def sms_code(request): # Check session variables to find information carried forward. access_field = settings.USERNAME_FIELD # This is the key field name. Probably username or email if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" status = "NONE" if settings.DEBUG: print("in accounts.views.sms.sms_code") next = "" # We need to carry the next parameter through if request.GET: next = request.GET['next'] if settings.DEBUG: print("next parameter is:", next) print("Other parameters = ",dict(request.GET.items())) if request.method == 'POST': if request.POST.__contains__(access_field): access_key = request.POST[access_field].lower() print("POST ", access_field ,"on entry:[%s]" % (access_key)) else: if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field].lower() else: access_key = "" if settings.DEBUG: #print("request.POST:%s" % request.POST) print("%s:%s" % (access_field, access_key)) form = SMSCodeForm(request.POST) if form.is_valid(): if not validate_user(request, form.cleaned_data[access_field].lower()): request.session[access_field] = "" # We had a problem # Message error was set in validate_user function status = access_field + " not Recognized" return HttpResponseRedirect(reverse('accounts:sms_code')) else: if settings.DEBUG: print("Valid form with a valid ", access_field) # True if email found in LDAP try: print("Access_Field:", access_field) print("form:AccessField:", form.cleaned_data[access_field].lower()) u = User.objects.get(**{access_field:form.cleaned_data[access_field]}) #.lower() if settings.DEBUG: print("returned u:", u) # u = User.objects.get(username=form.cleaned_data['username']) mfa_required = u.mfa email = u.email if settings.DEBUG: print("Require MFA Login:%s" % mfa_required) if u.is_active: # posting a session variable for login page request.session[access_field] = access_key if mfa_required: trigger = ValidSMSCode.objects.create(user=u) if str(trigger.send_outcome).lower() != "fail": messages.success(request, "A text message was sent to your mobile phone.") status = "Text Message Sent" else: messages.error(request, "There was a problem sending your pin code. Please try again.") status = "Send Error" args = {} if next != "": args['next'] = next if settings.DEBUG: print("redirecting to sms_code with args:", args) return HttpResponseRedirect( reverse('accounts:sms_code', args)) else: messages.success(request, "Your account is active. Continue Login.") status = "Account Active" else: request.session[access_field] = "" messages.error(request, mark_safe("Your account is inactive. If you recently registered to use BlueButton" "\nplease check your email for an activation link.")) status = "Inactive Account" return HttpResponseRedirect( reverse('accounts:sms_code')) except(User.DoesNotExist): # User is in LDAP but not in User Table #u = make_local_user(request, # email=form.cleaned_data['email'].lower()) # DONE: Point to Registration Page # DONE: Redirect user to educate, acknowledge, validate step messages.error(request,mark_safe("You are registered on MyMedicare.gov. " "\nBut not registered for BlueButton." " \nPlease complete the <a href='/registration/register/'>BlueButton Registration</a>")) request.session[access_field] = "" args = {} args[access_field] = form.cleaned_data[access_field].lower() return HttpResponseRedirect("/accounts/learn/0/", access_key) # messages.error(request, "You are not recognized.") # status = "User UnRecognized" #return HttpResponseRedirect( # reverse('accounts:sms_code')) # except(UserProfile.DoesNotExist): # messages.error(request, "You do not have a user profile.") # return HttpResponseRedirect(reverse('sms_code')) if settings.DEBUG: print("dropping out of valid form") print("Status:", status) print("%s: %s" % (access_field, access_key)) # Change the form and move to login form = AuthenticationForm(initial={access_field: access_key}) args = {} args['form'] = form if next == "": args['next'] = "" else: args['next'] = next if settings.DEBUG: print("calling accounts:login with args:", args) call_with = '/accounts/login?next=%s' % next if settings.DEBUG: print("about to call:", call_with) return HttpResponseRedirect(call_with) #return render_to_response('accounts/login.html', # RequestContext(request, {'form': form, # 'next': next})) else: if settings.DEBUG: print("invalid form") # need to make form.username a variable form.username = access_key return render_to_response('accounts/smscode.html', RequestContext(request, {'form': form, 'next': next})) else: if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" if settings.DEBUG: print("setting up the POST in sms_code [", access_key, "]") print("Passing next parameter to form:", next) form = SMSCodeForm(initial={access_field: access_key}) # need to make form.username a variable if settings.USERNAME_FIELD == "email": form.email = access_key else: form.username = access_key if settings.DEBUG: print("form ", access_field, form) print("In the sms_code.get") if settings.DEBUG: print("form:", form) print("Dropping to render_to_response in sms_code with next=", next) return render_to_response('accounts/smscode.html', {'form': form, 'next': next}, RequestContext(request))
