def handle(self, *args, **options): passwd = getpass.getpass("Enter password:"******"User with such email/username already exists.") u = user_model.objects.create_superuser(options['name'], options['email'], passwd) u.save() email_entity = EmailAddress(email=options['email'], verified=True, primary=True, user=u) email_entity.save() email_confirmation_entity = EmailConfirmation( email_address=email_entity, created=timezone.now() - datetime.timedelta(days=1), sent=timezone.now() - datetime.timedelta(hours=12), key=str(uuid.uuid4()).replace('-', '')) email_confirmation_entity.save() self.stdout.write( 'Successfully created superuser {0} with confirmed email address {1}' .format(options['name'], options['email']))
def create_verified_user(invitation): password = uuid4().hex user = User.objects.create_user(invitation.email, invitation.email, password) req = None email_address = EmailAddress.objects\ .add_email(req, user, invitation.email, confirm=False, signup=False) email_address.verified = True email_address.primary = True email_address.save() econfirm = EmailConfirmation(email_address=email_address, key=invitation.verification_key.hex) econfirm.save() return user
def run_test(self, request, *args, **kwargs): """Create a new user and grant them full access rights.""" user = User.objects.create_user( 'admin', request.POST['email_'], request.POST['pass_'] ) user.is_staff = True user.is_superuser = True user.save() cache.set('number_of_users', None, 0) from apostello.models import UserProfile profile = UserProfile.objects.get_or_create(user=user)[0] profile.approved = True profile.save() # we don't want to send the admin an email confirmation from allauth.account.models import EmailAddress, EmailConfirmation email = EmailAddress.objects.create( user=user, email=request.POST['email_'], ) email.save() email_confirm = EmailConfirmation.create(email_address=email) email_confirm.save() email = EmailAddress.objects.get(email=request.POST['email_']) email.verified = True email.primary = True email.save()
def get_email_verification_link(self): email_address = self.emailaddress_set.last() email_confirmation = EmailConfirmation.create(email_address) email_confirmation.sent = timezone.now() email_confirmation.save() return reverse("account_confirm_email", args=[email_confirmation.key])
def _success_email_notifications(self, user, new_order): confirmation = None user_message_context = { 'order': new_order, } user_requires_confirmation = not EmailAddress.objects.filter( user=user).exists() if settings.NEW_USERS_CONFIRMATION_ENABLED and user_requires_confirmation: # Email notification to new user with activation link email_object = setup_user_email(self.context['request'], user, []) confirmation = EmailConfirmation.create(email_object) confirmation_link = reverse('users:user_confirm_email', kwargs={'key': confirmation.key}) user_message_context['confirmation_link'] = confirmation_link user_message_context.update(self._additional_order_email_context) notify_users([user], ORDER_REGISTRATION_MESSAGE_SUBJECT, 'sales/email/order_registration.txt', 'sales/email/order_registration.html', user_message_context) if settings.NEW_USERS_CONFIRMATION_ENABLED and user_requires_confirmation: # allauth.account.models.EmailConfirmation#send confirmation.sent = timezone.now() confirmation.save() admin_content = render_to_string('sales/email/order_alert.txt', user_message_context) mail_managers("New Order from " + new_order.user.customer.company_name, admin_content)
def get_unsubscribe_url(self): email_adress = EmailAddress.objects.get(email=self.user.email) try: key = email_adress.emailconfirmation_set.latest('created').key except: key = EmailConfirmation.create(email_adress).key return reverse('unsubscribe', kwargs={'email': self.user.email, 'key': key})
def create_verified_user(invitation): User = get_user_model() # Instead of setting the users password to some UUID hex string. # Calling create_user without a password whis will call # set_unusable_password() and enable the use of has_usable_password() on # the user object. user = User.objects.create_user(invitation.email, invitation.email) req = None email_address = EmailAddress.objects\ .add_email(req, user, invitation.email, confirm=False, signup=False) email_address.verified = True email_address.primary = True email_address.save() econfirm = EmailConfirmation(email_address=email_address, key=invitation.verification_key.hex) econfirm.save() return user
def test_email_confirmation_hmac_falls_back(self): user = self._create_user() email = EmailAddress.objects.create( user=user, email="*****@*****.**", verified=False, primary=True ) confirmation = EmailConfirmation.create(email) confirmation.sent = now() confirmation.save() self.client.post(reverse("account_confirm_email", args=[confirmation.key])) email = EmailAddress.objects.get(pk=email.pk) self.assertTrue(email.verified)
def handle(self, *args, **options): passwd = getpass.getpass("Enter password:"******"User with such email/username already exists.") u = user_model.objects.create_superuser( options['name'], options['email'], passwd ) u.save() email_entity = EmailAddress( email=options['email'], verified=True, primary=True, user=u ) email_entity.save() email_confirmation_entity = EmailConfirmation( email_address=email_entity, created=timezone.now() - datetime.timedelta(days=1), sent=timezone.now() - datetime.timedelta(hours=12), key=str(uuid.uuid4()).replace('-', '') ) email_confirmation_entity.save() self.stdout.write( 'Successfully created superuser {0} with confirmed email address {1}'.format( options['name'], options['email'] ) )
