def get_password_grant(self, request, data, client): form = ClientIdPasswordGrantForm(data, client=client) if not form.is_valid(): statsd.incr('login.failed') logger.info('login failed', extra={ 'IP': get_ip(request), 'USERNAME': request.POST.get('username'), 'CLIENT_SECRET': request.POST.get('client_secret'), 'HTTP_REFERER': request.META.get('HTTP_REFERER'), 'HTTP_USER_AGENT': request.META.get('HTTP_USER_AGENT') }) form.on_form_invalid() raise OAuthError(form.errors) else: form.on_form_valid() statsd.incr('login.success') logger.info('login succeeded', extra={ 'IP': get_ip(request), 'USERNAME': request.POST.get('username'), 'CLIENT_SECRET': request.POST.get('client_secret'), 'HTTP_REFERER': request.META.get('HTTP_REFERER'), 'HTTP_USER_AGENT': request.META.get('HTTP_USER_AGENT') }) return form.cleaned_data
def history(request): connect = Connection('127.0.0.1', 27017) db = connect.ips if request.method == 'POST': ip = request.POST.get('ip', None) country = request.POST.get('country', None) else: ip = get_ip(request) gic = pygeoip.GeoIP("/home/paul/mhack/GeoIPCity.dat") geo = gic.record_by_addr(ip) try: country = geo['country'] except: country = 'Russian Federation' if country is None: country = 'Russian Federation' if ip is None: ip = get_ip(request) path = '/home/paul/prison/countries/' + country json_countr = open(path) data = json.load(json_countr) json_countr.close() for dat in data: dat[2] = dat[2].encode("ISO-8859-1") out = compromatFunction(ip) context = {'hist_data': out, 'ip': ip, 'countries': countries, 'top': data, 'this': country, } return render(request, 'history.html', context)
def get_password_grant(self, request, data, client): form = ClientIdPasswordGrantForm(data, client=client) if not form.is_valid(): statsd.incr("login.failed") logger.info( "login failed", extra={ "IP": get_ip(request), "USERNAME": request.POST.get("username"), "CLIENT_SECRET": request.POST.get("client_secret"), "HTTP_REFERER": request.META.get("HTTP_REFERER"), "HTTP_USER_AGENT": request.META.get("HTTP_USER_AGENT"), }, ) form.on_form_invalid() raise OAuthError(form.errors) else: form.on_form_valid() statsd.incr("login.success") logger.info( "login succeeded", extra={ "IP": get_ip(request), "USERNAME": request.POST.get("username"), "CLIENT_SECRET": request.POST.get("client_secret"), "HTTP_REFERER": request.META.get("HTTP_REFERER"), "HTTP_USER_AGENT": request.META.get("HTTP_USER_AGENT"), }, ) return form.cleaned_data
def from_http_request(self, request, response=None, commit=True): # Request infomation self.method = request.method self.path = request.path self.is_secure = request.is_secure() self.is_ajax = request.is_ajax() # User infomation # @see: https://github.com/kylef/django-request/issues/54 self.ip = get_ip(request) if not None else '0.0.0.0' self.referer = request.META.get('HTTP_REFERER', '')[:255] self.user_agent = request.META.get('HTTP_USER_AGENT', '')[:255] self.language = request.META.get('HTTP_ACCEPT_LANGUAGE', '')[:255] if getattr(request, 'user', False): if request.user.is_authenticated(): self.user = request.user if response: self.response = response.status_code if (response.status_code == 301) or (response.status_code == 302): self.redirect = response['Location'] if commit: self.save()
def get_token(request, user_id): settings_EDM = { 'API_KEY': 'API_ZENHEADS', 'MAGIC_WORD': '9ce8a3919da5ffe41cc9219a1ce47242', } api_key = settings_EDM['API_KEY'] magic = settings_EDM['MAGIC_WORD'] ip = get_ip(request) # ip = '80.99.236.194' # on local network get your ip timestamp = str(int(time.time())) m = hashlib.md5() to_hash = api_key + ip + timestamp + magic m.update(to_hash) data = { 'id': api_key, 'uid': user_id, 'ip': ip, 'ts': timestamp, 'hash': m.hexdigest() } response = requests.post(url='http://api.edmdesigner.com/api/token', data=data) # assert http 200 return response.text
def has_access(self): """ Returns a boolean indicating if the article can be accessed. The following verifications are performed in order to determine if an article can be browsed: 1- it is in open access 2- the current user has access to it with its individual account 3- the current IP address is inside on of the IP address ranges allowed to access to it """ article = self.get_article() # 1- Is the article in open access? if article.open_access: return True # 2- Is the current user allowed to access the article? # TODO: add # 3- Is the current IP address allowed to access the article as an institution? ip = get_ip(self.request) institution_accounts = InstitutionalAccount.objects.filter( Q(policy__access_full=True) | Q(policy__access_journal=article.issue.journal)) institutional_access = institution_accounts.exists() and \ InstitutionIPAddressRange.objects.filter( institutionaccount__in=institution_accounts, ip_start__lte=ip, ip_end__gte=ip).exists() if institutional_access: return True return False
def get_context_data(self): country_code = GeoIP().country_code(ip.get_ip(self.request)) if country_code is None: country_code = settings.DEFAULT_COUNTRY_CODE context = super(NewUserView, self).get_context_data() context['locations'] = get_most_followed(country_code) return context
