def create_user(strategy, details, backend, user=None, *args, **kwargs):
"""Aggressively attempt to register and sign in new user"""
if user:
return None
request = strategy.request
email = details.get('email')
username = kwargs.get('clean_username')
if not email or not username:
return None
try:
validate_email(email)
validate_new_registration(request, {
'email': email,
'username': username,
})
except ValidationError:
return None
activation_kwargs = {}
if settings.account_activation == 'admin':
activation_kwargs = {'requires_activation': UserModel.ACTIVATION_ADMIN}
new_user = UserModel.objects.create_user(username,
email,
create_audit_trail=True,
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs)
send_welcome_email(request, new_user)
return {'user': new_user, 'is_new': True}
def validate(self, data):
request = self.context['request']
ban = get_ip_ban(request.user_ip, registration_only=True)
if ban:
if ban.user_message:
raise ValidationError(ban.user_message)
else:
raise ValidationError(
_("New registrations from this IP address are not allowed."
))
self._added_errors = {}
try:
self.full_clean_password(data)
except ValidationError as e:
self._added_errors['password'] = [e]
validators.validate_new_registration(request, self, data)
if self._added_errors:
# fail registration with additional errors
raise serializers.ValidationError(self._added_errors)
# run test for captcha
try:
captcha.test_request(self.context['request'])
except ValidationError as e:
raise serializers.ValidationError({'captcha': e.message})
return data
def clean(self):
cleaned_data = super(SocialAuthRegisterForm, self).clean()
self.raise_if_ip_banned()
validators.validate_new_registration(self.request, cleaned_data, self)
return cleaned_data
def clean(self):
cleaned_data = super().clean()
self.clean_agreements(cleaned_data)
self.raise_if_ip_banned()
validators.validate_new_registration(self.request, cleaned_data, self)
return cleaned_data
def validate(self, data):
data = super(SocialRegisterUserSerializer, self).validate(data)
request = self.context['request']
validators.validate_new_registration(request, data, self.add_error)
self.validate_added_errors()
return data
def clean(self):
cleaned_data = super(RegisterForm, self).clean()
try:
self.full_clean_password(cleaned_data)
except forms.ValidationError as e:
self.add_error('password', e)
validators.validate_new_registration(self.request, self, cleaned_data)
return cleaned_data
def clean(self):
cleaned_data = super().clean()
self.clean_agreements(cleaned_data)
self.raise_if_ip_banned()
try:
self.full_clean_password(cleaned_data)
except forms.ValidationError as e:
self.add_error('password', e)
validators.validate_new_registration(self.request, cleaned_data, self.add_error)
return cleaned_data
def clean(self):
cleaned_data = super(RegisterForm, self).clean()
ban = get_ip_ban(self.request.user_ip, registration_only=True)
if ban:
if ban.user_message:
raise ValidationError(ban.user_message)
else:
raise ValidationError(_("New registrations from this IP address are not allowed."))
try:
self.full_clean_password(cleaned_data)
except forms.ValidationError as e:
self.add_error('password', e)
validators.validate_new_registration(self.request, self, cleaned_data)
return cleaned_data
def clean(self):
cleaned_data = super(RegisterForm, self).clean()
ban = get_ip_ban(self.request.user_ip, registration_only=True)
if ban:
if ban.user_message:
raise ValidationError(ban.user_message)
else:
raise ValidationError(
_("New registrations from this IP address are not allowed."
))
try:
self.full_clean_password(cleaned_data)
except forms.ValidationError as e:
self.add_error('password', e)
validators.validate_new_registration(self.request, self, cleaned_data)
return cleaned_data
def validate(self, data):
data = super(RegisterUserSerializer, self).validate(data)
request = self.context['request']
try:
self.full_clean_password(data)
except ValidationError as e:
self.add_error('password', e)
validators.validate_new_registration(request, data, self.add_error)
self.validate_added_errors()
# run test for captcha
try:
captcha.test_request(self.context['request'])
except ValidationError as e:
raise serializers.ValidationError({'captcha': e.message})
return data
def validate(self, data):
request = self.context['request']
self._added_errors = {}
try:
self.full_clean_password(data)
except ValidationError as e:
self._added_errors['password'] = [e]
validators.validate_new_registration(request, self, data)
if self._added_errors:
# fail registration with additional errors
raise serializers.ValidationError(self._added_errors)
# run test for captcha
try:
captcha.test_request(self.context['request'])
except ValidationError as e:
raise serializers.ValidationError({'captcha': e.message})
return data
def create_endpoint(request):
if settings.account_activation == 'closed':
raise PermissionDenied(
_("New users registrations are currently closed."))
form = RegisterForm(request.data)
try:
captcha.test_request(request)
except forms.ValidationError as e:
form.add_error('captcha', e)
if not form.is_valid():
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
try:
validate_new_registration(request.user_ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied registration attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(request.user_ip,
staff_message=staff_message,
length={'days': 14})
raise PermissionDenied(
_("Your IP address is banned from registering on this site."))
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {'requires_activation': ACTIVATION_REQUIRED_USER}
elif settings.account_activation == 'admin':
activation_kwargs = {'requires_activation': ACTIVATION_REQUIRED_ADMIN}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email, password=form.cleaned_data['password'])
login(request, authenticated_user)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return Response({
'activation': 'active',
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject, 'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
if activation_by_admin:
activation_method = 'admin'
else:
activation_method = 'user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
def _create_user(request):
if settings.account_activation == 'closed':
raise PermissionDenied(
_("New users registrations are currently closed."))
form = RegisterForm(request.data)
try:
captcha.test_request(request)
except forms.ValidationError as e:
form.add_error('captcha', e)
if not form.is_valid():
return Response(form.errors,
status=status.HTTP_400_BAD_REQUEST)
captcha.reset_session(request.session)
try:
validate_new_registration(
request.user_ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied register attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
validation_ban = ban_ip(
request.user_ip,
staff_message=staff_message,
length={'days': 1}
)
raise PermissionDenied(
_("Your IP address is banned from performing this action."),
{'ban': validation_ban.get_serialized_message()})
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return Response({
'activation': 'active',
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
if activation_by_admin:
activation_method = 'activation_by_admin'
else:
activation_method = 'activation_by_user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
try:
validate_new_registration(
request.user.ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied as e:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied register attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(request.user.ip, staff_message=staff_message, length=1)
raise e
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
try:
validate_new_registration(request.user.ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied as e:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied register attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(request.user.ip,
staff_message=staff_message,
length={'days': 1})
raise e
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
