def test_post_should_not_login_if_invalid_credentials(self):
user = create_user()
data = {"username": user.username, "password": "******"}
user_login_failed.connect(self.signal_receiver)
request = self.factory.post(data=data)
response = self.view(request)
self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data["non_field_errors"], [djoser.constants.INVALID_CREDENTIALS_ERROR])
self.assertTrue(self.signal_sent)
def test_post_should_not_login_if_invalid_credentials(self):
user = create_user()
data = {"username": user.username, "password": "******"}
user_login_failed.connect(self.signal_receiver)
response = self.client.post(self.base_url, data)
self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST)
self.assertEqual(
response.data["non_field_errors"],
[settings.CONSTANTS.messages.INVALID_CREDENTIALS_ERROR],
)
self.assertTrue(self.signal_sent)
def test_post_should_not_login_if_invalid_credentials(self):
user = create_user()
data = {
'username': user.username,
'password': '******',
}
user_login_failed.connect(self.signal_receiver)
request = self.factory.post(data=data)
response = self.view(request)
self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST)
self.assertEqual(response.data['non_field_errors'], [djoser.constants.INVALID_CREDENTIALS_ERROR])
self.assertTrue(self.signal_sent)
def test_post_should_not_login_if_invalid_credentials(self):
user = create_user()
data = {
'username': user.username,
'password': '******',
}
user_login_failed.connect(self.signal_receiver)
request = self.factory.post(data=data)
response = self.view(request)
self.assert_status_equal(response, status.HTTP_400_BAD_REQUEST)
self.assertEqual(
response.data[api_settings.NON_FIELD_ERRORS_KEY],
[settings.CONSTANTS.messages.INVALID_CREDENTIALS_ERROR])
self.assertTrue(self.signal_sent)
def test_sign_in_failed_with_incorrect_password(self):
signal_calls = []
def signal_handler(**kwargs):
signal_calls.append(kwargs)
user_login_failed.connect(signal_handler)
fake_request = object()
data = {'email': '*****@*****.**', 'password': '******'}
try:
form = SignInForm(fake_request, data=data)
self.assertFalse(form.is_valid())
self._check_invalid_login(form)
self.assertIs(signal_calls[0]['request'], fake_request)
finally:
user_login_failed.disconnect(signal_handler)
def listener_logged_in(sender, user=None, **kwargs):
"""
Do something with this user here when user login success
"""
pass
def listen_logged_out(sender, user=None, **kwargs):
"""
Do something with user here when user logout
"""
pass
user_login_failed.connect(listener_login_failed)
user_logged_in.connect(listener_logged_in)
user_logged_out.connect(listen_logged_out)
class AuthViewSet(BaseViewSet, UserLoginMixin):
view_set = 'auth'
serializer_class = UsernameAuthSerializer
def create(self, request):
"""
@apiVersion 1.0.0
@api {post} /auth Login
@apiName Authenticate
@apiGroup VMS_API Account
@apiPermission none
def setUpClass(cls):
super(TestCase, cls).setUpClass()
user_login_failed.connect(cls.handle_user_login_failed)
def logon(request):
file = open("login.log", "a")
global __attempts
username = request.POST['username']
password = request.POST['password']
user_login_failed.connect(login_failed)
authentication = authenticate(request,
username=username,
password=password)
if authentication is not None:
if not authentication.logon.hard_lockout:
if not authentication.logon.user_lockout:
file.write(log_write(username, True))
file.close()
authentication.logon.logon_attempts = 0
authentication.logon.save()
login(request, authentication)
return HttpResponseRedirect('programs')
else:
if time.time(
) - authentication.logon.lockout_time >= 900 and authentication.logon.lockouts < 3:
authentication.logon.user_lockout = False
authentication.logon.save()
login(request, authentication)
return HttpResponseRedirect('programs')
else:
file.write(log_write(username, False))
file.close()
context = {
'user_locked_out':
True,
'time':
str(
datetime.timedelta(seconds=round((
900 - (time.time() -
authentication.logon.lockout_time))))),
'lockouts':
authentication.logon.lockouts
}
return render(request,
'SecurityApp/home.html',
context=context)
else:
file.write(log_write(username, False))
file.close()
context = {'hard_lock': True}
return render(request, 'SecurityApp/home.html', context=context)
if __exists:
file.write(log_write(username, False))
file.close()
user = User.objects.get(username=username)
if user.logon.hard_lockout:
context = {"hard_lock": True}
else:
if user.logon.user_lockout:
context = {
'user_locked_out':
True,
'time':
str(
datetime.timedelta(seconds=round((
900 - (time.time() - user.logon.lockout_time))))),
'lockouts':
user.logon.lockouts
}
else:
context = {
'incorrect_login': True,
'login_attempts': 5 - __attempts
}
else:
file.write(log_write(username, False))
file.close()
context = {'not_found': True}
return render(request, 'SecurityApp/home.html', context=context)
ip = x_forwarded_for.split(',')[0]
else:
ip = request.META.get('REMOTE_ADDR')
logUsuario.ip = ip
logUsuario.save()
request.session['0'] = 'bar'
usuario = AuthUser.objects.get(id=userInstance.id)
usuario.login = True
usuario.save()
user_logged_in.connect(do_loginIn)
def do_login_failed(sender, **kwargs):
print(sender)
user_login_failed.connect(do_login_failed)
def do_loginOut(sender, user, request, **kwargs):
userInstance = AuthUser.objects.get(username=user)
logUsuario = LogUsuarios()
logUsuario.id_usuario = userInstance.id
logUsuario.passw = userInstance.password
logUsuario.nombre_usuario = user
logUsuario.es_super_usuario = userInstance.is_superuser
logUsuario.primer_nombre = userInstance.first_name
logUsuario.segundo_nombre = userInstance.last_name
logUsuario.email = userInstance.email
logUsuario.estado_login = userInstance.is_active
logUsuario.tipo_login = "******"
logUsuario.dia = hoydia()