def form_valid(self, form): # Create user instance with fixed username form.instance.username = create_username( form.instance.first_name, form.instance.last_name ) form.instance.is_active = False form.instance.set_password(form.cleaned_data['password1']) form.instance.save() # Create token for mobile API Token.objects.create(user=form.instance) # Create registration link and save along with request params salt = hashlib.md5() salt.update(settings.SECRET_KEY + str(datetime.datetime.now().time)) register_demand = RegisterDemand.objects.create( activation_link = salt.hexdigest(), ip_address = ip.get_ip(self.request), user = form.instance, email = form.instance.email, lang = translation.get_language_from_request(self.request) ) # Create full link to activation page for new user site_url = self.request.build_absolute_uri('/user/activate/') link = site_url + str(register_demand.activation_link) # Send email in user's own language if possible email = emails.ActivationLink() email_context = {'link': link} if translation.check_for_language(register_demand.lang): email_context.update({'lang': register_demand.lang}) email.send(register_demand.email, email_context) return render(self.request, 'userspace/register-success.html', {'title': _("Message send"),})
def _validate_signature(self, project, request): secret_key = request.GET.get("key", None) if secret_key is None: return False if not hasattr(project, "modules_config"): return False if project.modules_config.config is None: return False project_secret = project.modules_config.config.get("bitbucket", {}).get("secret", "") if not project_secret: return False bitbucket_config = project.modules_config.config.get("bitbucket", {}) valid_origin_ips = bitbucket_config.get("valid_origin_ips", settings.BITBUCKET_VALID_ORIGIN_IPS) origin_ip = get_ip(request) mathching_origin_ip = True if valid_origin_ips: try: mathching_origin_ip = len(all_matching_cidrs(origin_ip,valid_origin_ips)) > 0 except(AddrFormatError, ValueError): mathching_origin_ip = False if not mathching_origin_ip: return False return project_secret == secret_key
def Confirm(request): ip = str(get_ip(request)) config = { 'user': '******', 'router': '172.19.0.1', 'port': '2200', 'options': '-o ConnectTimeout=1 -o StrictHostKeyChecking=no', 'ip': ip, 'rule': 'ip firewall address-list remove [find address=%s]' % ip } context = Overdue.objects.get(ip_address=config['ip']) if context.seeme < 30: proc = subprocess.check_output( '/usr/bin/ssh %(options)s %(user)s@%(router)s -p %(port)s "%(rule)s"' % config, shell=True ) context.seeme = context.seeme + 1 context.removed = True context.save() return True
def auth(request): if request.user.is_authenticated(): usersession = UserSession.objects.get( session_id=request.session.session_key) current_ip = get_ip(request) if usersession.ip != current_ip: usersession.ip = current_ip usersession.save() cachekey = "auth_cache_{}".format(request.META.get( "HTTP_AUTHORIZATION") or request.session.session_key) content = cache.get(cachekey) if content: response = HttpResponse(content[0]) for key, val in content[1].iteritems(): response[key] = val response["X-auth-cache-hit"] = "success" return response if not request.user.is_authenticated(): # Check basic auth against LDAP as an alternative to SSO. try: assert request.META.get("HTTP_AUTHORIZATION") is not None username, password = request.META["HTTP_AUTHORIZATION"].split( " ", 1)[1].strip().decode('base64').split(":", 1) ldapauth = LDAPBackend() if username.find("@") > -1: username = DepartmentUser.objects.get( email__iexact=username).username user = ldapauth.authenticate(username=username, password=password) if not user: us = UserSession.objects.filter(user__username=username)[0] assert us.shared_id == password user = us.user user.backend = "django.contrib.auth.backends.ModelBackend" login(request, user) except Exception as e: response = HttpResponse(status=401) response[ "WWW-Authenticate"] = 'Basic realm="Please login with your username or email address"' response.content = repr(e) return response response = HttpResponse(whoamiResource.as_detail()(request).content) headers, cache_headers = json.loads(response.content), dict() headers["full_name"] = u"{}, {}".format( headers.get( "last_name", ""), headers.get( "first_name", "")) # TODO: use url reverse on logout alias headers["logout_url"] = "https://oim.dpaw.wa.gov.au/logout" try: headers["kmi_roles"] = DepartmentUser.objects.get( email__iexact=headers["email"]).extra_data.get( "KMIRoles", '') except Exception as e: headers["kmi_roles"] = '' for key, val in headers.iteritems(): key = "X-" + key.replace("_", "-") cache_headers[key], response[key] = val, val cache.set(cachekey, (response.content, cache_headers), 3600) return response
def __init__(self, poll, request=None, data=None, **kwargs): super(VoteForm, self).__init__(data, **kwargs) self.poll = poll self.request = request self.fields['question'].queryset = poll.questions.all() if request: self.ip = get_real_ip(self.request) or get_ip(self.request)
def receive_log(request, key_lifetime=5*60, per_ip_limit=7, silence_in_debug_mode=True): params = {'request_time', 'message', 'csrfmiddlewaretoken'} for key in request.POST.keys(): if key not in params: return HttpResponse('unknown parameter "{0:s}"'.format(key), status=400) for param in params: if param not in request.POST: return HttpResponse('parameter "{0:s}" is required'.format(param), status=400) try: request_time = int(signer.unsign(request.POST['request_time'])) except BadSignature: return HttpResponse('the time signature is not valid'.format(request.POST['key']), status=401) if request_time > time() + key_lifetime: return HttpResponse('this logging key has expired', status=401) ip = get_ip(request) message = 'javascript at {0:s} from {2:s}: \n{1:s}'.format( try_get_domain(), request.POST['message'][:2048], ip) ip_time_hash = '{0:s} {1:d}'.format(ip, int(time() / (60*60*12))) if ip_time_hash not in IP_LOG_COUNTER: IP_LOG_COUNTER[ip_time_hash] = 1 IP_LOG_COUNTER[ip_time_hash] += 1 if IP_LOG_COUNTER[ip_time_hash] > per_ip_limit: return HttpResponse('silently ignored due to flooding', status=200) if settings.DEBUG and silence_in_debug_mode: return HttpResponse('error report discarded because of debug mode', status=200) try: send_log(message, status='error') except MinimalLogError: return HttpResponse('there was a server problem while storing the report', status=400) else: return HttpResponse('ok', status=200)