def test_email_confirmation_hmac_falls_back(self): user = self._create_user() email = EmailAddress.objects.create( user=user, email='*****@*****.**', verified=False, primary=True) confirmation = EmailConfirmation.create(email) confirmation.sent = now() confirmation.save() self.client.post( reverse('account_confirm_email', args=[confirmation.key])) email = EmailAddress.objects.get(pk=email.pk) self.assertTrue(email.verified)
def preSave_UserInfo(sender, instance, **kwargs): # Check if there is EmailAddress created, because this signal is fired after profile is created # in User post_save try: email = EmailAddress.objects.get(email=instance.user.email) email_confirmation = EmailConfirmation.create(email) # Check if needs to send email try: userinfo = UserInfo.objects.get(id=instance.pk) if userinfo.customer_id_id is None and instance.customer_id_id is not None: email_confirmation.send() except ObjectDoesNotExist: if instance.customer_id_id is not None: email_confirmation.send() except ObjectDoesNotExist: pass
def test_email_confirmation_redirects(self): user = self.user email = EmailAddress.objects.create(user=user, email='*****@*****.**', verified=False, primary=True) self.client.force_login(user=user) confirmation = EmailConfirmation.create(email) confirmation.sent = now() confirmation.save() url_from = self.client.post( reverse(viewname='account_confirm_email', args=[confirmation.key])) url_to = AccountAdapter.get_email_confirmation_redirect_url( AccountAdapter, self.request, ) self.assertRedirects(url_from, url_to, fetch_redirect_response=False)
def test_email_confirmation_token(self): self.client.post(reverse('account_signup'), data={ 'username': self.user_data['username'], 'email': self.user_data['email'], 'password1': self.user_data['password'], 'password2': self.user_data['password'] }) self.assertEqual(len(mail.outbox), 1) email = EmailAddress.objects.get(email=self.user_data['email']) confirmation = EmailConfirmation.create(email) confirmation.sent = now() confirmation.save() self.client.post( reverse('account_confirm_email', args=[confirmation.key])) email = EmailAddress.objects.get(pk=email.pk) self.assertTrue(email.verified)
def export_unverified(request): response = HttpResponse(mimetype='text/csv') response['Content-Disposition'] = 'attachment; filename=unverified.csv' writer = csv.writer(response, delimiter=';') writer.writerow(['Name', 'email', 'Date Joined', 'Activation Link']) users = get_user_model().objects.filter(emailaddress__verified=False).all() for u in users: email_address = u.emailaddress_set.filter(primary=True).first() if not email_address: continue confirmation = EmailConfirmation.create(email_address) confirmation.sent = timezone.now() confirmation.save() activate_url = reverse("account_confirm_email", args=[confirmation.key]) activate_uri = request.build_absolute_uri(activate_url) writer.writerow([unicode(u.get_full_name()).encode('utf-8'), u.email, u.date_joined, activate_uri]) return response
def SendConfirmEmail(request): if request.method == 'POST': data = JSONParser().parse(request) serializer = EmailConfirmationSerializer(data=data) if serializer.is_valid(): data = serializer.data try: email = EmailAddress.objects.get(email=data['email']) if email.verified == False: email_confirmation = EmailConfirmation.create(email) email_confirmation.send() return Response(serializer.data, status=status.HTTP_200_OK) else: return Response({'error': 'cuenta ya verificada'}, status=status.HTTP_406_NOT_ACCEPTABLE) except ObjectDoesNotExist: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) else: return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def test_send_welcome_email(self, mock): user = get_or_create_user("email_test_user") member = Member(user=user) member.save() email = user.emailaddress_set.all()[0] email.verified = False email.save() confirmation = EmailConfirmation.create(email) confirmation.sent = timezone.now() confirmation.save() # confirm the email; this sends the email_confirmed signals confirmed_email = confirmation.confirm(request=mock) self.assertTrue(confirmed_email is not None) self.assertTrue(mock.called) self.assertEqual(mock.call_count, 1) self.assertEqual(mock.call_args[0][-1][0], "*****@*****.**")
def test_send_welcome_email(self, mock): user = get_or_create_user('email_test_user') member = Member(user=user) member.save() email = user.emailaddress_set.all()[0] email.verified = False email.save() confirmation = EmailConfirmation.create(email) confirmation.sent = timezone.now() confirmation.save() # confirm the email; this sends the email_confirmed signals confirmed_email = confirmation.confirm(request=mock) self.assertTrue(confirmed_email is not None) self.assertTrue(mock.called) self.assertEqual(mock.call_count, 1) self.assertEqual(mock.call_args[0][-1][0], '*****@*****.**')
