def add_api(request):
if request.method == 'POST':
form = AddApiKeyForm(request.POST)
form.user = request.user
if form.is_valid():
user_api = UserAPIKey()
user_api.keyID = form.cleaned_data["keyID"]
user_api.vCode = form.cleaned_data["vCode"]
user_api.user = request.user
user_api.save()
members, corps = init_characters(request.user, form.characters)
for corp in corps:
corp.save()
for member in members:
member.save()
update_user_accesses(request.user)
logger.info('"%s" added new API Key %d' % (request.user, user_api.keyID))
return redirect('/account/')
else: # request.method == 'GET'
form = AddApiKeyForm()
data = {
'form': form,
'accessMask': required_access_mask(character=True)
}
return render_to_response('ecm/auth/add_api.html', data, Ctx(request))
def edit_api(request, keyID):
api = get_object_or_404(UserAPIKey, keyID=int(keyID))
if api.user != request.user:
return forbidden(request)
if request.method == 'POST':
form = EditApiKeyForm(request.POST)
form.user = request.user
if form.is_valid():
api.vCode = form.cleaned_data["vCode"]
api.is_valid = True
api.save()
members, corps = init_characters(request.user, form.characters)
for member in members:
member.save()
for corp in corps:
corp.save()
update_user_accesses(request.user)
logger.info('"%s" edited API Key %d' % (request.user, api.keyID))
return redirect('/account/')
else: # request.method == 'GET'
form = EditApiKeyForm(initial={"keyID" : api.keyID, "vCode" : api.vCode})
data = {
'form': form,
'request_path' : request.get_full_path(),
'accessMask': required_access_mask(character=True)
}
return render_to_response('ecm/auth/edit_api.html', data, Ctx(request))
def create_account(request):
if request.method == 'POST':
form = AccountCreationForm(request.POST)
if form.is_valid():
username = form.cleaned_data["username"]
password = form.cleaned_data["password1"]
email = form.cleaned_data["email"]
user, profile = RegistrationProfile.objects.create_inactive_user(
username=username, email=email, password=password)
user_api = UserAPIKey()
user_api.keyID = form.cleaned_data["keyID"]
user_api.vCode = form.cleaned_data["vCode"]
user_api.user = user
user_api.save()
members, corps = init_characters(user, form.characters)
for corp in corps:
corp.save()
for member in members:
member.save()
logger.info('"%s" created new account id=%d' % (user, user.id))
# Be sure to have mail configured on your server, otherwise catch except
try:
send_activation_email(request, profile)
logger.info('activation email sent to "%s" for account "%s"' %
(user.email, user))
return render_to_response('ecm/auth/account_created.html',
{'form': form},
context_instance=Ctx(request))
except Exception, err:
logger.error(
'Sending an activation email failed. Address: %s Account: %s'
% (user.email, user))
return render_to_response(
'ecm/auth/account_mail_fail.html', {
'form': form,
'error_reason': "Error{0}".format(str(err))
},
context_instance=Ctx(request))
def create_account(request):
if request.method == 'POST':
form = AccountCreationForm(request.POST)
if form.is_valid():
username = form.cleaned_data["username"]
password = form.cleaned_data["password1"]
email = form.cleaned_data["email"]
user, profile = RegistrationProfile.objects.create_inactive_user(username=username,
email=email,
password=password)
user_api = UserAPIKey()
user_api.keyID = form.cleaned_data["keyID"]
user_api.vCode = form.cleaned_data["vCode"]
user_api.user = user
user_api.save()
members, corps = init_characters(user, form.characters)
for corp in corps:
corp.save()
for member in members:
member.save()
logger.info('"%s" created new account id=%d' % (user, user.id))
# Be sure to have mail configured on your server, otherwise catch except
try:
send_activation_email(request, profile)
logger.info('activation email sent to "%s" for account "%s"' % (user.email, user))
return render_to_response('ecm/auth/account_created.html',
{ 'form': form },
context_instance=Ctx(request))
except Exception, err:
logger.error('Sending an activation email failed. Address: %s Account: %s'
% (user.email, user))
return render_to_response('ecm/auth/account_mail_fail.html',
{ 'form': form,
'error_reason' : "Error{0}".format(str(err))},
context_instance=Ctx(request))
def authenticate(self, username=None, password=None):
"""Authenticate user against phpBB3 database.
Check if the user exists in Django users. If not, create it.
Then authenticate."""
logging.debug("PhpbbBackend::authenticate()")
user = None
try:
phpbb_user = PhpbbUser.objects.get(username=username)
except PhpbbUser.DoesNotExist:
# The user does not exist in phpBB. Bailing out.
logging.info("User '%s' doesn't exist." % username)
return None
phpbb_checker = php_password.PhpbbPassword()
if phpbb_checker.phpbb_check_hash(password, phpbb_user.user_password):
logging.debug("User %s successfully authenticated "
"with phpBB database." % username)
else:
# Invalid password
logging.info("Wrong password for user %s" % username)
return None
# At this point we have successfully checked phpBB user password.
# Now we're getting and returning Django user. If necessary, we're
# creating the user on the fly.
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
logging.info("Creating new Django user '%s'" % username)
if username:
user = User(username=username, password="")
user.is_staff = False
user.is_superuser = False
user.email = phpbb_user.user_email
user.save()
# Do the initial update of the user's characters
characters = api.get_account_characters(
UserAPIKey(keyID=phpbb_user.eveapi_keyid,
vCode=phpbb_user.eveapi_vcode))
members, corps = init_characters(user, characters)
for corp in corps:
corp.save()
for member in members:
member.save()
# Give the new user roles/groups:
update_user_accesses(user)
else:
logging.warning("User name empty. Not creating.")
return None
# In case the phpBB password has changed, we're updating user's
# Django password. Django password is necessary when user wants to log
# in to the admin interface.
user.set_password(password)
# Update the API information always to allow changes from phpBB
user_api = UserAPIKey()
user_api.keyID = phpbb_user.eveapi_keyid
user_api.vCode = phpbb_user.eveapi_vcode
user_api.user = user
user_api.save()
logging.debug("Returning user '%s'" % user)
return user