def inner(request, **kwargs):
authorization_header = request.META.get("HTTP_AUTHORIZATION", " ")
auth_method, auth_details = authorization_header.split(" ", 1)
if not auth_method.lower() == "basic":
return JsonResponse({"error": gl("Invalid authorization")},
status=400)
fingerprint, _ = base64.urlsafe_b64decode(auth_details.encode()).split(
b":", 1)
fingerprint = fingerprint.decode()
try:
user = User.objects.get(fingerprint=fingerprint)
except User.DoesNotExist:
return JsonResponse({"error": gl("Invalid authorization")},
status=400)
data = {
"public_key": user.public_key,
"signature": request.POST.get("signature", ""),
"message": request.POST.get("message", "")
}
form = AuthForm(data)
if not form.is_valid():
return JsonResponse({"error": form.errors}, status=400)
kwargs["user"] = user
return fn(request, **kwargs)
class Meta:
model = User
fields = ('b_day', 'photo', 'preferences')
exclude = ('username', 'first_name', 'last_name', 'email')
labels = {
'photo': gl('Фото'),
'b_day': gl('День рождения'),
}
widgets = {
'about': forms.Textarea(attrs={
'cols': 50,
'rows': 10
}),
}
class Meta:
model = News
fields = ('title', 'photo', 'category', 'content')
exclude = ('maker', 'status', 'slug', 'author')
labels = {
'title': gl('Название'),
'content': gl('Контент'),
'photo': gl('Фото'),
'category': gl('Категория'),
}
widgets = {
'content': forms.Textarea(attrs={
'cols': 80,
'rows': 10
}),
}
def get_row(request, **kwargs):
user = kwargs["user"]
key = request.POST.get("key")
try:
row = EncryptedRow.objects.get(user=user, key=key)
except EncryptedRow.DoesNotExist:
return JsonResponse({"error": gl("Not found")}, status=404)
return JsonResponse({"key": row.key, "val": row.val})
def validarMayusculas(value): #Válida si todas son mayúsculas
if (str(value).isupper()):
pass
else:
raise ValidationError(
gl('Nombre:%(value)s Tiene que ser todas Mayúsculas'),
params={'value': value},
)
class Meta:
model = User
fields = ('username', 'first_name', 'last_name', 'email', 'password1',
'password2', 'i_am_author')
labels = {
'username': gl('Логин'),
'first_name': gl('Имя'),
'last_name': gl('Фамилия'),
'email': gl('Почта'),
'password1': gl('Пароль'),
'password2': gl('Подтверждение пароля'),
}
help_texts = {
'username': gl('Введите логин'),
'email': gl('Введите почту'),
'password1': gl('Введите пароль'),
'password2': gl('Введите пароль'),
}
def options(request):
return render(
request, 'options.html', {
'title':
gl(settings.TITLE),
'domain':
'{0}://{1}'.format('https' if request.is_secure() else 'http',
RequestSite(request).domain),
})
def clean(self):
data = super(RegisterForm, self).clean()
pub_key = data.get("public_key")
public_key, _ = pgpy.PGPKey.from_blob(pub_key)
recvd_fingerprint = data.get("fingerprint")
fingerprint = str(public_key.fingerprint).replace(" ", "").lower()
if fingerprint != recvd_fingerprint:
raise forms.ValidationError(gl("Invalid fingerprint"),
code="invalid")
return data
def create_row(request, **kwargs):
user = kwargs["user"]
key = request.POST.get("key")
val = request.POST.get("val")
try:
row = EncryptedRow.objects.get(user=user, key=key)
return JsonResponse({"error": gl("Key exists")}, status=400)
except EncryptedRow.DoesNotExist:
row = EncryptedRow.objects.create(user=user, key=key, val=val)
return JsonResponse({"key": row.key, "val": row.val})
def manifest(request):
return render(
request,
'manifest.json', {
'title':
gl(settings.TITLE),
'domain':
'{0}://{1}'.format('https' if request.is_secure() else 'http',
RequestSite(request).domain),
},
content_type='application/json')
def clean(self):
data = super(AuthForm, self).clean()
signature_blob = data.get("signature")
public_key_blob = data.get("public_key")
msg = data.get("message")
signature = pgpy.PGPSignature.from_blob(signature_blob)
public_key, _ = pgpy.PGPKey.from_blob(public_key_blob)
if not public_key.verify(msg, signature):
raise forms.ValidationError(gl("Invalid signature"))
timestamp, _ = msg.split(":", 1)
utc_now = int(datetime.datetime.utcnow().strftime('%s'))
if utc_now - int(timestamp) > 300:
# Don't allow signatures older than 5 minutes
# To reduce window for replay attack
raise forms.ValidationError(gl("Signature expired"))
return data
class Meta:
model = AuthorInfo
fields = ('about', )
exclude = ('slug', 'name', 'maker')
labels = {
'about': gl('О вас'),
}
widgets = {
'about': forms.Textarea(attrs={
'cols': 50,
'rows': 10
}),
}
},
{
'NAME':
'django.contrib.auth.password_validation.CommonPasswordValidator',
},
{
'NAME':
'django.contrib.auth.password_validation.NumericPasswordValidator',
},
]
# Internationalization
# https://docs.djangoproject.com/en/3.0/topics/i18n/
from django.utils.translation import gettext_lazy as gl
LANGUAGES = [('zh-Hans', gl('Simplified Chinese'))]
LANGUAGE_CODE = 'zh-Hans'
TIME_ZONE = 'Asia/Shanghai'
# LANGUAGE_CODE = 'en-us'
# TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
# Static files (CSS, JavaScript, Images)
# https://docs.djangoproject.com/en/3.0/howto/static-files/
def home_page(request):
return render(request, 'index.html', {
'title': gl(settings.TITLE),
})
def validarIdentificacion(value): #Válida si es alfanúmerico
if (not str(value).isalnum()):
raise ValidationError(
gl('Cédula:%(value)s debe ser alfanúmerica'),
params={'value': value},
)
def validarNE(value): #Válida si tiene Ñ
if ("Ñ" in value):
raise ValidationError(
gl('Nombre:%(value)s No puede tener Ñ'),
params={'value': value},
)