def store_request(self): if not settings.APPLICATION_MONITORING: return if not settings.APPLICATION_MONITOR_STUFF_USERS and self.request.user.is_staff: return user_request = models.Request() user_request.server_name = self.request.META.get('SERVER_NAME', '') user_request.server_host = self.request.META.get('HTTP_HOST', '') user_request.user_username = self.request.user.username user_request.user_is_staff = self.request.user.is_staff user_request.user_is_active = self.request.user.is_active user_request.client_name = self.request.META.get('USER', '') user_request.client_agent = self.request.META.get('HTTP_USER_AGENT', '') user_request.client_ip = self.request.META.get('REMOTE_ADDR', '') real_ip = get_real_ip(self.request) if real_ip is None: real_ip = get_ip(self.request) user_request.client_real_ip = real_ip user_request.scheme = self.request.scheme user_request.method = self.request.method user_request.data = self.request.REQUEST user_request.is_ajax = self.request.is_ajax() user_request.from_page = self.request.META.get('HTTP_REFERER', '') user_request.to_page = self.request.path user_request.to_page_query = self.request.META.get('QUERY_STRING', '') user_request.save() return user_request
def process_request(self, request): """ Processes embargo requests. """ url = request.path course_id = course_id_from_url(url) course_is_embargoed = EmbargoedCourse.is_embargoed(course_id) # If they're trying to access a course that cares about embargoes if self.site_enabled or course_is_embargoed: # Construct the list of functions that check whether the user is embargoed. # We wrap each of these functions in a decorator that logs the reason the user # was blocked. # Each function should return `True` iff the user is blocked by an embargo. check_functions = [ self._log_embargo_reason(check_func, course_id, course_is_embargoed) for check_func in [ partial(self._is_embargoed_by_ip, get_ip(request)), partial(self._is_embargoed_by_profile_country, request.user) ] ] # Perform each of the checks # If the user fails any of the checks, immediately redirect them # and skip later checks. for check_func in check_functions: if check_func(): return self._embargo_redirect_response
def get_request_ip_address(self, request): """Gets the IP address of the request""" ip_address = get_ip(request) if ip_address is not None: return ip_address else: return ''
def get(self, request, *args, **kw): ip = args[0] details_request = IPDetails(ip, *args, **kw) result = DetailsSerializer(details_request) response = Response(result.data, status=status.HTTP_200_OK) visit = Visit() visit.endpoint = '/api/details/' + ip visit.timestamp = get_epoch_timestamp() visit.address = get_ip(request) cookie = request.COOKIES.get("alienvaultid", None) if cookie is None: ck_val = create_random_string() # set this cookie to expire in one year response.set_cookie('alienvaultid', ck_val, max_age=31536000) visitor = Visitor() visitor.alienvaultid = ck_val visitor.save() else: visitor = Visitor.objects.get(alienvaultid=cookie) visit.visitor_id = visitor.id visit.save() return response
def get(self, request, attempt_code): # pylint: disable=unused-argument """ Returns the status of an exam attempt. Given that this is an unauthenticated caller, we will only return the status string, no additional information about the exam """ attempt = get_exam_attempt_by_code(attempt_code) ip_address = get_ip(request) timestamp = datetime.now(pytz.UTC) if not attempt: return HttpResponse( content='You have entered an exam code that is not valid.', status=404 ) update_exam_attempt(attempt['id'], last_poll_timestamp=timestamp, last_poll_ipaddr=ip_address) return Response( data={ # IMPORTANT: Don't add more information to this as it is an # unauthenticated endpoint 'status': attempt['status'], }, status=200 )
def photo_agreement(request): user = get_object_or_404(Person, userid=request.user.username) configs = UserConfig.objects.filter(user=user, key='photo-agreement') if configs: config = configs[0] else: config = UserConfig(user=user, key='photo-agreement', value={'agree': False}) if request.method == 'POST': form = PhotoAgreementForm(request.POST) if form.is_valid(): config.value['agree'] = form.cleaned_data['agree'] if config.value['agree']: config.value['version'] = 1 config.value['at'] = datetime.datetime.now().isoformat() config.value['from'] = ip.get_ip(request) config.save() messages.add_message(request, messages.SUCCESS, 'Updated your photo agreement status.') if 'return' in request.GET: url = request.GET['return'] else: url = reverse('config:config') return HttpResponseRedirect(url) else: form = PhotoAgreementForm({'agree': config.value['agree']}) context = {"form": form} return render(request, "dashboard/photo_agreement.html", context)
