def authenticate(self, identification, password=None, check_password=True): session = orm.sessionmaker() org_key = Organization.resource_name.lower() + '_id' user = None try: # if it looks like an email, lookup against the email column django.core.validators.validate_email(identification) filters = {'email': identification} if auth_settings.BAPH_AUTH_UNIQUE_WITHIN_ORG: filters[org_key] = Organization.get_current_id() user = session.query(User).filter_by(**filters).first() except django.core.validators.ValidationError: # this wasn't an email pass if not user: # email lookup failed, try username lookup if enabled if auth_settings.BAPH_AUTH_WITHOUT_USERNAMES: # usernames are not valid login credentials return None filters = {User.USERNAME_FIELD: identification} if auth_settings.BAPH_AUTH_UNIQUE_WITHIN_ORG: filters[org_key] = Organization.get_current_id() user = session.query(User).filter_by(**filters).first() if not user: return None if check_password: if user.check_password(password): return user return None else: return user
def send_activation_email(self): """ Sends a activation email to the user. This email is send when the user wants to activate their newly created user. """ context = {'user': self.user, 'without_usernames': settings.BAPH_AUTH_WITHOUT_USERNAMES, 'protocol': get_protocol(), 'activation_days': settings.BAPH_ACTIVATION_DAYS, 'activation_key': self.activation_key, 'org': Organization.get_current(), } subject = render_to_string('registration/emails/activation_email_subject.txt', context) subject = ''.join(subject.splitlines()) message = render_to_string('registration/emails/activation_email_message.txt', context) send_mail(subject, message, django_settings.DEFAULT_FROM_EMAIL, [self.user.email, ])
def get_consumer(self, request, oauth_request, consumer_key): org_id = Organization.get_current_id(request) col_key = Organization.get_column_key() col = getattr(User, col_key) session = orm.sessionmaker() consumer = ( session.query(OAuthConsumer) .join(OAuthConsumer.user) .filter(OAuthConsumer.key == oauth_request["oauth_consumer_key"]) .filter(or_(col == org_id, User.is_superuser == True)) .first() ) if not consumer: raise InvalidConsumerError() return consumer
def send_confirmation_email(self): """ Sends an email to confirm the new email address. This method sends out two emails. One to the new email address that contains the ``email_confirmation_key`` which is used to verify this this email address with :func:`UserenaUser.objects.confirm_email`. The other email is to the old email address to let the user know that a request is made to change this email address. """ context = {'user': self.user, 'without_usernames': settings.BAPH_AUTH_WITHOUT_USERNAMES, 'new_email': self.email_unconfirmed, 'protocol': get_protocol(), 'confirmation_key': self.email_confirmation_key, 'org': Organization.get_current(), } # Email to the old address, if present subject_old = render_to_string( 'registration/emails/confirmation_email_subject_old.txt', context) subject_old = ''.join(subject_old.splitlines()) message_old = render_to_string( 'registration/emails/confirmation_email_message_old.txt', context) if self.user.email: send_mail(subject_old, message_old, django_settings.DEFAULT_FROM_EMAIL, [self.user.email]) # Email to the new address subject_new = render_to_string( 'registration/emails/confirmation_email_subject_new.txt', context) subject_new = ''.join(subject_new.splitlines()) message_new = render_to_string( 'registration/emails/confirmation_email_message_new.txt', context) send_mail(subject_new, message_new, django_settings.DEFAULT_FROM_EMAIL, [self.email_unconfirmed, ])
def clean_email(self): filters = {'email': self.cleaned_data['email']} if settings.BAPH_AUTH_UNIQUE_WITHIN_ORG: org_key = Organization._meta.model_name + '_id' filters[org_key] = Organization.get_current_id() session = orm.sessionmaker() user = session.query(User) \ .options(joinedload('signup')) \ .filter_by(**filters) \ .first() if user and user.signup and user.signup.activation_key != settings.BAPH_ACTIVATED: raise forms.ValidationError(_('This email is already taken but ' 'not yet confirmed. Please check your email for verification ' 'steps.')) if user: raise forms.ValidationError(_('This email is already taken')) return self.cleaned_data['email']
def get_current_permissions(self): if hasattr(self, '_perm_cache'): return self._perm_cache from baph.auth.models import Organization current_org_id = str(Organization.get_current_id()) perms = {} for org_id, org_perms in self.get_all_permissions().items(): if not org_id in (None, current_org_id): continue for rsrc, rsrc_perms in org_perms.items(): if not rsrc in perms: perms[rsrc] = {} for action, action_perms in rsrc_perms.items(): if not action in perms[rsrc]: perms[rsrc][action] = set() perms[rsrc][action].update(action_perms) setattr(self, '_perm_cache', perms) return perms
def clean_email(self): """ Validate that the email is not already in use """ if self.cleaned_data['email'].lower() == self.user.email: raise forms.ValidationError(_(u'You\'re already known under this ' 'email.')) filters = {'email': self.cleaned_data['email']} if settings.BAPH_AUTH_UNIQUE_WITHIN_ORG: org_key = Organization._meta.model_name + '_id' filters[org_key] = Organization.get_current_id() session = orm.sessionmaker() user = session.query(User) \ .filter(User.email != self.user.email) \ .filter_by(**filters) \ .first() if user: raise forms.ValidationError(_(u'This email is already in use. ' 'Please supply a different email.')) return self.cleaned_data['email']
def save(self, domain_override=None, subject_template_name='registration/password_reset_subject.txt', email_template_name='registration/password_reset_email.html', use_https=False, token_generator=default_token_generator, from_email=None, request=None): '''Generates a one-use only link for resetting password and sends to the user. ''' from django.core.mail import send_mail for user in self.users_cache: if not user.has_usable_password(): continue if not domain_override: org = Organization.get_current() if isinstance(org, dict): site_name = org['name'] domain = org['host'] else: site_name = org.name domain = org.host else: site_name = domain = domain_override site_name =None c = { 'email': user.email, 'domain': domain, 'site_name': site_name, 'uid': int_to_base36(user.id), 'user': user, 'token': token_generator.make_token(user), 'protocol': use_https and 'https' or 'http', } subject = render_to_string(subject_template_name, \ RequestContext(request, c)) subject = ''.join(subject.splitlines()) email = render_to_string(email_template_name, \ RequestContext(request, c)) send_mail(subject, email, from_email, [user.email])
def clean_org_unique_field(self, key, **kwargs): org_key = Organization._meta.model_name + '_id' kwargs[org_key] = Organization.get_current_id() return self.clean_unique_field(key, **kwargs)