def sms_code(request): # Check session variables to find information carried forward. access_field = settings.USERNAME_FIELD # This is the key field name. Probably username or email if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" status = "NONE" if settings.DEBUG: print("in accounts.views.sms.sms_code") next = "" # We need to carry the next parameter through if request.GET: next = request.GET['next'] if settings.DEBUG: print("next parameter is:", next) print("Other parameters = ", dict(request.GET.items())) if request.method == 'POST': if request.POST.__contains__(access_field): access_key = request.POST[access_field].lower() print("POST ", access_field, "on entry:[%s]" % (access_key)) else: if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field].lower() else: access_key = "" if settings.DEBUG: #print("request.POST:%s" % request.POST) print("%s:%s" % (access_field, access_key)) form = SMSCodeForm(request.POST) if form.is_valid(): if not validate_user(request, form.cleaned_data[access_field].lower()): request.session[access_field] = "" # We had a problem # Message error was set in validate_user function status = access_field + " not Recognized" return HttpResponseRedirect(reverse('accounts:sms_code')) else: if settings.DEBUG: print("Valid form with a valid ", access_field) # True if email found in LDAP try: print("Access_Field:", access_field) print("form:AccessField:", form.cleaned_data[access_field].lower()) u = User.objects.get(**{ access_field: form.cleaned_data[access_field] }) #.lower() if settings.DEBUG: print("returned u:", u) # u = User.objects.get(username=form.cleaned_data['username']) mfa_required = u.mfa email = u.email if settings.DEBUG: print("Require MFA Login:%s" % mfa_required) if u.is_active: # posting a session variable for login page request.session[access_field] = access_key if mfa_required: trigger = ValidSMSCode.objects.create(user=u) if str(trigger.send_outcome).lower() != "fail": messages.success( request, "A text message was sent to your mobile phone." ) status = "Text Message Sent" else: messages.error( request, "There was a problem sending your pin code. Please try again." ) status = "Send Error" args = {} if next != "": args['next'] = next if settings.DEBUG: print("redirecting to sms_code with args:", args) return HttpResponseRedirect( reverse('accounts:sms_code', args)) else: messages.success( request, "Your account is active. Continue Login.") status = "Account Active" else: request.session[access_field] = "" messages.error( request, mark_safe( "Your account is inactive. If you recently registered to use BlueButton" "\nplease check your email for an activation link." )) status = "Inactive Account" return HttpResponseRedirect( reverse('accounts:sms_code')) except (User.DoesNotExist): # User is in LDAP but not in User Table #u = make_local_user(request, # email=form.cleaned_data['email'].lower()) # DONE: Point to Registration Page # DONE: Redirect user to educate, acknowledge, validate step messages.error( request, mark_safe( "You are registered on MyMedicare.gov. " "\nBut not registered for BlueButton." " \nPlease complete the <a href='/registration/register/'>BlueButton Registration</a>" )) request.session[access_field] = "" args = {} args[access_field] = form.cleaned_data[access_field].lower( ) return HttpResponseRedirect("/accounts/learn/0/", access_key) # messages.error(request, "You are not recognized.") # status = "User UnRecognized" #return HttpResponseRedirect( # reverse('accounts:sms_code')) # except(UserProfile.DoesNotExist): # messages.error(request, "You do not have a user profile.") # return HttpResponseRedirect(reverse('sms_code')) if settings.DEBUG: print("dropping out of valid form") print("Status:", status) print("%s: %s" % (access_field, access_key)) # Change the form and move to login form = AuthenticationForm(initial={access_field: access_key}) args = {} args['form'] = form if next == "": args['next'] = "" else: args['next'] = next if settings.DEBUG: print("calling accounts:login with args:", args) call_with = '/accounts/login?next=%s' % next if settings.DEBUG: print("about to call:", call_with) return HttpResponseRedirect(call_with) #return render_to_response('accounts/login.html', # RequestContext(request, {'form': form, # 'next': next})) else: if settings.DEBUG: print("invalid form") # need to make form.username a variable form.username = access_key return render_to_response( 'accounts/smscode.html', RequestContext(request, { 'form': form, 'next': next })) else: if access_field in request.session: if request.session[access_field] != "": access_key = request.session[access_field] else: access_key = "" else: access_key = "" if settings.DEBUG: print("setting up the POST in sms_code [", access_key, "]") print("Passing next parameter to form:", next) form = SMSCodeForm(initial={access_field: access_key}) # need to make form.username a variable if settings.USERNAME_FIELD == "email": form.email = access_key else: form.username = access_key if settings.DEBUG: print("form ", access_field, form) print("In the sms_code.get") if settings.DEBUG: print("form:", form) print("Dropping to render_to_response in sms_code with next=", next) return render_to_response('accounts/smscode.html', { 'form': form, 'next': next }, RequestContext(request))