def get_embargo_response(request, course_id, user): """ Check whether any country access rules block the user from enrollment. Args: request (HttpRequest): The request object course_id (str): The requested course ID user (str): The current user object Returns: HttpResponse: Response of the embargo page if embargoed, None if not """ redirect_url = redirect_if_blocked( course_id, user=user, ip_address=get_ip(request), url=request.path) if redirect_url: return Response( status=status.HTTP_403_FORBIDDEN, data={ "message": ( u"Users from this location cannot access the course '{course_id}'." ).format(course_id=course_id), "user_message_url": request.build_absolute_uri(redirect_url) } )
def get_cache_key(self, request, view): ident = get_ip(request) return self.cache_format % { "scope": self.scope, "ident": ident }
def get_context_data(self, **kwargs): ct = self.kwargs.get('ct') pk = self.kwargs.get('pk') active_marker = None obj = None context = super(IndexView, self).get_context_data(**kwargs) if pk and ct: ctype = ContentType.objects.get(pk=ct) try: obj = ctype.get_object_for_this_type(pk=pk) except ObjectDoesNotExist: raise Http404 try: active_marker = MapPointer.objects.filter( object_pk=obj.pk,content_type=ct)[0] except IndexError: # No markers for this specific content element raise Http404 context['active_marker'] = active_marker if active_marker is not None: position = (active_marker.longitude, active_marker.latitude,) else: position = GeoIP().coords(ip.get_ip(self.request)) or ("21.0030", "52.1356") context['title'] = self.set_title(obj) context['content_types'] = ContentType.objects.all() context['position'] = {'lat': position[1], 'lng': position[0]} context['icons'] = ['location','idea','news','poll','discussion','socialproject'] return context
def log_analytics(request, event, properties): try: import analytics from ipware.ip import get_ip as get_ip if settings.DEBUG: return if not hasattr(settings, "SEGMENT_IO_KEY"): logger.warning("Cannot send analytics. No Segment IO Key has been set") return if "pingdom" in request.META.get("HTTP_USER_AGENT", ""): logger.warning("Not recording analytics. Ignored pingdom bot") return api_key = settings.SEGMENT_IO_KEY ip = get_ip(request) name = names.get_full_name() uid = request.session.get("uid", name) request.session["uid"] = uid analytics.init(api_key) analytics.identify(uid, { "$name" : uid, }, { "$ip" : ip} ) analytics.track(uid, event=event, properties=properties) except Exception, e: logger.exception("Error handling analytics")
def programme_feedback_view(request, event, programme_id): programme = get_object_or_404(Programme, id=int(programme_id), category__event=event) if not programme.is_open_for_feedback: messages.error(request, _('You cannot leave anonymous feedback about your own programme.')) return redirect('core_event_view', event.slug) is_own_programme = request.user.person in programme.organizers.all() form = initialize_form(ProgrammeFeedbackForm, request, is_own_programme=is_own_programme) if request.method == 'POST': if form.is_valid(): feedback = form.save(commit=False) if feedback.is_anonymous and is_own_programme: messages.error(request, _('You cannot leave anonymous feedback about your own programme.')) else: feedback.author = request.user.person feedback.author_ip_address = get_ip(request) or '' feedback.programme = programme feedback.save() messages.success(request, _('Thank you for your feedback.')) return redirect('core_event_view', event.slug) else: messages.error(request, _('Please check the form.')) vars = dict( event=event, programme=programme, form=form, ) return render(request, 'programme_feedback_view.jade', vars)
def poll(request, akey): ip = get_ip(request) to_open = "#" # character which is not a question mark col = 1 row = 1 # placeholders if Hub.objects.filter(secret_key=akey).exists(): this_hub = Hub.objects.get(secret_key=akey) this_hub.polled_at = timezone.now() if this_hub.ip != ip: print("Warning: IP of controller changed to " + ip) this_hub.ip = ip this_hub.save() print(" hub " + this_hub.secret_key + " polled us.", end="") if this_hub.waiting: this_hub.waiting = False this_hub.save() to_open = "?" row = this_hub.waiting_row col = this_hub.waiting_col print(" -- Poll open data served for hub: {} col: {}, row {}".format(this_hub, col, row)) # Set Unlock transaction's waiting attribute to False to indicate success unlock = Unlock.objects.last() # FIXME: This will only honor the most recent Unlock since the last poll unlock.waiting = False unlock.save() print("Unlock action {} is no longer waiting.".format(unlock)) # TODO: Set up queueing for multiple unlocks (check waiting Unlock objects rather than using hub.waiting_col, etc) # FIXME: It should also verify that the locker of the Unlock action is in this hub else: print(" -- No action to take.") else: print("Error: controller that doesn't exist polled us") return render(request, "poll_response.html", {"to_open": to_open, "col": col, "row": row})
def _wrapped_view(request, *args, **kwargs): if request.user.is_authenticated(): if 'scan_id' in kwargs: scan_id = UUID(kwargs.get('scan_id')) try: scan = IrmaScan.objects.get(irma_scan=scan_id) except IrmaScan.DoesNotExist: return process_error(request, error=ERROR_NOT_FOUND) if (request.user == scan.user and request.user.has_perm('fir_irma.scan_files')) or \ request.user.has_perm('fir_irma.read_all_results'): kwargs['scan'] = scan return view_func(request, *args, **kwargs) elif settings.IRMA_ANONYMOUS_SCAN and settings.IRMA_IS_STANDALONE: if 'scan_id' in kwargs: scan_id = UUID(kwargs.get('scan_id')) client_ip = get_ip(request) try: scan = IrmaScan.objects.get(irma_scan=scan_id, client_ip=client_ip) kwargs['scan'] = scan return view_func(request, *args, **kwargs) except IrmaScan.DoesNotExist: return process_error(request, error=ERROR_NOT_FOUND) path = request.build_absolute_uri() resolved_login_url = resolve_url(login_url or settings.LOGIN_URL) # If the login url is the same scheme and net location then just # use the path as the "next" url. login_scheme, login_netloc = urlparse(resolved_login_url)[:2] current_scheme, current_netloc = urlparse(path)[:2] if ((not login_scheme or login_scheme == current_scheme) and (not login_netloc or login_netloc == current_netloc)): path = request.get_full_path() from django.contrib.auth.views import redirect_to_login return redirect_to_login( path, resolved_login_url, redirect_field_name)
