.cleaned_data['openid']
nickname = froms.cleaned_data['nickname']
type = froms.cleaned_data['type']
signature = froms.cleaned_data['signature']
image_url = froms.cleaned_data['image_url']
sex = froms.cleaned_data['sex']
email = froms.cleaned_data['email']
password = froms.cleaned_data['password']
users = models.User.objects.filter(email=email)
if users:
user = users[0]
else:
while models.User.objects.filter(username=nickname):
nickname = nickname + '*'
user = models.User(username=nickname,
email=email,
sex=sex,
signature=signature)
user.password(password)
user.is_active = True
user.download_image(image_url, nickname)
user.save()
oauth_ex = models.OAuth_ex(user=user, openid=openid, type=type)
oauth_ex.save()
auth_login(request,
user,
backend='django.contrib.auth.backends.ModelBackend')
data = {}
data['goto_page'] = True
data['goto_url'] = '/'
data['goto_time'] = 10000
data['message_title'] = '绑定成功'
data[
'message'] = '绑定成功您的用户名为:<b>%s</b>。您现在可以同时使用本站账号和此第三方账号登录本站了!' % nickname
return render_to_response('Login/success.html', data)
else:
form = BindEmail(
initial={
'openid': openid,
'nickname': nickname,
'type': type,
'signature': signature,
'image_url': image_url,
'sex': sex
})
return render(request,
'Login/bind_email.html',
context={
'form': form,
'nickname': nickname,
'type': type
})
def login(request):
if request.user.is_authenticated:
# if the user is authenticated and has a token remove the token and logout of the session and relogin
try:
existing_token = AuthToken.objects.get(user=request.user.online_id)
existing_token.delete()
logout(request)
return redirect('main:login')
# if the user is authenticated and has no token then go to the dashboard
except:
return redirect('main:dashboard')
else:
User = get_user_model()
if request.method == 'POST':
# login POST request
form = LoginForm(request.POST)
# generate token key
token_key = get_random_string(30)
if form.is_valid():
# get login form data form
online_id = form.cleaned_data.get('online_id')
password = form.cleaned_data.get('password')
# authenticate user
auth_user = authenticate(online_id=online_id,password=password)
if auth_user is not None:
if auth_user.is_active:
# login the user
''' this should only happen when the user has put the token '''
auth_login(request, auth_user)
# get the current user by online id
current_usr =request.user.online_id
# get the user instance
user = User.objects.get(online_id=current_usr)
'''Token authentication and error handling'''
try:
# check if the user has a token then redirect to
user_token = AuthToken.objects.get(user=user)
user_email = Registration.objects.get(user=user)
# token and email
auth_token = user_token.token
email = user_email.email
print(auth_token)
time.sleep(30)
encode_token_login = jsonpickle.encode(auth_token)
encode_email = jsonpickle.encode(email)
except:
''' error handlin incase login happened and token was deleted '''
# if token does not exist then create the token and redirect to token auth
create_token = AuthToken.objects.create(
user=user,
token=token_key
)
encode_token_login= jsonpickle.encode(token_key)
# send the authentication to the user
try:
# get the users email
email = Registration.objects.get(
user=user,
).email
encode_email = jsonpickle.encode(email)
except:
messages.error(request, 'You don\'t have your Email With Us.. Contact [email protected] for Help.')
print('user has no email')
return redirect('main:login')
'''email the token to the user'''
print(encode_token_login)
send_token.delay(3,encode_token_login,encode_email)
# redirect
return redirect('main:token-auth')
else:
print('user is inactive')
else:
print('invalid Username/password')
else:
return render(request, 'main/login.html', {
'form': form
})
else:
form = LoginForm()
context = {
'form': form
}
return render(request, 'main/login.html', context)
def form_valid(self, form):
"""Security check complete. Log the user in."""