def sms_code(request): if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" status = "NONE" if settings.DEBUG: print("in accounts.views.sms.sms_code") if request.method == 'POST': if request.POST.__contains__('email'): email = request.POST['email'].lower() print("POST email on entry:[%s]" % (email)) else: if 'email' in request.session: if request.session['email'] != "": email = request.session['email'].lower() else: email = "" if settings.DEBUG: #print("request.POST:%s" % request.POST) print("email:%s" % email) form = SMSCodeForm(request.POST) if form.is_valid(): if not validate_user(request, form.cleaned_data['email'].lower()): request.session['email'] = "" # We had a problem # Message error was set in validate_user function status = "Email UnRecognized" return HttpResponseRedirect(reverse('accounts:sms_code')) else: if settings.DEBUG: print("Valid form with a valid email") # True if email found in LDAP try: u = User.objects.get(email=form.cleaned_data['email'].lower()) if settings.DEBUG: print("returned u:", u) # u=User.objects.get(email=form.cleaned_data['email'].lower()) mfa_required = u.mfa email = u.email if settings.DEBUG: print("Require MFA Login:%s" % mfa_required) if u.is_active: # posting a session variable for login page request.session['email'] = email if mfa_required: trigger = ValidSMSCode.objects.create(user=u) if str(trigger.send_outcome).lower() != "fail": messages.success(request, "A text message was sent to your mobile phone.") status = "Text Message Sent" else: messages.error(request, "There was a problem sending your pin code. Please try again.") status = "Send Error" return HttpResponseRedirect( reverse('accounts:sms_code')) else: messages.success(request, "Your account is active. Continue Login.") status = "Account Active" else: request.session['email'] = "" messages.error(request, mark_safe("Your account is inactive. If you recently registered to use BlueButton" "\nplease check your email for an activation link.")) status = "Inactive Account" return HttpResponseRedirect( reverse('accounts:sms_code')) except(User.DoesNotExist): # User is in LDAP but not in User Table #u = make_local_user(request, # email=form.cleaned_data['email'].lower()) # DONE: Point to Registration Page # DONE: Redirect user to educate, acknowledge, validate step messages.error(request,mark_safe("You are registered on MyMedicare.gov. " "\nBut not registered for BlueButton." " \nPlease complete the <a href='/registration/register/'>BlueButton Registration</a>")) request.session['email'] = "" args = {} args['email'] = form.cleaned_data['email'].lower() return HttpResponseRedirect("/accounts/learn/0/", email) # messages.error(request, "You are not recognized.") # status = "User UnRecognized" #return HttpResponseRedirect( # reverse('accounts:sms_code')) # except(UserProfile.DoesNotExist): # messages.error(request, "You do not have a user profile.") # return HttpResponseRedirect(reverse('sms_code')) if settings.DEBUG: print("dropping out of valid form") print("Status:", status) print("email: %s" % email) # Change the form and move to login form = AuthenticationForm(initial={'email': email}) args = {} args['form'] = form return HttpResponseRedirect(reverse('accounts:login'), args) else: if settings.DEBUG: print("invalid form") form.email = email return render_to_response('accounts/smscode.html', RequestContext(request, {'form': form})) else: if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" if settings.DEBUG: print("setting up the POST in sms_code [", email, "]") form = SMSCodeForm(initial={'email': email, }) form.email = email if settings.DEBUG: # print("form email", form.email) print("In the sms_code.get") if settings.DEBUG: #print(form) print("Dropping to render_to_response in sms_code") return render_to_response('accounts/smscode.html', {'form': form}, RequestContext(request))