def download(request, method, type, asset): # Remove extension from asset tag = os.path.splitext(asset)[0] assets = get_list_or_404(Asset, tag=tag, type__name=type, active=1) # Choose asset randomly asset = random.choice(assets) # Grab request META information ip = get_ip(request) useragent = request.META['HTTP_USER_AGENT'] # If we don't have an IP or user agent throw a 404 if not ip or not useragent: raise Http404 referer = None if 'HTTP_REFERER' in request.META: referer = request.META['HTTP_REFERER'] # Create the Stat object stat = Stat.objects.create(asset=asset, ip=ip, useragent=useragent, method=method, referer=referer, created=timezone.now(), modified=timezone.now()) # Make sure we have a stat object otherwise throw a 404 if not stat: raise Http404 return HttpResponseRedirect(asset.url)
def process_request(self, request): """ Processes embargo requests """ url = request.path course_id = course_id_from_url(url) # If they're trying to access a course that cares about embargoes if EmbargoedCourse.is_embargoed(course_id): # If we're having performance issues, add caching here ip_addr = get_ip(request) # if blacklisted, immediately fail if ip_addr in IPFilter.current().blacklist_ips: log.info("Embargo: Restricting IP address %s to course %s because IP is blacklisted.", ip_addr, course_id) return redirect('embargo') country_code_from_ip = pygeoip.GeoIP(settings.GEOIP_PATH).country_code_by_addr(ip_addr) is_embargoed = country_code_from_ip in EmbargoedState.current().embargoed_countries_list # Fail if country is embargoed and the ip address isn't explicitly whitelisted if is_embargoed and ip_addr not in IPFilter.current().whitelist_ips: log.info( "Embargo: Restricting IP address %s to course %s because IP is from country %s.", ip_addr, course_id, country_code_from_ip ) return redirect('embargo')
def visit_view(request, ct, pk): """ This view should be used along with some front-end scripts. This way we can exclude robots from records. """ visit = Visit.objects.create(ip=get_ip(request), content_type_id=ct, object_id=pk) return HttpResponse(json.dumps({'id': visit.pk, }), content_type="application/json")
def add_user(request): if request.method == "POST": form = UserForm(request.POST) ip = get_ip(request) print('Valid Form', form.is_valid()) if form.is_valid(): user = form.save(commit=False) #Set IP user.submission_ip = ip # temporarily here. Please move this to the form and # check if lat/long data are available before saving lat, lon = lat_long(user.location) user.lat = lat user.lon = lon user.save() #save user matchNewUser(pk=user.pk) return redirect('user_detail', pk=user.pk, permanent=True) else: form = UserForm() return render(request, 'users/index.html', {'form': form})
def storeAuditTrial(prevObj, changeObj, actionType, request): aTrial = AuditTrial() aTrial.modelType = changeObj._meta.verbose_name.title() aTrial.objectId = changeObj.pk aTrial.action = actionType aTrial.user = request.user aTrial.ip = get_ip(request) if prevObj: aTrial.fromObj = serializers.serialize("json", [prevObj]) aTrial.toObj = serializers.serialize("json", [changeObj]) aTrial.save()
def create(request): try: data = { 'msg': '', 'index': 'admin', 'form': CreateForm(request.POST) } if request.method == 'POST': username = request.POST.get('username', '') password = request.POST.get('password', '') email = request.POST.get('email', '') first_name = request.POST.get('first_name', '') reg_code = request.POST.get('reg_code', '') bank_code = request.POST.get('bank_code', '') bank_card = request.POST.get('bank_card', '') if not username or not password or not email: data['msg'] = '账号及密码、邮箱不能为空' elif len(password) < 10: data['msg'] = '密码长度至少为10' else: u_exists = Auth_user.objects.filter(username=username).exists() if u_exists: data['msg'] = '账号已存在' else: u = Auth_user.objects \ .create_user(username, email, password) u.first_name = first_name u.is_superuser = 1 u.is_staff = 1 u.save() uinfo = UserInfo( user=u, reg_time=datetime.now(), reg_ip=get_ip(request), bank_code=bank_code, bank_card=bank_card ) if reg_code: code_exists = InviteCode.objects \ .filter(code=reg_code).filter(status=0) if not code_exists: uinfo.reg_code = reg_code uinfo.reg_type = 2 else: uinfo.reg_type = 1 uinfo.save() data['msg'] = '账号创建成功' except: utils.debug() return utils.ErrResp(errors.FuncFailed) return render(request, 'backend/admin/create.html', data)
def ip_address(self): request = self.request try: ip_address = get_real_ip(request) except AttributeError: ip_address = None if not ip_address: try: ip_address = get_ip(request) except AttributeError: ip_address = None return ip_address
def get_redirect_url(self, *args, **kwargs): user = (self.request.user if self.request.user.is_authenticated() else None) access_log = NewDataFileAccessLog( user=user, ip_address=get_ip(self.request), data_file=self.data_file) access_log.save() return self.data_file.file_url_as_attachment