auth_login(self.request, form.get_user())
return HttpResponseRedirect(self.get_success_url())
def git_check(request):
type = '1'
request_code = request.GET.get('code')
oauth_git = OAuth_GitHub(settings.GITHUB_APP_ID,
settings.GITHUB_CALLBACK_URL)
try:
access_token = oauth_git.get_access_token(request_code)
time.sleep(0.1)
except:
data = {}
data['goto_url'] = '/'
data['goto_time'] = 100000
data['goto_page'] = True
data['message_title'] = '登录失败'
data['message'] = '获取授权失败,请确认是否允许授权,并重试。若问题无法解决,请联系网站管理人员'
return render_to_response('', data)
infos = oauth_git.get_user_info() # 获取用户信息
nickname = infos.get('login', '')
image_url = infos.get('avatar_url')
open_id = str(oauth_git.openid)
signature = infos.get('bio', '')
if not signature:
signature = '无标个性签名'
sex = '1'
githubs = models.OAuth_ex.objects.filter(openid=open_id, type=type)
if githubs:
auth_login(request,
githubs[0].user,
backend='django.contrib.auth.backends.ModelBackend')
return HttpResponseRedirect('/')
else:
try:
email = oauth_git.get_email()
except:
url = ''
return HttpResponseRedirect(url)
users = models.User.objects.filter(email=email)
if users:
users = users[0]
else:
while models.User.objects.filter(username=nickname): # 防止用户名重复
nickname = nickname + '*'
users = models.User(username=nickname,
sex=sex,
signature=signature)
pwd = str(uuid.uuid1()) # 随机设置用户密码
users.password(pwd)
users.is_active = True
users.download_image(image_url, nickname) # 下载用户头像图片
users.save()
oauth_ex = models.OAuth_ex(user=users, openid=open_id, type=type)
oauth_ex.save() # 保存后登录
auth_login(request,
users,
backend='django.contrib.auth.backends.ModelBackend')
data = {} # 登录反馈
data['goto_url'] = '/'
data['goto_time'] = 10000
data['goto_page'] = True
data['message_title'] = '绑定成功'
data['message'] = u'绑定成功,你的用户名:<b>%s</b>,你可以通过第三方账户的登录本站拉' % nickname
return render_to_response('Login/success.html', data)
def git_check(request):
# pdb.set_trace()
type = '1'
request_code = request.GET.get('code')
oauth_git = OAuth_GITHUB(settings.GITHUB_APP_ID, settings.GITHUB_KEY,
settings.GITHUB_CALLBACK_URL)
try:
access_token = oauth_git.get_access_token(
request_code) # 获取access token
time.sleep(0.1) # 此处需要休息一下,避免发送urlopen的10060错误
except: # 获取令牌失败,反馈失败信息
data = dict()
data['goto_url'] = '/'
data['goto_time'] = 10000
data['goto_page'] = True
data['message_title'] = '登录失败'
data['message'] = '获取授权失败,请确认是否允许授权,并重试。若问题无法解决,请联系网站管理人员'
return render_to_response('blog/response.html', data)
infos = oauth_git.get_user_info() # 获取用户信息
nickname = infos.get('login', '')
image_url = infos.get('avatar_url', '')
# oauth_git.openid这样可以直接取到方法中的返回的self.openid
open_id = str(oauth_git.openid)
signature = infos.get('bio', '')
if not signature:
signature = "无个性签名"
githubs = OAuth_ex.objects.filter(openid=open_id,
oauth_type=type) # 查询是否该第三方账户已绑定本网站账号
if githubs: # 若已绑定,直接登录
auth_login(request,
githubs[0].user,
backend='django.contrib.auth.backends.ModelBackend')
return HttpResponseRedirect('/')
else: # 否则尝试获取用户邮箱用于绑定账号
try:
email = oauth_git.get_email()
except: # 若获取失败,则跳转到绑定用户界面,让用户手动输入邮箱
url = "%s?nickname=%s&openid=%s&type=%s&signature=%s&image_url=%s" % (
reverse('user:bind_email'), nickname, open_id, type, signature,
image_url)
return HttpResponseRedirect(url)
users = User.objects.filter(email=email) # 若获取到邮箱,则查询是否存在本站用户
if users: # 若存在,则直接绑定
user = users[0]
else: # 若不存在,则新建本站用户
while User.objects.filter(username=nickname): # 防止用户名重复
nickname = nickname + '*'
user = User(username=nickname, email=email)
pwd = str(uuid.uuid1()) # 随机设置用户密码
user.set_password(pwd)
user.is_active = True
user.save()
oauth_type = OAuth_type.objects.get(
id=type) # 找到oauth_type中的对应type的id(可能有多个登录方式,所以有这表)
oauth_ex = OAuth_ex(user=user, openid=open_id, oauth_type=oauth_type)
oauth_ex.save() # 保存后登陆
auth_login(request,
user,
backend='django.contrib.auth.backends.ModelBackend')
data = dict() # 反馈登陆结果
data['goto_url'] = '/'
data['goto_time'] = 10000
data['goto_page'] = True
data['message_title'] = '绑定用户成功'
data['image_url'] = image_url
data[
'message'] = u'绑定成功!您的用户名为:<b>%s</b>。您现在可以同时使用本站账号和此第三方账号登录本站了!' % nickname
return render_to_response('blog/response.html', data)
def login(request,
template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm,
extra_context=None,
redirect_authenticated_user=False):
"""
Displays the login form and handles the login action.
