def post(self, request, *args, **kwargs): if not request.data.get("password"): return Response(responsedata(False, "Password is required"), status=status.HTTP_400_BAD_REQUEST) if not User.objects.filter(email=request.data.get('email')).exists(): return Response(responsedata(False, "No User found"), status=status.HTTP_404_NOT_FOUND) if not User.objects.get( email=request.data.get('email')).check_password( request.data.get("password")): return Response(responsedata(False, "Incorrect Password"), status=status.HTTP_400_BAD_REQUEST) if request.data.get('email'): user = User.objects.get(email=request.data.get('email')) request.data['uuid'] = user.uuid user = authenticate(email=request.data.get('email'), password=request.data.get('password')) login(request, user) serializer = TokenObtainPairSerializer(data=request.data) if serializer.is_valid(raise_exception=True): data = serializer.validate(request.data) data['user'] = User.objects.filter( uuid=request.data.get('uuid')).values() return Response(responsedata(True, "Sign in Successful", data), status=status.HTTP_200_OK) return Response(responsedata(False, "Something went wrong"), status=status.HTTP_400_BAD_REQUEST)
def process_register_form(request, auth_method='session'): form = NewUserForm( request.POST) if auth_method == 'session' else NewUserFormAPI( request.POST) token_dict = None if form.is_valid(): try: with transaction.atomic(): new_user = form.save() user = authenticate(email=form.cleaned_data['email'], password=form.cleaned_data['password1']) p = UserProfile(id=user.id) p.assign_slug() p.join_invited_groups() if PARTNER_GROUP_EMAIL_PATTERN_LOOKUP_FILE: p.add_partner_group_by_email() if hasattr(request, "interfaceLang"): p.settings["interface_language"] = request.interfaceLang p.save() except Exception: return {"error": "something went wrong"} if auth_method == 'session': auth_login(request, user) elif auth_method == 'jwt': token_dict = TokenObtainPairSerializer().validate({ "username": form.cleaned_data['email'], "password": form.cleaned_data['password1'] }) return { k: v[0] if len(v) > 0 else unicode(v) for k, v in form.errors.items() }, token_dict, form
def process_register_form(request, auth_method='session'): form = SefariaNewUserForm( request.POST) if auth_method == 'session' else SefariaNewUserFormAPI( request.POST) token_dict = None if form.is_valid(): with transaction.atomic(): new_user = form.save() user = authenticate(email=form.cleaned_data['email'], password=form.cleaned_data['password1']) p = UserProfile(id=user.id) p.assign_slug() p.join_invited_collections() if hasattr(request, "interfaceLang"): p.settings["interface_language"] = request.interfaceLang p.save() if auth_method == 'session': auth_login(request, user) elif auth_method == 'jwt': token_dict = TokenObtainPairSerializer().validate({ "username": form.cleaned_data['email'], "password": form.cleaned_data['password1'] }) return { k: v[0] if len(v) > 0 else str(v) for k, v in list(form.errors.items()) }, token_dict, form
def post(self, request, *args, **kwargs): try: serializer = RegistrationSerializer(data=request.data) if serializer.is_valid(): validated_data = serializer.validated_data created, profile_id, message = serializer.create( validated_data=validated_data) if created: tokenr = TokenObtainPairSerializer().\ get_token(request.user) tokena = AccessToken().for_user(request.user) logged_in_user = User.objects.get(id=profile_id) return Response({ 'created': True, 'user_id': profile_id }, status=status.HTTP_200_OK) else: print(logger) logger.debug('Error') return Response({'message': message}, status=status.HTTP_400_BAD_REQUEST) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) except Exception as e: print(e) logger.errors(e) return Response({'message': 'Issue'}, status=status.HTTP_409_CONFLICT)
def signup(request): if request.method == "POST": if request.data['password1'] == request.data["password2"]: user = {} if request.data['university'] is not '': universityObject, created = University.objects.get_or_create( title=request.data["university"]) if universityObject is None: universityObject = created user = User.objects.create_user( email=request.data['email'], password=request.data['password1'], university=request.data["university"], nickname=request.data['nickname'], ) else: user = User.objects.create_user( email=request.data['email'], password=request.data['password1'], nickname=request.data['nickname'], ) serializer = TokenObtainPairSerializer( data={ 'email': request.data['email'], 'password': request.data['password1'] }) if serializer.is_valid(): serializer.validated_data['university'] = request.data[ 'university'] serializer.validated_data['nickname'] = request.data[ 'nickname'] return Response(serializer.validated_data)