def export_unverified(request): response = HttpResponse(mimetype='text/csv') response['Content-Disposition'] = 'attachment; filename=unverified.csv' writer = csv.writer(response, delimiter=';') writer.writerow(['Name', 'email', 'Date Joined', 'Activation Link']) users = get_user_model().objects.filter( emailaddress__verified=False).all() for u in users: email_address = u.emailaddress_set.filter(primary=True).first() if not email_address: continue confirmation = EmailConfirmation.create(email_address) confirmation.sent = timezone.now() confirmation.save() activate_url = reverse("account_confirm_email", args=[confirmation.key]) activate_uri = request.build_absolute_uri(activate_url) writer.writerow([ unicode(u.get_full_name()).encode('utf-8'), u.email, u.date_joined, activate_uri ]) return response
def test_receiver(self, mock_allauth_adapter): address1 = EmailAddress.objects.create(user=self.user, email='*****@*****.**', verified=False, primary=False) EmailAddress.objects.create(user=self.user, email='*****@*****.**', verified=True, primary=True) EmailAddress.objects.create(user=self.user, email='*****@*****.**', verified=False, primary=False) confirmation = EmailConfirmation.create(address1) confirmation.send() confirmation.confirm(None) assert not EmailAddress.objects.filter(user=self.user, email='*****@*****.**') assert not EmailAddress.objects.filter(user=self.user, email='*****@*****.**') address1.refresh_from_db() assert address1.primary assert self.user.is_active
user_profile.receive_messages = user_row['recive_message_own_reply'] user_profile.old_id = user_row['id'] user_profile.save() #if user_row['status'] == 1: email_adress, created = EmailAddress.objects.get_or_create( user=user, email=user.email, verified=True if user_row['status'] == 1 else False, primary=True, ) if email_adress.verified: if not EmailConfirmation.objects.filter(email_address=email_adress).exists(): email_confirmation = EmailConfirmation.create(email_adress) #users[user_row] = user if max_pk > 0: print(user) #posts = {} if load_posts: print('load_posts') c.execute('SELECT * FROM post p LEFT JOIN product_fields pf ON p.id = pf.post_id WHERE p.type > 3 AND p.type < 8') post_rows = c.fetchall() for post_row in post_rows: params = (post_row['id'], ) c.execute('SELECT * FROM alias a WHERE a.route="post/view" AND a.entity_id = %s', params) alias_row = c.fetchone() try:
def authenticate_openid(request: Request, token: str) -> User: """ Authenticate user using an OpenID token. Currently only deals with tokens issued by Google. Validates token following recommendations at https://developers.google.com/identity/protocols/oauth2/openid-connect#validatinganidtoken Does basic validation before pinging Google to do token verification. If the verified email address matches an existing user then returns that user, otherwise creates a new user with the email as their primary email. """ # Run some basic checks on the token try: unverified_claims = jwt.decode(token, "", False) except Exception as exc: raise ParseError("Bad token: {}".format(str(exc))) exp = unverified_claims.get("exp") if exp and float(exp) < time.time(): raise ParseError("Token has expired") if unverified_claims.get("iss") != GOOGLE_ISS: raise ParseError("Invalid token issuer") if unverified_claims.get("aud") not in GOOGLE_AUDS: raise ParseError("Invalid token audience") # Verify the token with Google transport = requests.Request() try: claims = id_token.verify_token(token, transport) except ValueError: raise ParseError("Token could not be verified") if not claims.get("email_verified"): raise ParseError("Email address has not been verified") # Extract the verified data email = claims.get("email") given_name = claims.get("given_name", "") family_name = claims.get("family_name", "") name = claims.get("name") if name and not given_name and not family_name and len(name.split()) > 1: given_name, family_name = name.split()[:2] picture = claims.get("picture") # Check whether there is an existing user with this email address try: email_address = EmailAddress.objects.get(email__iexact=email) user = email_address.user except EmailAddress.DoesNotExist: try: user = User.objects.get(email__iexact=email) except User.DoesNotExist: user = None else: email_address = EmailAddress.objects.create( user=user, email=email, primary=True, verified=False ) if user: # Check that the user's email is verified. This prevents an attacker # from stealing a users credentials by using their email address if not email_address.verified: confirmation = EmailConfirmation.create(email_address=email_address) confirmation.send() raise AuthenticationFailed( f"For security reasons, please verify your email address first; we have sent an email to {email}." ) else: # Create a new user with a verified email address user = User.objects.create_user( username=generate_username(email, given_name, family_name), email=email, first_name=given_name, last_name=family_name, ) EmailAddress.objects.create(user=user, email=email, verified=True, primary=True) # Update the user's image if one has not already been set if picture and user.personal_account.image_is_identicon(): set_image_from_url.delay(user.personal_account.id, picture) return user
def _create_confirmation(self, email, sent): confirmation = EmailConfirmation.create(email) confirmation.sent = sent confirmation.save() return confirmation