"""
redirect_to = request.POST.get(redirect_field_name,
request.GET.get(redirect_field_name, ''))
if redirect_authenticated_user and request.user.is_authenticated:
redirect_to = _get_login_redirect_url(request, redirect_to)
if redirect_to == request.path:
raise ValueError(
"Redirection loop for authenticated user detected. Check that "
"your LOGIN_REDIRECT_URL doesn't point to a login page.")
return HttpResponseRedirect(redirect_to)
elif request.method == "POST":
form = authentication_form(request, data=request.POST)
if form.is_valid():
auth_login(request, form.get_user())
return redirect('frontend:machines')
else:
# active users without password
try:
user = User.objects.get(username=request.POST['username'])
if user.is_active and not user.password:
messages.info(request,
"Please receive your inital password.")
url = reverse('password_restore')
return redirect('{}?user_id={}'.format(url, user.pk))
except Exception:
pass
messages.error(request, "Unknown login/password!")
form = authentication_form(request)
else:
form = authentication_form(request)
current_site = get_current_site(request)
context = {
'form': form,
redirect_field_name: redirect_to,
'site': current_site,
'site_name': current_site.name,
'title': 'Login'
}
if extra_context is not None:
context.update(extra_context)
welcome_message = ServerConfig.objects.by_key('orthos.web.welcomemessage')
if welcome_message and len(welcome_message) > 0:
messages.info(request, mark_safe(welcome_message))
return TemplateResponse(request, template_name, context)
def get_success_url(self):
user = get_user_or_tmp_user(self.request)
auth_login(self.request, user)
return redirect_user_first_login_or_index(self.request,
self.redirect_field_name)
def form_valid(self, form):
user = form.save()
del self.request.session[INTERNAL_RESET_SESSION_TOKEN]
if self.post_reset_login:
auth_login(self.request, user, self.post_reset_login_backend)
return super().form_valid(form)
def form_valid(self, form):
self.object = form.save()
# log user in
auth_login(self.request, self.object.usermodel_ptr)
return HttpResponseRedirect(self.get_success_url())
def bind_email(request): # 使用户手动填写邮箱,绑定本站账号,因此需要一个BindEmail表单
sex = request.GET.get('sex', request.POST.get('sex', ''))
openid = request.GET.get('openid', request.POST.get('openid', ''))
nickname = request.GET.get('nickname', request.POST.get('nickname', ''))
type = request.GET.get('type', request.POST.get('type', ''))
signature = request.GET.get('signature', request.POST.get('signature', ''))
image_url = request.GET.get('image_url', request.POST.get('image_url', ''))
if request.method == 'POST':
form = BindEmail(request.POST)
if form.is_valid():
openid = form.cleaned_data['openid']
nickname = form.cleaned_data['nickname']
email = form.cleaned_data['email']
password = form.cleaned_data['password']
type = form.cleaned_data['type']
signature = form.cleaned_data['signature']
image_url = form.cleaned_data['image_url']
sex = form.cleaned_data['sex']
users = User.objects.filter(email=email)
if users:
user = users[0]
else:
while User.objects.filter(username=nickname):
nickname = nickname + '*'
user = User(username=nickname, email=email)
user.set_password(password)
user.is_active = True
user.save()
oauth_type = OAuth_type.objects.get(id=type)
oauth_ex = OAuth_ex(user=user,
openid=openid,
oauth_type=oauth_type)
oauth_ex.save()
auth_login(request,
user,
backend='django.contrib.auth.backends.ModelBackend')
data = {}
data['goto_url'] = '/'
data['goto_time'] = 10000