def post(self, request): username = request.data.get('username') password = request.data.get('password') errors = [] if not username: errors.append('username cannot be empty') if not password: errors.append('password cannot be empty') if errors: return Response( {'info': errors}, status=status.HTTP_400_BAD_REQUEST, ) user = authenticate( request, username=username, password=password, ) if user is None: return Response( {'info': ['Invalid login credentials']}, status=status.HTTP_400_BAD_REQUEST, ) serializer = TokenObtainPairSerializer(data=request.data) try: serializer.is_valid(raise_exception=True) except TokenError as e: # TODO: why would this happen? raise InvalidToken(e.args[0]) jwtResponse = Response(serializer.validated_data, status=status.HTTP_200_OK) jwtResponse.data['username'] = user.username return jwtResponse
class UserWriteSerializer(serializers.ModelSerializer): username = serializers.CharField( required=True, validators=[UniqueValidator(queryset=get_user_model().objects.all(), message="Username already exists.")], label="username", ) password = serializers.CharField(required=True, write_only=True, min_length=9, label="password") registration_token = serializers.CharField(label="registration_token", read_only=True) token = TokenObtainPairSerializer(read_only=True, label="token") class Meta: model = get_user_model() fields = ["username", "registration_token", "password", "token"] def create(self, validated_data): password = validated_data.pop("password") user = super().create(validated_data) user.set_password(password) user.save() return user def validate_registration_token(self, token): if token is None or token == "": raise serializers.ValidationError("registration token is required.") if token == settings.REGISTER_TOKEN: return token raise serializers.ValidationError("Invalid registration token.")
def post(self, request, format=None): """ include validations here later """ email = request.data.get('email') new_password = request.data.get('password') confirm_password = request.data.get('confirm_password') if str(new_password) != str(confirm_password): message = {"message": "Both passwords must match."} return Response(message, status=status.HTTP_406_NOT_ACCEPTABLE) user = MyUser.objects.get(email__iexact=email) user.set_password(new_password) user.save() #getting token r_token = TokenObtainPairSerializer().get_token(request.user) a_token = AccessToken().for_user(request.user) tokens = { 'refresh': str(r_token), 'access': str(a_token), 'my_pk': user.pk } message = {"message": "Password Changed."} return Response(tokens, status=status.HTTP_202_ACCEPTED)
def get_token(self, username, password): s = TokenObtainPairSerializer(data={ TokenObtainPairSerializer.username_field: self.username, 'password': self.password, }) self.assertTrue(s.is_valid()) return s.validated_data['access']
def get_token(name, password): """Возвращает jwt-токен для пользователя с логином name и паролем password Возвращает None, если такого пользователя не существует""" user = authenticate(username=name, password=password) if user: token = TokenObtainPairSerializer().get_token(user) return token else: return None
def login(request): auth = { "username": request.data["username"], "password": request.data["password"] } tokens = TokenObtainPairSerializer(auth).validate(auth) return Response(data=tokens)
def mock_token(django_user_model): """Mock token""" data = {"name": "icaro", "email": "*****@*****.**", "password": "******"} django_user_model.objects.create_user(username="******", **data) data = {"email": data["email"], "password": data["password"]} token = TokenObtainPairSerializer(data=data) if token.is_valid(): headers = { "HTTP_AUTHORIZATION": f'Bearer {token.validated_data["access"]}' } return headers
def post(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) phone_number = serializer.validated_data['phone_number'] user = User.objects.filter(phone_number=phone_number).first() token = TokenObtainPairSerializer().get_token(user) data = serializer.data data.update({'username': user.username}) data.update({'refresh': str(token)}) data.update({'access': str(token.access_token)}) return Response(data, status=status.HTTP_200_OK)
def create(self, request, *args, **kwargs): serializer = self.get_serializer(data=request.data) serializer.is_valid(raise_exception=True) user = self.perform_create(serializer) data = serializer.data token = TokenObtainPairSerializer().get_token(user) data.update({'username': user.username}) data.update({'refresh': str(token)}) data.update({'access': str(token.access_token)}) headers = self.get_success_headers(serializer.data) return Response(data, status=status.HTTP_201_CREATED, headers=headers)
