def _inner(request, domain, *args, **kwargs): domain_obj = Domain.get_by_name(domain) couch_user = _ensure_request_couch_user(request) if ( not api_key and not getattr(request, 'skip_two_factor_check', False) and domain_obj and _two_factor_required(view_func, domain_obj, couch_user) ): token = request.META.get('HTTP_X_COMMCAREHQ_OTP') if not token and 'otp' in request.GET: with mutable_querydict(request.GET): # remove the param from the query dict so that we don't interfere with places # that use the query dict to generate dynamic filters token = request.GET.pop('otp')[-1] if not token: return JsonResponse(OTP_AUTH_FAIL_RESPONSE, status=401) otp_device = match_token(request.user, token) if not otp_device: return JsonResponse({"error": "OTP token is incorrect"}, status=401) # set otp device and is_verified function on user to be consistent with OTP middleware request.user.otp_device = otp_device request.user.is_verified = lambda: True return fn(request, domain, *args, **kwargs) return fn(request, domain, *args, **kwargs)
def _inner(request, domain, *args, **kwargs): domain_obj = Domain.get_by_name(domain) couch_user = _ensure_request_couch_user(request) if (not api_key and not getattr(request, 'skip_two_factor_check', False) and domain_obj and _two_factor_required( view_func, domain_obj, couch_user)): token = request.META.get('HTTP_X_COMMCAREHQ_OTP') if not token and 'otp' in request.GET: with mutable_querydict(request.GET): # remove the param from the query dict so that we don't interfere with places # that use the query dict to generate dynamic filters token = request.GET.pop('otp')[-1] if not token: return JsonResponse(OTP_AUTH_FAIL_RESPONSE, status=401) otp_device = match_token(request.user, token) if not otp_device: return JsonResponse({"error": "OTP token is incorrect"}, status=401) # set otp device and is_verified function on user to be consistent with OTP middleware request.user.otp_device = otp_device request.user.is_verified = lambda: True return fn(request, domain, *args, **kwargs) return fn(request, domain, *args, **kwargs)
def _login(req, domain_name, custom_login_page, extra_context=None): extra_context = extra_context or {} if req.user.is_authenticated and req.method == "GET": redirect_to = req.GET.get('next', '') if redirect_to: return HttpResponseRedirect(redirect_to) if not domain_name: return HttpResponseRedirect(reverse('homepage')) else: return HttpResponseRedirect(reverse('domain_homepage', args=[domain_name])) if req.method == 'POST' and domain_name and '@' not in req.POST.get('auth-username', '@'): with mutable_querydict(req.POST): req.POST['auth-username'] = format_username(req.POST['auth-username'], domain_name) if 'auth-username' in req.POST: couch_user = CouchUser.get_by_username(req.POST['auth-username'].lower()) if couch_user: new_lang = couch_user.language old_lang = req.session.get(LANGUAGE_SESSION_KEY) update_session_language(req, old_lang, new_lang) req.base_template = settings.BASE_TEMPLATE context = {} template_name = custom_login_page if custom_login_page else 'login_and_password/login.html' if not custom_login_page and domain_name: domain_obj = Domain.get_by_name(domain_name) req_params = req.GET if req.method == 'GET' else req.POST context.update({ 'domain': domain_name, 'hr_name': domain_obj.display_name(), 'next': req_params.get('next', '/a/%s/' % domain_name), 'allow_domain_requests': domain_obj.allow_domain_requests, 'current_page': {'page_name': _('Welcome back to %s!') % domain_obj.display_name()}, }) else: commcare_hq_name = commcare_hq_names(req)['commcare_hq_names']["COMMCARE_HQ_NAME"] context.update({ 'current_page': {'page_name': _('Welcome back to %s!') % commcare_hq_name}, }) if settings.SERVER_ENVIRONMENT in settings.ICDS_ENVS: auth_view = CloudCareLoginView else: auth_view = HQLoginView if not domain_name else CloudCareLoginView demo_workflow_ab_v2 = ab_tests.SessionAbTest(ab_tests.DEMO_WORKFLOW_V2, req) if settings.IS_SAAS_ENVIRONMENT: context['demo_workflow_ab_v2'] = demo_workflow_ab_v2.context context.update(extra_context) response = auth_view.as_view(template_name=template_name, extra_context=context)(req) if settings.IS_SAAS_ENVIRONMENT: demo_workflow_ab_v2.update_response(response) return response