data['goto_page'] = True
data['message_title'] = '绑定账号成功'
data[
'message'] = u'绑定成功!您的用户名为:<b>%s</b>。您现在可以同时使用本站账号和此第三方账号登录本站了!' % nickname
return render_to_response('blog/response.html', data)
else:
form = BindEmail(
initial={
'openid': openid,
'nickname': nickname,
'type': type,
'signature': signature,
'image_url': image_url,
'sex': sex,
})
return render(request,
'blog/form.html',
context={
'form': form,
'nickname': nickname,
'type': type
})
return wrapper
return decorator
@rate_limit(num=URLCRYPT_RATE_LIMIT)
def login_redirect(request, token):
try:
decoded_data = decode_login_token(token)
except Exception, ex:
return HttpResponseRedirect(URLCRYPT_LOGIN_URL)
if request.user.is_authenticated(
) and request.user.id == decoded_data['user_id']:
return HttpResponseRedirect(decoded_data['url'])
user = authenticate(decoded_data=decoded_data)
if user:
auth_login(request, user)
return HttpResponseRedirect(decoded_data['url'])
else:
return HttpResponseRedirect(URLCRYPT_LOGIN_URL)
@login_required
def test_view(request, username=None):
return HttpResponse("ok")
########NEW FILE########
def wrapper(request, *args, **kwargs):
# logger.debug("authenticate %s" % request.user)
user = request.user
# if logged in
if request.user.is_authenticated():
logger.info("user.is_authenticated with user %s" %
request.user.username)
logger.info("user has internalid: %s" %
request.user.authprofile.internalid)
return function(request, *args, **kwargs)
base = Base.objects.get(user__username=kwargs['username'],
name=kwargs['base'])
ticket = request.GET.get("ticket", None)
if not ticket and (base.public or base.static_public):
return function(request, *args, **kwargs)
service = reverse(
'userland-static',
args=[kwargs['username'], kwargs['base'], "index.html"])
proto = request.META.get('HTTP_X_FORWARDED_PROTO', 'https')
host = request.META.get('HTTP_X_FORWARDED_HOST',
request.META.get('HTTP_HOST', None))
if base.frontend_host:
# if frontend_host is set, we do not want to present the backend uri in the service URL
service_full = "%s://%s" % (proto, base.frontend_host)
else:
service_full = "%s://%s%s" % (proto, host, service)
ticket = request.GET.get("ticket", None)
if ticket:
# if the service is called with a ticket, verify the ticket and redirect to the service
cas_ticketverify = reverse('cas-ticketverify')
cas_ticketverify += "?ticket=%s&service=%s" % (ticket,
service_full)
host = urlparse(request.build_absolute_uri()).netloc
response = requests.get("https://%s%s" % (host, cas_ticketverify))
logger.info("Response from verify: " + str(response.status_code))
logger.info("Response from verify: " + response.text)
# read jwt for identity
username, decoded_dict = read_jwt(response.text,
settings.SECRET_KEY)
logger.info("Identity from Token: %s" % username)
logger.info("Identity from Token: %s" % str(decoded_dict))
user = User.objects.get(username=username)
user.backend = 'django.contrib.auth.backends.ModelBackend'
auth_login(request, user)
request.session['cookie_path'] = "/userland/%s/%s" % (
base.user.username, base.name)
request.session.cycle_key()
# user is logged in successfully, redirect to service URL
return HttpResponseRedirect(service)
# User need to authenticate first on cas
url = reverse('cas-login') + "?service=%s" % service_full
logger.info("Redirecting to CAS login %s" % url)
return HttpResponseRedirect(url)
def my_login(request,
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationForm):
"""
Displays the login form and handles the login action.