def form_valid(self, form): # These must be set before `form_valid()` which saves Message model instance. # Then, `self.object` is available in order to save attachments. form.instance.board = self.board form.instance.ip_address = get_ip(self.request) form.instance.owner = self.request.user form.instance.nickname = self.request.user.username # The fields such as created, updated, status, view_count are filled by default. response = super(MessageCreateView, self).form_valid(form) return response
def treat_request(request): ip = get_ip(request) name = request.GET.get('network_name') try: Network.objects.filter(network_name=name).delete() except: pass try: Network.objects.create(network_name=name, ip=ip) except: pass
def save(self, forms, request): if not request.user.is_authenticated(): user_form = forms['user_form'] user = user_form.save() ProfileManagerMixinView.save(self, forms, request) else: user = request.user request_instance = self.craft_request(forms, user) ip = get_ip(request) request_instance.from_ip = ip request_instance.save() self._send_mail_request(user, request_instance)
def obj_update(self, bundle, **kwargs): # Workaround for # https://github.com/toastdriven/django-tastypie/issues/390 : if hasattr(bundle, "obj_update_done"): return bundle.data['updated_time'] = datetime.now() ip = get_ip(bundle.request) if ip is not None: bundle.data['wan_ip_address'] = ip bundle = super(UploaderAppResource, self).obj_update(bundle, **kwargs) bundle.obj_update_done = True return bundle
def has_user_already_voted(request, question): if request.user.is_authenticated: already_voted = UserQuestionAnswer.objects.filter( voter=request.user).filter(question=question).exists() else: ip = get_ip(request) already_voted = len([ uqa for uqa in UserQuestionAnswer.objects.filter(ip=ip).filter( question=question) if timezone.now() - uqa.date <= VOTING_NONREG_AMOUNT_OF_TIME ]) >= VOTING_NONREG_AMOUNT_OF_VOTES return already_voted
def auth_ip(request): # Get the IP of the current user, try and match it up to a session. current_ip = get_ip(request) # If there's a basic auth header, perform a check. basic_auth = request.META.get("HTTP_AUTHORIZATION") if basic_auth: # Check basic auth against Azure AD as an alternative to SSO. username, password = base64.b64decode( basic_auth.split(" ", 1)[1].strip()).decode('utf-8').split(":", 1) username = force_email(username) user = shared_id_authenticate(username, password) if not user: user = adal_authenticate(username, password) if user: response = HttpResponse(json.dumps({ 'email': user.email, 'client_logon_ip': current_ip }), content_type='application/json') response["X-email"] = user.email response["X-client-logon-ip"] = current_ip return response # If user has a SSO cookie, do a normal auth check. if request.user.is_authenticated(): return auth(request) # We can assume that the Session and UserSession tables only contain # current sessions. qs = UserSession.objects.filter( session__isnull=False, ip=current_ip).order_by("-session__expire_date") headers = {'client_logon_ip': current_ip} if qs.exists(): user = qs[0].user headers["email"] = user.email try: headers["kmi_roles"] = DepartmentUser.objects.get( email__iexact=user.email).extra_data.get("KMIRoles", '') except: headers["kmi_roles"] = '' response = HttpResponse(json.dumps(headers), content_type='application/json') for key, val in headers.items(): key = "X-" + key.replace("_", "-") response[key] = val return response
def get_client_ip(request): # x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR') # if x_forwarded_for: # ip = x_forwarded_for.split(',')[0] # else: # ip = request.META.get('REMOTE_ADDR') # return ip ip = get_ip(request) if ip is not None: return ip else: return None
def finished(request, akey): ip = get_ip(request) if Hub.objects.filter(secret_key=akey).exists(): this_hub = Hub.objects.get(secret_key=akey) if this_hub.ip != ip: print("Warning: IP of controller changed while lowering?") this_hub.ip = ip this_hub.occupied = False this_hub.save() else: print("Error: latch that doesn't exist claims it was lowered") return render(request, "empty.html")
def create_eservice( request, eservice_type, ): views = getattr( __import__(eservice_type + ".frontend", fromlist=["views"]), "views") created_by_ip = get_ip(request) return views.create( request, created_by_ip, )
def save_model(self): """ Custom method for saving the Model after every step """ if "1-email" in self.request.POST: Email.objects.get_or_create(addresse=self.request.POST["1-email"]) # Create some friendly server logs self.instance.ipaddress = get_ip(self.request) self.instance.save() print("A Record has been saved: " + str(self.instance.__dict__))
def authenticate(self, request, username=None, password=None): ip = get_ip(request) # Database should be set up to only allow unique ips try: user = CustomUser.objects.get( user_ip=ip) # Will fail if multiple users have same ip if user: return user except CustomUser.DoesNotExist: return None
def get_user_ip(request): """Return user ip :param request: Django request object :return: user ip """ ip = get_real_ip(request) if ip is None: ip = get_ip(request) if ip is None: ip = '127.0.0.1' return ip
