def check_captcha(captcha_code, captcha_key): ''' :param str captcha_code: 来自用户输入 :param str captcha_key: 随图片一起返回的key :rtype: bool ''' captcha_field = CaptchaField() try: captcha_field.clean([captcha_key, captcha_code]) return True except ValidationError: return False
def clean(self): """ Checks for the identification and password. If the combination can't be found will raise an invalid sign in error. """ identification = self.cleaned_data.get('identification') password = self.cleaned_data.get('password') if identification and password: # try to get the user object using only the identification try: if '@' in identification: auth_user = User.objects.get(email=identification) else: auth_user = User.objects.get(username=identification) except: raise django_forms.ValidationError( _(u"Please enter a correct " "username or email and password. Note that both fields " "are case-sensitive.")) profile = auth_user.get_profile() if isinstance(profile.extra, dict) and\ "failed_login_attempts" in profile.extra and\ isinstance(profile.extra['failed_login_attempts'], int) and\ profile.extra['failed_login_attempts'] >= settings.MAX_ALLOWED_FAILED_LOGIN_ATTEMPTS: captcha_field = CaptchaField() self.fields.insert(0, 'captcha', captcha_field) if 'captcha_0' not in self.data: raise django_forms.ValidationError( _(u"Please, for " u"security reasons validate the captcha")) else: value = captcha_field.widget.value_from_datadict( self.data, self.files, self.add_prefix("captcha")) captcha_field.clean(value) user = authenticate(identification=identification, password=password) if user is None: # if user was not authenticated but it does exist, then # increment the failed_login_attempts counter if not isinstance(profile.extra, dict): profile.extra = dict() if 'failed_login_attempts' not in profile.extra or\ not isinstance(profile.extra['failed_login_attempts'], int) or\ profile.extra['failed_login_attempts'] < 0: profile.extra['failed_login_attempts'] = 1 else: profile.extra['failed_login_attempts'] += 1 profile.save() # insert captcha in the form if max failed login attempts is # reached and we got an invalid login attempt if profile.extra[ 'failed_login_attempts'] >= settings.MAX_ALLOWED_FAILED_LOGIN_ATTEMPTS: self.fields.insert(0, 'captcha', CaptchaField()) raise django_forms.ValidationError( _(u"Please enter a correct " "username or email and password. Note that both fields " "are case-sensitive.")) else: # if the user was authenticated, reset the failed_login_attempts # counter if not isinstance(profile.extra, dict): profile.extra = dict() profile.extra['failed_login_attempts'] = 0 profile.save() return self.cleaned_data
def clean(self): """ Checks for the identification and password. If the combination can't be found will raise an invalid sign in error. """ identification = self.cleaned_data.get('identification') password = self.cleaned_data.get('password') if identification and password: # try to get the user object using only the identification try: if '@' in identification: auth_user = User.objects.get(email=identification) else: auth_user = User.objects.get(username=identification) except: raise django_forms.ValidationError(_(u"Please enter a correct " "username or email and password. Note that both fields " "are case-sensitive.")) profile = auth_user.get_profile() if isinstance(profile.extra, dict) and\ "failed_login_attempts" in profile.extra and\ isinstance(profile.extra['failed_login_attempts'], int) and\ profile.extra['failed_login_attempts'] >= settings.MAX_ALLOWED_FAILED_LOGIN_ATTEMPTS: captcha_field = CaptchaField() self.fields.insert(0, 'captcha', captcha_field) if 'captcha_0' not in self.data: raise django_forms.ValidationError(_(u"Please, for " u"security reasons validate the captcha")) else: value = captcha_field.widget.value_from_datadict(self.data, self.files, self.add_prefix("captcha")) captcha_field.clean(value) user = authenticate(identification=identification, password=password) if user is None: # if user was not authenticated but it does exist, then # increment the failed_login_attempts counter if not isinstance(profile.extra, dict): profile.extra = dict() if 'failed_login_attempts' not in profile.extra or\ not isinstance(profile.extra['failed_login_attempts'], int) or\ profile.extra['failed_login_attempts'] < 0: profile.extra['failed_login_attempts'] = 1 else: profile.extra['failed_login_attempts'] += 1 profile.save() # insert captcha in the form if max failed login attempts is # reached and we got an invalid login attempt if profile.extra['failed_login_attempts'] >= settings.MAX_ALLOWED_FAILED_LOGIN_ATTEMPTS: self.fields.insert(0, 'captcha', CaptchaField()) raise django_forms.ValidationError(_(u"Please enter a correct " "username or email and password. Note that both fields " "are case-sensitive.")) else: # if the user was authenticated, reset the failed_login_attempts # counter if not isinstance(profile.extra, dict): profile.extra = dict() profile.extra['failed_login_attempts'] = 0 profile.save() return self.cleaned_data