def user_login_view(request, form): email = form.cleaned_data['email'] password = form.cleaned_data['password'] user_obj = User.objects.get(email=email) if user_obj.check_password(password): serializer = TokenObtainPairSerializer(data=form.cleaned_data) token = serializer.validate({'email': email, 'password': password}) user_obj.last_login = datetime.now() user_obj.save() serializer = AuthUserSerializer(instance=user_obj, many=False) data = {'user': serializer.data, 'token': token['access']} return Response(data, status=status.HTTP_400_BAD_REQUEST) else: return Response({"data": "Password is not Correct"}, status=status.HTTP_400_BAD_REQUEST)
def post(self, request, format='json'): serializer = UserSerializer(data=request.data) if serializer.is_valid(): user = serializer.save() if user: tokenr = TokenObtainPairSerializer().get_token(user) tokena = AccessToken().for_user(user) return Response({ 'access': str(tokenr), 'refresh': str(tokena) }, status=status.HTTP_201_CREATED) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def get_response_data(self, data): if allauth_account_settings.EMAIL_VERIFICATION == \ allauth_account_settings.EmailVerificationMethod.MANDATORY: return { "detail": "Verification email sent." } data = { "username": data.get('username'), "password": data.get('password1') } try: return TokenObtainPairSerializer().validate(data) except TokenError as e: raise InvalidToken(e.args[0])
def test_it_should_produce_a_json_web_token_when_valid(self): s = TokenObtainPairSerializer(context=MagicMock(), data={ TokenObtainPairSerializer.username_field: self.username, 'password': self.password, }) self.assertTrue(s.is_valid()) self.assertIn('access', s.validated_data) self.assertIn('refresh', s.validated_data) # Expecting token type claim to be correct for both tokens. If this is # the case, instantiating appropriate token subclass instances with # encoded tokens should not raise an exception. AccessToken(s.validated_data['access']) RefreshToken(s.validated_data['refresh'])
def token_obtain_pair_handler(username, password): """ Takes a set of user credentials and returns an access and refresh JSON web token pair to prove the authentication of those credentials. """ ser = TokenObtainPairSerializer(data={ get_username_field(): username, 'password': password }) ser.is_valid(raise_exception=True) update_last_login(None, ser.user) res = dict(refresh=ser.validated_data.get('refresh'), access=ser.validated_data.get('access'), user=UserSerializer(ser.user).data) return res
def process_register_form(request, auth_method='session'): from sefaria.utils.util import epoch_time from sefaria.helper.file import get_resized_file import hashlib import urllib.parse, urllib.request from google.cloud.exceptions import GoogleCloudError from PIL import Image form = SefariaNewUserForm(request.POST) if auth_method == 'session' else SefariaNewUserFormAPI(request.POST) token_dict = None if form.is_valid(): with transaction.atomic(): new_user = form.save() user = authenticate(email=form.cleaned_data['email'], password=form.cleaned_data['password1']) p = UserProfile(id=user.id) p.assign_slug() p.join_invited_collections() if hasattr(request, "interfaceLang"): p.settings["interface_language"] = request.interfaceLang # auto-add profile pic from gravatar if exists email_hash = hashlib.md5(p.email.lower().encode('utf-8')).hexdigest() gravatar_url = "https://www.gravatar.com/avatar/" + email_hash + "?d=404&s=250" try: with urllib.request.urlopen(gravatar_url) as r: bucket_name = GoogleStorageManager.PROFILES_BUCKET with Image.open(r) as image: now = epoch_time() big_pic_url = GoogleStorageManager.upload_file(get_resized_file(image, (250, 250)), "{}-{}.png".format(p.slug, now), bucket_name, None) small_pic_url = GoogleStorageManager.upload_file(get_resized_file(image, (80, 80)), "{}-{}-small.png".format(p.slug, now), bucket_name, None) p.profile_pic_url = big_pic_url p.profile_pic_url_small = small_pic_url except urllib.error.HTTPError as e: logger.info("The Gravatar server couldn't fulfill the request. Error Code {}".format(e.code)) except urllib.error.URLError as e: logger.info("HTTP Error from Gravatar Server. Reason: {}".format(e.reason)) except GoogleCloudError as e: logger.warning("Error communicating with Google Storage Manager. {}".format(e)) p.save() if auth_method == 'session': auth_login(request, user) elif auth_method == 'jwt': token_dict = TokenObtainPairSerializer().validate({"username": form.cleaned_data['email'], "password": form.cleaned_data['password1']}) return { k: v[0] if len(v) > 0 else str(v) for k, v in list(form.errors.items()) }, token_dict, form