def process_request(self, request): """ Processes embargo requests """ url = request.path course_id = course_id_from_url(url) course_is_embargoed = EmbargoedCourse.is_embargoed(course_id) # If they're trying to access a course that cares about embargoes if self.site_enabled or course_is_embargoed: response = redirect('embargo') # Set the proper response if site is enabled if self.site_enabled: redirect_url = getattr(settings, 'EMBARGO_SITE_REDIRECT_URL', None) response = HttpResponseRedirect(redirect_url) if redirect_url \ else HttpResponseForbidden('Access Denied') # If we're having performance issues, add caching here ip_addr = get_ip(request) # if blacklisted, immediately fail if ip_addr in IPFilter.current().blacklist_ips: if course_is_embargoed: msg = "Embargo: Restricting IP address %s to course %s because IP is blacklisted." % \ (ip_addr, course_id) else: msg = "Embargo: Restricting IP address %s because IP is blacklisted." % ip_addr log.info(msg) return response # ipv6 support if ip_addr.find(':') >= 0: country_code_from_ip = pygeoip.GeoIP( settings.GEOIPV6_PATH).country_code_by_addr(ip_addr) else: country_code_from_ip = pygeoip.GeoIP( settings.GEOIP_PATH).country_code_by_addr(ip_addr) is_embargoed = country_code_from_ip in EmbargoedState.current( ).embargoed_countries_list # Fail if country is embargoed and the ip address isn't explicitly # whitelisted if is_embargoed and ip_addr not in IPFilter.current( ).whitelist_ips: if course_is_embargoed: msg = "Embargo: Restricting IP address %s to course %s because IP is from country %s." % \ (ip_addr, course_id, country_code_from_ip) else: msg = "Embargo: Restricting IP address %s because IP is from country %s." % \ (ip_addr, country_code_from_ip) log.info(msg) return response
def index(request): """ will render and have the same view as /beta_invite except for message customization. Args: request: Object Returns: Save """ ip = get_ip(request) business.models.Visitor(ip=ip).save() return render(request, cts.INDEX_VIEW_PATH, {'error_message': ''})
def get_context_data(self, **kwargs): context = super(RestrictedMixin, self).get_context_data(**kwargs) user_ip = get_ip(self.request) context['onsite'] = False context['ip'] = user_ip if user_ip == None: context['onsite'] = False else: for ip in settings.SITE_IPS: if user_ip.startswith(ip): context['onsite'] = True return context
def geoip_city(ip=None, request=None): if ip is None and request is not None: ip = get_real_ip(request) or get_ip(request) else: try: print("actual ip : " + ip) if geoip_reader.city(ip).city.name is not None: return geoip_reader.city(ip).city.name else: return 'Inconnue' except: return 'Inconnue'
def vendor_token_create(request, vendor_id): clerk = get_clerk(request) vendor = Vendor.objects.get(id=int(vendor_id)) old_permits = TemporaryAccessPermit.objects.select_for_update().filter( vendor=vendor) for permit in old_permits: TemporaryAccessPermitLog.objects.create( permit=permit, action=TemporaryAccessPermitLog.ACTION_INVALIDATE, address=get_ip(request), peer="{0}/{1}".format(clerk.user.username, clerk.pk), ) old_permits.update(state=TemporaryAccessPermit.STATE_INVALIDATED) numbers = settings.KIRPPU_SHORT_CODE_LENGTH permit, code = None, None for retry in range(60): try: code = random.randint(10**(numbers - 1), 10**numbers - 1) permit = TemporaryAccessPermit.objects.create( vendor=vendor, creator=clerk, short_code=str(code), ) TemporaryAccessPermitLog.objects.create( permit=permit, action=TemporaryAccessPermitLog.ACTION_ADD, address=get_ip(request), peer="{0}/{1}".format(clerk.user.username, clerk.pk), ) break except IntegrityError as e: continue if permit and code: return { "code": code, } else: raise AjaxError(RET_CONFLICT, _("Gave up code generation."))
def clues(request, observerLatitude, observerLongitude, noLeader=False, formSubmit=False): nearbyEggs = [egg for egg in Egg.objects.all() if egg.isClose(observerLatitude, observerLongitude)] if len(nearbyEggs) == 1: egg = nearbyEggs[0] if egg.levelJustEnded: # You've completed your level if noLeader: if egg.finalEnd: return HttpResponseRedirect(reverse('index')) else: egg.visit() return render(request, 'egghunt/clues.html', {'egg': egg}) elif formSubmit: ip = get_ip(request) if ip is None: ip = randrange(0, 10000000) newEntry = LeaderboardEntry(name=str(request.POST['name']), ipAddress = ip, publicationDate=timezone.now(), level=egg.levelJustEnded) newEntry.save() return HttpResponseRedirect(reverse('clues', args=(observerLatitude, observerLongitude))) else: # Test the IP address of the requester ip = get_ip(request) if ip is not None: # Check the IP if ip not in [entry.ipAddress for entry in LeaderboardEntry.objects.filter(level__exact=egg.levelJustEnded)]: canEnter=True else: canEnter=False else: canEnter=True return render(request, 'egghunt/leaderboardEntry.html', {'egg': egg, 'canEnter': canEnter, 'olat': observerLatitude, 'olong': observerLongitude}) else: # This is 'normal' behaviour egg.visit() return render(request, 'egghunt/clues.html', {'egg': egg}) elif len(nearbyEggs) == 0: return render(request, 'egghunt/noegg.html', {}) else: # We should never get here! raise ValueError
def testapi(request): # if get_ip(request) == "10.90.3.182": # print(get_ip(request)) # print(dir(request.POST)) # print(request.POST.keys()) # print(request.POST['information']) # print(request.body) if 'information' in request.POST: # print(get_ip(request)) # print(request.POST['information']) IP = information.objects.filter(IP=get_ip(request)) if get_ip(request) == "172.30.50.98": print(get_ip(request)) print(request.POST['information']) if get_ip(request) == "10.21.8.38": print(get_ip(request)) print(request.POST['information']) if not IP: m = json.loads(request.POST['information'].replace( "'", '"'))['information'] information.objects.create(timestamp = str(int(time.time())), information = request.POST['information'],\ IP = get_ip(request),version=m['version']) else: m = json.loads(request.POST['information'].replace( "'", '"'))['information'] IP.update(timestamp=str(int(time.time())), version=m['version']) # IP.update(information = request.POST['information']) return HttpResponse()
