def clear_login_attempts(self): userid = self.request.form.get('userid') user = api.user.get(userid) lockout = LockoutManager(self.context, userid) lockout.clear() lockout = LockoutManager(self.context, user.getUserName()) lockout.clear()
def authenticate(self, username=None, password=None, country=None): """ return true if successfull """ if not self.is_zope_root: manager = LockoutManager(self.context, username) if manager.maxed_number_of_attempts(): raise AuthenticationMaxedLoginAttempts() manager.add_attempt() for acl_users in self.get_acl_users(): # if not root, could be more than one to check against user = acl_users.authenticate(username, password, self.request) if user: break if user is None: return False, user if not self.is_zope_root: manager.clear() if user.getRoles() == ['Authenticated']: raise AuthenticationUserDisabled() if self.registry: allowed_countries = self.registry.get( 'plone.restrict_logins_to_countries') if allowed_countries and country: if country not in allowed_countries: if not self.country_exception_granted(user.getId()): raise AuthenticationCountryBlocked() if not self.is_zope_root: member = api.user.get(user.getId()) reset_password = member.getProperty( 'reset_password_required', False) reset_time = member.getProperty('reset_password_time', None) if reset_password and reset_time: if reset_time + (24 * 60 * 60) < time.time(): raise AuthenticationPasswordResetWindowExpired() acl_users.session._setupSession(user.getId(), self.request.response) notify(UserLoggedInEvent(user)) return True, user
def authenticate(self, username=None, password=None, country=None, login=True): """return true if successfull login: if a successful authentication should result in the user being logged in """ if not self.is_zope_root: manager = LockoutManager(self.context, username) if manager.maxed_number_of_attempts(): raise AuthenticationMaxedLoginAttempts() manager.add_attempt() for acl_users in self.get_acl_users(): # if not root, could be more than one to check against user = acl_users.authenticate(username, password, self.request) if user: break if user is None: return False, user if not self.is_zope_root: manager.clear() if user.getRoles() == ['Authenticated']: raise AuthenticationUserDisabled() if self.registry: allowed_countries = self.registry.get( 'plone.restrict_logins_to_countries') if allowed_countries and country: if country not in allowed_countries: if not self.country_exception_granted(user.getId()): raise AuthenticationCountryBlocked() if not self.is_zope_root: member = api.user.get(user.getId()) reset_password = member.getProperty('reset_password_required', False) reset_time = member.getProperty('reset_password_time', None) if reset_password and reset_time: if reset_time + (24 * 60 * 60) < time.time(): raise AuthenticationPasswordResetWindowExpired() if login: acl_users.session._setupSession(user.getId(), self.request.response) try: notify(UserLoggedInEvent(user)) except ConnectionStateError: # On root login, it's possible no db state # is loaded but the key ring needs to be rotated. # This can cause an difficult to reproduce error. # Really, we don't care so much if we see this # error here. It'll get rotated another time. pass return True, user
def __call__(self): manager = LockoutManager(self.context, self.request.get('username')) self.attempts = manager.get_attempts_this_window() self.manager = manager return self.index()