"""
logger = tlalogger.dj_mylogger(__file__)
logger.debug('Formulario de Login mostrado')
#redirect_to = request.REQUEST.get(redirect_field_name, '')
redirect_to = request.POST.get(redirect_field_name, '')
if request.method == "POST":
form = authentication_form(data=request.POST)
if form.is_valid():
login_log(request.POST.get('username'),
request.META['REMOTE_ADDR'], True)
netloc = urlparse.urlparse(redirect_to)[1]
# Use default setting if redirect_to is empty
if not redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
# Security check -- don't allow redirection to a different
# host.
elif netloc and netloc != request.get_host():
redirect_to = settings.LOGIN_REDIRECT_URL
# No permitir el login desde ips no permitidas:
if settings.RESTRINGIR_LOGIN_POR_IP:
l_ips_permitidas = list(IPPermitida.objects.all().values_list(
'ip', flat=True))
print l_ips_permitidas
if request.META['REMOTE_ADDR'] not in l_ips_permitidas:
login_log(request.POST.get('username'),
request.META['REMOTE_ADDR'],
correcto=True,
comentario='IP no permitida')
parametros = {'error_msg': "Error 550. No permitido"}
return render(request, 'publica/login_error.html',
parametros)
# Okay, security checks complete. Log the user in.
auth_login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
# Por jose (24/09/2012). Esto registra los intentos fallidos
else:
login_log(request.POST.get('username'),
request.META['REMOTE_ADDR'], False)
# /jose.
else:
form = authentication_form(request)
request.session.set_test_cookie()
#current_site = get_current_site(request)
current_site = ''
parametros = {
'form': form,
redirect_field_name: redirect_to,
'site': '', #current_site,
'site_name': '', #current_site.name,
'servidor_propio': settings.SERVIDOR_PROPIO,
}
#
return render(request, 'publica/login.html', parametros)
def form_valid(self, form):
response = super().form_valid(form)
user = self.object
auth_login(self.request, user)
return response
def loginView(request):
"""Login the user on the system
"""
if request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
username = form.cleaned_data['username']
password = form.cleaned_data['password']
next = form.cleaned_data['next']
try:
server = form.cleaned_data['host']
config = server_config()
host = config.get(server, 'host')
port = config.getint(server, 'port')
ssl = config.getboolean(server, 'ssl')
except:
return render_to_response('wpmauth/login.html',
{ 'form': form,
'error_message': _('Invalid server. '\
'Please try again.') },
context_instance=RequestContext(request))
try:
user = authenticate(username=username[:30],
password=password,
host=host,
port=port,
ssl=ssl)
except ValueError:
return render_to_response('wpmauth/login.html',
{ 'form': form,
'error_message': _('Invalid login. '\
'Please try again.') },
context_instance=RequestContext(request))
if user is not None:
if user.is_active:
auth_login(request, user)
# Not an imap user:
if (request.session['_auth_user_backend'] ==
'django.contrib.auth.backends.ModelBackend'):
return render_to_response(
'wpmauth/login.html', {
'form':
form,
'error_message':
_('This is not an IMAP '
'valid account. Please try again.')
},
context_instance=RequestContext(request))
request.session['username'] = username
request.session['password'] = password
request.session['host'] = host
request.session['port'] = port
request.session['ssl'] = ssl
return HttpResponseRedirect(next)
# Disabled account:
else:
return render_to_response('wpmauth/login.html',
{ 'form': form,
'error_message': _('Sorry, disabled ' \
'account.') },
context_instance=RequestContext(request))
# Invalid user:
else:
return render_to_response('wpmauth/login.html',
{ 'form': form,
'error_message': _('Invalid login. Please ' \
'try again.') },
context_instance=RequestContext(request))
# Invalid form:
else:
return render_to_response('wpmauth/login.html', {'form': form},
context_instance=RequestContext(request))
# Display the empty form:
else:
data = {'next': request.GET.get('next', '')}
form = LoginForm(data)
return render_to_response('wpmauth/login.html', {'form': form},
context_instance=RequestContext(request))
def remember_me_login(request,
template_name='registration/login.html',
redirect_field_name=REDIRECT_FIELD_NAME,
authentication_form=AuthenticationRememberMeForm):
"""
Based on login view cribbed from
https://github.com/django/django/blob/1.2.7/django/contrib/auth/views.py#L25
Displays the login form with a remember me checkbox and handles the
login action.