def _login(req, domain_name, template_name): if req.user.is_authenticated and req.method == "GET": redirect_to = req.GET.get('next', '') if redirect_to: return HttpResponseRedirect(redirect_to) if not domain_name: return HttpResponseRedirect(reverse('homepage')) else: return HttpResponseRedirect( reverse('domain_homepage', args=[domain_name])) if req.method == 'POST' and domain_name and '@' not in req.POST.get( 'auth-username', '@'): with mutable_querydict(req.POST): req.POST['auth-username'] = format_username( req.POST['auth-username'], domain_name) if 'auth-username' in req.POST: couch_user = CouchUser.get_by_username( req.POST['auth-username'].lower()) if couch_user: new_lang = couch_user.language old_lang = req.session.get(LANGUAGE_SESSION_KEY) update_session_language(req, old_lang, new_lang) req.base_template = settings.BASE_TEMPLATE context = {} custom_landing_page = getattr(settings, 'CUSTOM_LANDING_TEMPLATE', False) if custom_landing_page: template_name = custom_landing_page elif domain_name: domain = Domain.get_by_name(domain_name) req_params = req.GET if req.method == 'GET' else req.POST context.update({ 'domain': domain_name, 'hr_name': domain.display_name() if domain else domain_name, 'next': req_params.get('next', '/a/%s/' % domain), 'allow_domain_requests': domain.allow_domain_requests, 'current_page': { 'page_name': _('Welcome back to %s!') % domain.display_name() } }) else: context.update( {'current_page': { 'page_name': _('Welcome back to CommCare HQ!') }}) auth_view = HQLoginView if not domain_name else CloudCareLoginView return auth_view.as_view(template_name=template_name, extra_context=context)(req)
def _inner(request, *args, **kwargs): with mutable_querydict(request.GET): as_user = request.GET.pop('as', None) if not as_user: return HttpResponse('User required', status=401) couch_user = CouchUser.get_by_username(as_user[-1]) if not couch_user: return HttpResponse('Unknown user', status=401) request.user = couch_user.get_django_user() request.couch_user = couch_user return view(request, *args, **kwargs)
def _inner(request, *args, **kwargs): with mutable_querydict(request.GET): request_user = request.GET.pop('as', None) if not request_user: auth_logger.info("Request rejected reason=%s request=%s", "formplayer_auth:user_required", request.path) return HttpResponse('User required', status=401) couch_user = CouchUser.get_by_username(request_user[-1]) if not couch_user: auth_logger.info("Request rejected reason=%s request=%s", "formplayer_auth:unknown_user", request.path) return HttpResponse('Unknown user', status=401) request.user = couch_user.get_django_user() request.couch_user = couch_user return view(request, *args, **kwargs)
def _login(req, domain_name): if req.user.is_authenticated and req.method == "GET": redirect_to = req.GET.get('next', '') if redirect_to: return HttpResponseRedirect(redirect_to) if not domain_name: return HttpResponseRedirect(reverse('homepage')) else: return HttpResponseRedirect(reverse('domain_homepage', args=[domain_name])) if req.method == 'POST' and domain_name and '@' not in req.POST.get('auth-username', '@'): with mutable_querydict(req.POST): req.POST['auth-username'] = format_username(req.POST['auth-username'], domain_name) if 'auth-username' in req.POST: couch_user = CouchUser.get_by_username(req.POST['auth-username'].lower()) if couch_user: new_lang = couch_user.language old_lang = req.session.get(LANGUAGE_SESSION_KEY) update_session_language(req, old_lang, new_lang) req.base_template = settings.BASE_TEMPLATE context = {} template_name = 'login_and_password/login.html' custom_landing_page = settings.CUSTOM_LANDING_TEMPLATE if custom_landing_page: if isinstance(custom_landing_page, six.string_types): soft_assert_type_text(custom_landing_page) template_name = custom_landing_page else: template_name = custom_landing_page.get(req.get_host()) if template_name is None: template_name = custom_landing_page.get('default', template_name) elif domain_name: domain_obj = Domain.get_by_name(domain_name) req_params = req.GET if req.method == 'GET' else req.POST context.update({ 'domain': domain_name, 'hr_name': domain_obj.display_name(), 'next': req_params.get('next', '/a/%s/' % domain_name), 'allow_domain_requests': domain_obj.allow_domain_requests, 'current_page': {'page_name': _('Welcome back to %s!') % domain_obj.display_name()}, }) else: commcare_hq_name = commcare_hq_names(req)['commcare_hq_names']["COMMCARE_HQ_NAME"] context.update({ 'current_page': {'page_name': _('Welcome back to %s!') % commcare_hq_name}, }) if settings.SERVER_ENVIRONMENT in settings.ICDS_ENVS: auth_view = CloudCareLoginView else: auth_view = HQLoginView if not domain_name else CloudCareLoginView demo_workflow_ab_v2 = ab_tests.SessionAbTest(ab_tests.DEMO_WORKFLOW_V2, req) if settings.IS_SAAS_ENVIRONMENT: context['demo_workflow_ab_v2'] = demo_workflow_ab_v2.context response = auth_view.as_view(template_name=template_name, extra_context=context)(req) if settings.IS_SAAS_ENVIRONMENT: demo_workflow_ab_v2.update_response(response) return response