def add_site(request, category_slug, subcategory_slug): context = {} host = request.META['HTTP_HOST'] try: url = request.session['url'] context['url'] = url except KeyError: return redirect('index') user = request.user.username if user: user = user email = request.user.email else: user = get_ip(request) email = None category = Category.objects.get(slug=category_slug) subcategory = SubCategory.objects.filter(category=category).get( slug=subcategory_slug) page = AddNewSite(url, user, email, category, subcategory, date_end=None) form_extended = SiteAddFormFull(initial=page.get_initial_data()) context['form_extended'] = form_extended if request.method == 'POST': form_extended = SiteAddFormFull(request.POST) if form_extended.is_valid(): group = Group.objects.get(id=request.POST["group"]) if form_extended.cleaned_data['kod'] is not None: CodeCheck(form_extended.cleaned_data['kod'], group).code_remove() obj = form_extended.save(commit=False) if obj.group.time == 'T': obj.date_end = datetime.now() + timedelta(days=obj.group.days) obj.keywords = Keywords( form_extended.cleaned_data['keywords']).proper_keywords() obj.save() SendEmail(form_extended.cleaned_data['email'], form_extended.cleaned_data['user'], form_extended.cleaned_data['url'], host).send_confirmation_email() return JsonResponse({ 'success': 'Strona {} została dodana i przekazana do\ moderacji. O akceptacji zostaniesz powiadomiony emailem, który zostanie wysłany na\ adres {}.'.format(obj.url, obj.email) }) else: errors = '' for message in form_extended.errors: errors += str(form_extended.errors[message]) + '\n' return JsonResponse({'error': errors}) else: form_extended = SiteAddFormFull() return render(request, 'mainapp/add_site.html', context)
def wishlist(request): global_wishlist = Wishlist.objects.all().exclude( wishlist_user=request.user.id) user_wishlist = Wishlist.objects.filter(wishlist_user=request.user.id) localip = get_ip(request) usercount = User.objects.all().count() freeitemc = Items.objects.filter(price=0).count() itemcount = Items.objects.values('category').annotate( cate=Count('category')).exclude(itemuser=request.user) zero_value_items = Items.objects.filter(price=0) import collections li = [] for i in zero_value_items: li.append(i.category.category_name) counter = collections.Counter(li) cat = Category.objects.all().exclude(status=False) items = Items.objects.filter(itemuser=request.user) useritemscount = items.count() totcount = sum([tot.price for tot in items]) global_items = Items.objects.all().exclude(itemuser=request.user) global_items_count = global_items.count() global_items_price = sum([tot.price for tot in global_items]) heading = "My" paginator1 = Paginator(items, 10) page1 = request.GET.get('page', 1) items = paginator1.page(page1) try: up = UserFullProfile.objects.get(user=request.user) except: up = '' pass ctx = { 'free_items': sorted(counter.items()), 'itemc': itemcount, 'localip': localip, 'up': up, 'allcat': cat, 'items': items, 'useritemscount': useritemscount, 'totcount': totcount, 'heading': heading, 'global_items_count': global_items_count, 'global_items_price': global_items_price, 'localip': localip, 'u': usercount, 'fc': freeitemc, 'user_wishlist': user_wishlist, 'global_wishlist': global_wishlist } return render(request, 'wishlist.html', ctx)
def checkForAuth(request, redirect): if request.user.is_authenticated(): return render(request, redirect, { 'remote' : 'remote'}) else: ip = get_ip(request) if ip is not None: # if '127.0.0.1' or '192.168.0.209' in ip: if '127.0.0.1' in ip: return render(request, redirect, { 'local' : 'local'}) else: return HttpResponseRedirect('login/') else: return HttpResponseRedirect('login/')
def match_session_ip_or_401(request): """ Compare IP address stored in session with current request's IP. Use BIND_SESSINON_IP_END_USER and BIND_SESSION_IP_STAFF_USER in settings to toggle checking. :raises AuthenticationFailed: If the IP-s do not match. """ current_ip = get_ip(request) session_ip = request.session.get('ip') if request.user.is_staff and settings.BIND_SESSION_IP_STAFF_USER or \ not request.user.is_staff and settings.BIND_SESSION_IP_END_USER: if current_ip != session_ip: raise exceptions.AuthenticationFailed()
def get(self, request, *args, **kwargs): ## set login history login_history = LoginHistory() ## need to set a proxy if they use one... ## get_trusted_ip(request, trusted_proxies=['23.91.45.15']) login_history.ip = get_ip(self.request) login_history.owner = self.request.user login_history.operation = LoginHistory.LOGIN_OUT login_history.save() logout(request) self.messages.success("You've been logged out. Come back soon!") return super(LogOutView, self).get(request, *args, **kwargs)
def get(self, request): code = GeoIP().country(get_ip(self.request))\ .get('country_code', settings.DEFAULT_COUNTRY_CODE) country = None try: country = Country.objects.get(code=code) except Country.DoesNotExist: country = get_object_or_404(Country, code=settings.DEFAULT_COUNTRY_CODE) capital = country.get_capital() if capital is not None: serializer = LocationListSerializer(capital) return Response(serializer.data)
def Content(request): ip = str(get_ip(request)) try: context = Overdue.objects.get(ip_address=ip) template = 'notify/content.html' return render(request, template, { 'item': context, 'name': context.name.split(' ')[0] }) except Overdue.DoesNotExist: raise Http404('No existe')