The authentication_form parameter has been changed from
``django.contrib.auth.forms.AuthenticationForm`` to
``remember_me.forms.AuthenticationRememberMeForm``. To change this, pass a
different form class as the ``authentication_form`` parameter.
"""
redirect_to = request.GET.get(redirect_field_name, '')
if request.method == "POST":
form = authentication_form(data=request.POST)
if form.is_valid():
redirect_to = request.POST.get(redirect_field_name)
# Light security check -- make sure redirect_to isn't garbage.
if not redirect_to or ' ' in redirect_to:
redirect_to = webproject_settings.LOGIN_REDIRECT_URL
# Heavier security check -- redirects to http://example.com should
# not be allowed, but things like /view/?param=http://example.com
# should be allowed. This regex checks if there is a '//' *before* a
# question mark.
elif '//' in redirect_to and re.match(r'[^\?]*//', redirect_to):
redirect_to = webproject_settings.LOGIN_REDIRECT_URL
if form.cleaned_data.get('remember_me'):
request.session.set_expiry(1209600)
# Okay, security checks complete. Log the user in.
auth_login(request, form.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
form = authentication_form(request)
request.session.set_test_cookie()
current_site = get_current_site(request)
return render(
request, template_name, {
'form': form,
'redirect_field_name': redirect_field_name,
'redirect_field_value': redirect_to,
'site': current_site,
'site_name': current_site.name,
})
def form_valid(self, form):
self.object = form.get_user()
auth_login(self.request, self.object)
return super().form_valid(form)
def commit(self, request):
auth_login(request, self.user)
def login(request, user):
auth_login(request, user)
from astakos.im.models import SessionCatalog
SessionCatalog(session_key=request.session.session_key, user=user).save()
logger.info('%s logged in.', user.log_display)
def form_valid(self, form):
username = form.cleaned_data['username']
password = form.cleaned_data['password']
if self.kwargs['role'] == 0:
user = authenticate(username=username, password=password)
else:
teacher = form.cleaned_data['teacher']
user = authenticate(username=teacher+"_"+username, password=password)
if user is not None:
auth_login(self.request, user)
else :
return redirect("/account/login/"+str(self.kwargs['role']))
if user.id == 1 and user.first_name == "":
user.first_name = "管理員"
user.save()
# 學習領域
domains = ['生物']
for domain_name in domains:
domain = Domain(title=domain_name)
domain.save()
levels = ['高一','高二','高三']
for level_name in levels:
level = Level(title=level_name)
level.save()
zones = Zone.objects.all()
if len(zones) == 0:
for city_name, zones, mapx, mapy in county:
city = County(name=city_name, mapx=mapx, mapy=mapy)
city.save()
for zone_name in zones:
zone = Zone(name=zone_name, county=city.id)
zone.save()
school = School(county=2, zone=38, system=3, name="南港高中")
school.save()
user.last_name = "1"
user.save()
try :
group = Group.objects.get(name="apply")
except ObjectDoesNotExist :
group = Group(name="apply")
group.save()
group.user_set.add(user)
# create Message
title = "請修改您的姓名"
url = "/account/realname"
message = Message(title=title, url=url, time=timezone.now())
message.save()
# message for group member
messagepoll = MessagePoll(message_id = message.id,reader_id=1)
messagepoll.save()
# 記錄訪客資訊
admin_user = User.objects.get(id=1)
try:
profile = Profile.objects.get(user=admin_user)
except ObjectDoesNotExist:
profile = Profile(user=admin_user)
profile.save()
profile.visitor_count = profile.visitor_count + 1
profile.save()
year = localtime(timezone.now()).year
month = localtime(timezone.now()).month
day = localtime(timezone.now()).day
date_number = year * 10000 + month*100 + day
try:
visitor = Visitor.objects.get(date=date_number)
except ObjectDoesNotExist:
visitor = Visitor(date=date_number)
visitor.count = visitor.count + 1
visitor.save()
visitorlog = VisitorLog(visitor_id=visitor.id, user_id=user.id, IP=self.request.META.get('REMOTE_ADDR'))
visitorlog.save()
# If the test cookie worked, go ahead and
# delete it since its no longer needed
if self.request.session.test_cookie_worked():
self.request.session.delete_test_cookie()
return super(Login, self).form_valid(form)
