def check_captcha(captcha_code, captcha_key):
'''
:param str captcha_code: 来自用户输入
:param str captcha_key: 随图片一起返回的key
:rtype: bool
'''
captcha_field = CaptchaField()
try:
captcha_field.clean([captcha_key, captcha_code])
return True
except ValidationError:
return False
def clean(self):
"""
Checks for the identification and password.
If the combination can't be found will raise an invalid sign in error.
"""
identification = self.cleaned_data.get('identification')
password = self.cleaned_data.get('password')
if identification and password:
# try to get the user object using only the identification
try:
if '@' in identification:
auth_user = User.objects.get(email=identification)
else:
auth_user = User.objects.get(username=identification)
except:
raise django_forms.ValidationError(
_(u"Please enter a correct "
"username or email and password. Note that both fields "
"are case-sensitive."))
profile = auth_user.get_profile()
if isinstance(profile.extra, dict) and\
"failed_login_attempts" in profile.extra and\
isinstance(profile.extra['failed_login_attempts'], int) and\
profile.extra['failed_login_attempts'] >= settings.MAX_ALLOWED_FAILED_LOGIN_ATTEMPTS:
captcha_field = CaptchaField()
self.fields.insert(0, 'captcha', captcha_field)
if 'captcha_0' not in self.data:
raise django_forms.ValidationError(
_(u"Please, for "
u"security reasons validate the captcha"))
else:
value = captcha_field.widget.value_from_datadict(
self.data, self.files, self.add_prefix("captcha"))
captcha_field.clean(value)
user = authenticate(identification=identification,
password=password)
if user is None:
# if user was not authenticated but it does exist, then
# increment the failed_login_attempts counter
if not isinstance(profile.extra, dict):
profile.extra = dict()
if 'failed_login_attempts' not in profile.extra or\
not isinstance(profile.extra['failed_login_attempts'], int) or\
profile.extra['failed_login_attempts'] < 0:
profile.extra['failed_login_attempts'] = 1
else:
profile.extra['failed_login_attempts'] += 1
profile.save()
# insert captcha in the form if max failed login attempts is
# reached and we got an invalid login attempt
if profile.extra[
'failed_login_attempts'] >= settings.MAX_ALLOWED_FAILED_LOGIN_ATTEMPTS:
self.fields.insert(0, 'captcha', CaptchaField())
raise django_forms.ValidationError(
_(u"Please enter a correct "
"username or email and password. Note that both fields "
"are case-sensitive."))
else:
# if the user was authenticated, reset the failed_login_attempts
# counter
if not isinstance(profile.extra, dict):
profile.extra = dict()
profile.extra['failed_login_attempts'] = 0
profile.save()
return self.cleaned_data
def clean(self):
"""
Checks for the identification and password.
If the combination can't be found will raise an invalid sign in error.
"""
identification = self.cleaned_data.get('identification')
password = self.cleaned_data.get('password')
if identification and password:
# try to get the user object using only the identification
try:
if '@' in identification:
auth_user = User.objects.get(email=identification)
else:
auth_user = User.objects.get(username=identification)
except:
raise django_forms.ValidationError(_(u"Please enter a correct "
"username or email and password. Note that both fields "
"are case-sensitive."))
profile = auth_user.get_profile()
if isinstance(profile.extra, dict) and\
"failed_login_attempts" in profile.extra and\
isinstance(profile.extra['failed_login_attempts'], int) and\
profile.extra['failed_login_attempts'] >= settings.MAX_ALLOWED_FAILED_LOGIN_ATTEMPTS:
captcha_field = CaptchaField()
self.fields.insert(0, 'captcha', captcha_field)
if 'captcha_0' not in self.data:
raise django_forms.ValidationError(_(u"Please, for "
u"security reasons validate the captcha"))
else:
value = captcha_field.widget.value_from_datadict(self.data,
self.files, self.add_prefix("captcha"))
captcha_field.clean(value)
user = authenticate(identification=identification, password=password)
if user is None:
# if user was not authenticated but it does exist, then
# increment the failed_login_attempts counter
if not isinstance(profile.extra, dict):
profile.extra = dict()
if 'failed_login_attempts' not in profile.extra or\
not isinstance(profile.extra['failed_login_attempts'], int) or\
profile.extra['failed_login_attempts'] < 0:
profile.extra['failed_login_attempts'] = 1
else:
profile.extra['failed_login_attempts'] += 1
profile.save()
# insert captcha in the form if max failed login attempts is
# reached and we got an invalid login attempt
if profile.extra['failed_login_attempts'] >= settings.MAX_ALLOWED_FAILED_LOGIN_ATTEMPTS:
self.fields.insert(0, 'captcha', CaptchaField())
raise django_forms.ValidationError(_(u"Please enter a correct "
"username or email and password. Note that both fields "
"are case-sensitive."))
else:
# if the user was authenticated, reset the failed_login_attempts
# counter
if not isinstance(profile.extra, dict):
profile.extra = dict()
profile.extra['failed_login_attempts'] = 0
profile.save()
return self.cleaned_data