def sms_code(request): if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" status = "NONE" if settings.DEBUG: print("in accounts.views.sms.sms_code") if request.method == 'POST': if request.POST.__contains__('email'): email = request.POST['email'] print("POST email on entry:[%s]" % (email)) else: if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" if settings.DEBUG: print("request.POST:%s" % request.POST) print("email:%s" % email) form = SMSCodeForm(request.POST) if form.is_valid(): try: u = User.objects.get(email=form.cleaned_data['email']) mfa_required = u.mfa email = u.email if settings.DEBUG: print("Require MFA Login:%s" % mfa_required) if u.is_active: # posting a session variable for login page request.session['email'] = email if mfa_required: trigger = ValidSMSCode.objects.create(user=u) if str(trigger.send_outcome).lower() != "fail": messages.success( request, "A text message was sent to your mobile phone." ) status = "Text Message Sent" else: messages.error( request, "There was a problem sending your pin code. Please try again." ) status = "Send Error" return HttpResponseRedirect( reverse('accounts:sms_code')) else: messages.success( request, "Your account is active. Continue Login.") status = "Account Active" else: request.session['email'] = "" messages.error(request, "Your account is inactive.") status = "Inactive Account" return HttpResponseRedirect(reverse('accounts:sms_code')) except (User.DoesNotExist): request.session['email'] = "" messages.error(request, "You are not recognized.") status = "User UnRecognized" return HttpResponseRedirect(reverse('accounts:sms_code')) # except(UserProfile.DoesNotExist): # messages.error(request, "You do not have a user profile.") # return HttpResponseRedirect(reverse('sms_code')) if settings.DEBUG: print("dropping out of valid form") print("Status:", status) print("email: %s" % email) # Change the form and move to login form = AuthenticationForm(initial={'email': email}) args = {} args['form'] = form return HttpResponseRedirect(reverse('accounts:login'), args) else: if settings.DEBUG: print("invalid form") form.email = email return render_to_response('accounts/login.html', RequestContext(request, {'form': form})) else: if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" if settings.DEBUG: print("setting up the POST in sms_code [", email, "]") form = SMSCodeForm(initial={ 'email': email, }) form.email = email if settings.DEBUG: print("form email", form.email) if settings.DEBUG: print(form) return render_to_response('accounts/smscode.html', {'form': form}, RequestContext(request))
def sms_code(request): if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" status = "NONE" if settings.DEBUG: print("in accounts.views.sms.sms_code") if request.method == 'POST': if request.POST.__contains__('email'): email = request.POST['email'] print("POST email on entry:[%s]" % (email)) else: if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" if settings.DEBUG: print("request.POST:%s" % request.POST) print("email:%s" % email) form = SMSCodeForm(request.POST) if form.is_valid(): try: u=User.objects.get(email=form.cleaned_data['email']) mfa_required = u.mfa email = u.email if settings.DEBUG: print("Require MFA Login:%s" % mfa_required) if u.is_active: # posting a session variable for login page request.session['email'] = email if mfa_required: trigger = ValidSMSCode.objects.create(user=u) if str(trigger.send_outcome).lower() != "fail": messages.success(request, "A text message was sent to your mobile phone.") status = "Text Message Sent" else: messages.error(request, "There was a problem sending your pin code. Please try again.") status = "Send Error" return HttpResponseRedirect(reverse('accounts:sms_code')) else: messages.success(request, "Your account is active. Continue Login.") status = "Account Active" else: request.session['email'] = "" messages.error(request, "Your account is inactive.") status = "Inactive Account" return HttpResponseRedirect(reverse('accounts:sms_code')) except(User.DoesNotExist): request.session['email'] = "" messages.error(request, "You are not recognized.") status = "User UnRecognized" return HttpResponseRedirect(reverse('accounts:sms_code')) # except(UserProfile.DoesNotExist): # messages.error(request, "You do not have a user profile.") # return HttpResponseRedirect(reverse('sms_code')) if settings.DEBUG: print("dropping out of valid form") print("Status:", status) print("email: %s" % email) # Change the form and move to login form = AuthenticationForm(initial={'email':email}) args = {} args['form'] = form return HttpResponseRedirect(reverse('accounts:login'),args ) else: if settings.DEBUG: print("invalid form") form.email = email return render_to_response('accounts/login.html', RequestContext(request, {'form': form})) else: if 'email' in request.session: if request.session['email'] != "": email = request.session['email'] else: email = "" else: email = "" if settings.DEBUG: print("setting up the POST in sms_code [",email, "]" ) form = SMSCodeForm(initial={'email': email, }) form.email = email if settings.DEBUG: print("form email",form.email) if settings.DEBUG: print(form) return render_to_response('accounts/smscode.html', {'form': form }, RequestContext(request))