def post(self, request, *args, **kwargs): try: info = list( User.objects.filter(email=request.data.get("email")).values( 'uuid', 'email', 'username')) info = info[0] except: return Response(responsedata(False, "No User found"), status=status.HTTP_404_NOT_FOUND) if not request.data.get('email'): return Response(responsedata(False, "Email Id is required"), status=status.HTTP_405_METHOD_NOT_ALLOWED) if not request.data.get("password"): return Response(responsedata(False, "Password is required"), status=status.HTTP_405_METHOD_NOT_ALLOWED) if not User.objects.filter(email=request.data.get("email")).exists(): return Response(responsedata(False, "No user found with this Email Id"), status=status.HTTP_404_NOT_FOUND) if User.objects.filter(email=request.data.get("email")).exists(): user = list( User.objects.filter( email=request.data.get("email")).values())[0] if not User.objects.get( email=request.data.get("email")).check_password( request.data.get("password")): print( User.objects.get( email=request.data.get("email")).get_password()) return Response(responsedata(False, "Incorrect Password"), status=status.HTTP_404_NOT_FOUND) serializer = TokenObtainPairSerializer(data=request.data) if serializer.is_valid(raise_exception=True): data = serializer.validate(request.data) data.update({"Access-Control-Expose-Headers": "access"}) data.update(info) if serializer.User.is_active: return Response(responsedata(True, "Login Successfull", data), status=200) else: return Response(responsedata(False, "Please Validate Your Email Id"), status=400)
def token(self, request, *args, **kwargs): """ Token Takes a set of user credentials and returns an access and refresh JSON web token pair to prove the authentication of those credentials. """ serializer = TokenObtainPairSerializer(data=request.data) try: serializer.is_valid(raise_exception=True) except TokenError as e: raise InvalidToken(e.args[0]) return response.Response(serializer.validated_data, status=status.HTTP_200_OK)
def post(self, request): errors = [] if not request.data.get('username'): errors.append('username cannot be empty') if not request.data.get('email'): errors.append('email cannot be empty') if not request.data.get('password'): errors.append('password cannot be empty') elif len(request.data['password']) < 8: errors.append('password must be at least 8 characters long') if errors: return Response( {'info': errors}, status=status.HTTP_400_BAD_REQUEST, ) # create the user user_serializer = UserSerializer(data=request.data) try: user_serializer.is_valid(raise_exception=True) except Exception as e: return Response( {'info': list(e.detail.values())}, status=status.HTTP_400_BAD_REQUEST, ) new_user = user_serializer.save() # create the profile profile_data = {'user': new_user.pk} profile_serializer = ProfileSerializer(data=profile_data) profile_serializer.is_valid(raise_exception=True) new_profile = profile_serializer.save() # create and return the jwts jwt_serializer = TokenObtainPairSerializer(data=request.data) try: jwt_serializer.is_valid(raise_exception=True) except TokenError as e: raise InvalidToken(e.args[0]) jwtResponse = Response(jwt_serializer.validated_data, status=status.HTTP_200_OK) jwtResponse.data['username'] = new_user.username return jwtResponse
def post(self, request, *args, **kwargs): if request.data: request.POST._mutable = True data = request.data data['Pass'] = data.get('password') if User.objects.filter(email=data.get('email')).values().exists(): Response(responsedata(False, "User already present"), status=status.HTTP_409_CONFLICT) data['is_active'] = True serializer = UserSerializer(data=data) if serializer.is_valid(raise_exception=True): serializer.save() tokenserializer = TokenObtainPairSerializer( data={ "email": request.data.get("email"), "password": request.data.get("password") }) if tokenserializer.is_valid(raise_exception=True): data = tokenserializer.validate({ "email": request.data.get("email"), "password": request.data.get("password") }) tempid = serializer.data.get("uuid") else: return Response(responsedata(False, "Can't insert data"), status=400) respdata = { 'uuid': tempid, 'data': data, 'username': serializer.data['username'], 'email': serializer.data['email'], } return Response(responsedata(True, "Data Inserted", respdata), status=200) else: return Response(responsedata(False, "No data provided"), status=412)
def post(self, request): # TG_REACT_UPGRADE: Code is copied over to correctly create Organizations serializer = self.serializer_class(data=request.data, context={'request': request}) if serializer.is_valid(): data: dict = serializer.validated_data.copy() password = data.pop('password', None) user = get_user_model()(**data) user.set_password(password) user.save() serializer = TokenObtainPairSerializer(data={ 'email': user.email, 'password': password }) serializer.is_valid() # serializer = TokenObtainPairSerializer(data=request.data) return Response(serializer.validated_data) return Response({'errors': serializer.errors}, status=status.HTTP_400_BAD_REQUEST)
