def post(self, request): try: serialized_data = self.serializer_class(data=request.data) if serialized_data.is_valid(raise_exception=True): email = serialized_data.data['email'].lower() try: user = User.objects.get(profile__email=email, profile__email_confirmed=True) except User.DoesNotExist: raise authnz_exceptions.CustomException( detail=_('Email is invalid or not confirmed')) if user.check_password(serialized_data.data['password']): if user.is_active: payload = jwt_payload_handler( user) # todo: Is deprecated jwt_token = utilities.jwt_response_payload_handler( jwt_encode_handler(payload), user=user) return responses.SuccessResponse(jwt_token).send() else: raise authnz_exceptions.CustomException( detail=_('This user is inactive, contact us.')) else: raise authnz_exceptions.CustomException( detail=_('Email or Password is invalid.')) except authnz_exceptions.CustomException as e: return responses.ErrorResponse(message=e.detail, status=e.status_code).send() except exceptions.ValidationError as e: return responses.ErrorResponse(message=e.detail, status=e.status_code).send()
def post(self, request, backend, *args, **kwargs): try: serialized_data = self.serializer_class(data=request.data) if serialized_data.is_valid(raise_exception=True): token = serialized_data.data['token'] if backend.lower() == 'google': try: resp_user = id_token.verify_oauth2_token(token, google_requests.Request(), settings.GOOGLE_OAUTH_ID) except Exception as e: return responses.ErrorResponse(message='Error in google open auth', dev_error=str(e), status=400).send() if resp_user['iss'] not in ['accounts.google.com', 'https://accounts.google.com']: raise authnz_exceptions.CustomException(detail=_('Google Wrong issuer.')) if not resp_user.get('email') or not resp_user.get('given_name') or \ not resp_user.get('family_name') or not resp_user.get('picture'): raise authnz_exceptions.CustomException( detail=_('Scope need to have email, given name, family, picture')) email = resp_user['email'].lower() try: user = User.objects.get(profile__email=email) except User.DoesNotExist as e: user = transactions.open_auth_user_creator(email, resp_user['given_name'], resp_user['family_name'], resp_user['picture']) else: raise authnz_exceptions.CustomException(detail=_('Wrong backend')) if user.is_active: payload = jwt_payload_handler(user) # todo: Is deprecated jwt_token = utilities.jwt_response_payload_handler(jwt_encode_handler(payload), user=user) else: raise authnz_exceptions.CustomException( detail=_('Your user account is deactivated, contact us for more information.')) return responses.SuccessResponse(jwt_token).send() except authnz_exceptions.CustomException as e: return responses.ErrorResponse(message=e.detail, status=e.status_code).send()
def post(self, request): try: serialized_data = self.serializer_class(data=request.data) if serialized_data.is_valid(raise_exception=True): if request.user.check_password( serialized_data.data['old_password']): if request.user.is_active: transactions.change_user_password( request.user, serialized_data.data['password']) payload = jwt_payload_handler( request.user) # todo: Is deprecated jwt_token = utilities.jwt_response_payload_handler( jwt_encode_handler(payload), user=request.user) return responses.SuccessResponse(jwt_token).send() else: raise authnz_exceptions.CustomException( detail=_('This user is deactivated, contact us.')) else: raise authnz_exceptions.CustomException( detail=_('Old Password is invalid.')) except authnz_exceptions.CustomException as e: return responses.ErrorResponse(message=e.detail, status=e.status_code).send() except exceptions.ValidationError as e: return responses.ErrorResponse(message=e.detail, status=e.status_code).send()
def post(self, request): try: serialize_data = self.serializer_class(data=request.data) if serialize_data.is_valid(raise_exception=True): email = serialize_data.data['email'].lower() try: user = User.objects.get(profile__email=email) except User.DoesNotExist: raise authnz_exceptions.CustomException(detail=_('Email does not exist.')) if user.is_active: forgot_password_token = cache.get('{}{}'.format(user.username, settings.CACHE_FORGOT_PASSWORD_TOKEN)) if forgot_password_token == serialize_data.data['token']: transactions.change_user_password(user, serialize_data.data['password']) cache.delete('{}{}'.format(user.username, settings.CACHE_FORGOT_PASSWORD_TOKEN)) payload = jwt_payload_handler(user) # todo: Is deprecated jwt_token = utilities.jwt_response_payload_handler(jwt_encode_handler(payload), user=user) return responses.SuccessResponse(jwt_token).send() elif not forgot_password_token: raise authnz_exceptions.CustomException(detail=_('Token timeout.')) else: raise authnz_exceptions.CustomException(detail=_('We sent a new token recently please try it.')) else: raise authnz_exceptions.CustomException(detail=_('Your account is inactive.')) except exceptions.ValidationError as e: return responses.ErrorResponse(message=e.detail, status=e.status_code).send()
def get(self, request): try: if request.user.is_active: payload = jwt_payload_handler(request.user) # todo: Is deprecated jwt_token = utilities.jwt_response_payload_handler(jwt_encode_handler(payload), user=request.user) return responses.SuccessResponse(jwt_token).send() else: raise authnz_exceptions.CustomException(detail=_('This user is inactive, contact us.')) except authnz_exceptions.CustomException as e: return responses.ErrorResponse(message=e.detail, status=e.status_code).send()