def tokens(self, request, *args, **kwargs): token_obtain_pair_serializer = TokenObtainPairSerializer( data=request.data) token_obtain_pair_serializer.is_valid(raise_exception=True) user = User.objects.get(email=request.data['email']) is_exist_profile = hasattr(user, 'profile') response_data = { **token_obtain_pair_serializer.validated_data, 'user': user, 'profile': user.profile if is_exist_profile else None, 'coin_history': CoinHistory.objects.filter(profile=user.profile).order_by('-id') if is_exist_profile else [], } serializer = self.get_serializer(response_data) return Response(data=serializer.data, status=status.HTTP_200_OK)
def Signin(request): try: user = authenticate(username=request.data.get("email"), password=request.data.get("password")) if user is not None: tokenObtainPairObj = TokenObtainPairSerializer() data_access_refresh_token_dict = tokenObtainPairObj.validate( request.data) data_access_refresh_token_dict.update( {"user": serializers.UserProfileSerializer(user).data}) return Response(data_access_refresh_token_dict) else: return Response({"error": "Authentication Failure"}, status=status.HTTP_401_UNAUTHORIZED) except Exception as e: logger.exception("Token exception : %s", e) return Response( { "error": "Internal Server Error. We are extreamly sorry for the inconvenience. We will be back soon." }, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
def post(self, request): email = request.data.get('email') client_otp = request.data.get('otp') try: email_to_verify = OtpModel.objects.get(email__iexact=email) except OtpModel.DoesNotExist: message = {'message': 'Register First'} return Response(message ,status= status.HTTP_401_UNAUTHORIZED) print(email_to_verify.otp) print(client_otp) verifying_time = int(time.time()) if (verifying_time - email_to_verify.at_time)>300: error_detail = {'message': "OTP Expired"} email_to_verify.delete() return Response(error_detail, status.HTTP_403_FORBIDDEN) if email_to_verify.otp != int(client_otp): message = {'message': 'Wrong OTP'} return Response(message ,status = status.HTTP_401_UNAUTHORIZED) user_to_allow = MyUser.objects.get(email=email) user_to_allow.is_active=True user_to_allow.save() #print(user_to_allow.is_active) email_to_verify.delete() #getting token r_token = TokenObtainPairSerializer().get_token(request.user) a_token = AccessToken().for_user(request.user) tokens = { 'refresh': str(r_token), 'access': str(a_token), 'my_pk': user_to_allow.pk } message = {'message': 'Email Verified.'} return Response(tokens, status = status.HTTP_200_OK)
def get(self, request): # Забираем код авторизации из GET параметра authorization_code = request.GET['code'] # Отправляем запрос на получение токена obtain_isu = requests.post( 'https://login.itmo.ru/cas/oauth2.0/accessToken?' 'grant_type=authorization_code&' f'client_id={settings.ISU["ISU_CLIENT_ID"]}&' f'client_secret={settings.ISU["ISU_CLIENT_SECRET"]}&' f'code={authorization_code}&' f'redirect_uri={settings.ISU["ISU_REDIRECT_URI"]}').json() # Проверяем правильный ли ответ от ИСУ if 'access_token' in obtain_isu: # Получаем информацию о пользователе isu_profile = requests.get( 'https://login.itmo.ru/cas/oauth2.0/profile?' f'access_token={obtain_isu["access_token"]}').json() User = get_user_model() # Из чего будем собирать пароль password_rule = (f'{isu_profile["id"]}' f'{isu_profile["first_name"]}').encode('utf-8') password = hashlib.sha256(password_rule).hexdigest() # Проверяем есть ли пользователь в системе is_registered = User.objects.filter( username=isu_profile['id']).exists() # Если пользователя нет, то регистрируем if not is_registered: #reg = True User.objects.create_user(username=isu_profile['id'], password=password, first_name=isu_profile['first_name'], last_name=isu_profile['surname'], isu_number=isu_profile['id'], is_active=True) try: User.objects.patronymic = isu_profile['patronymic'] except: pass #if reg: groups = [ "rpd_developer", "education_plan_developer", "op_leader", "student" ] User = User.objects.get(username=isu_profile['id']) for group in groups: User.groups.add(Group.objects.get(name=group)) # Авторизация User = get_user_model() user = User.objects.get(username=isu_profile['id']) refresh_token = TokenObtainPairSerializer().get_token(user) access_token = AccessToken().for_user(user) return HttpResponseRedirect( f"https://op.itmo.ru/sign-in/{access_token}/{refresh_token}")
def login(self, request): serializer = TokenObtainPairSerializer(data=request.data) serializer.is_valid(raise_exception=True) return Response(serializer.validated_data , status=200)