Пример #1
0
def addUser(request):
	if (request.method == 'POST'):
		login = request.body.decode("utf-8")
		parsed_json = json.loads(login)
		if (not auth.authenticate(username=parsed_json['login'], password=parsed_json['password']) and not User.objects.filter(password=parsed_json['password']).exists() and not User.objects.filter(username=parsed_json['login']).exists() and not User.objects.filter(email=parsed_json['email']).exists()):
			user = User.objects.create_user(parsed_json['login'], parsed_json['email'], parsed_json['password'])
			user.last_name = 0
			if (len(parsed_json['description'])):
				user.last_name = 1
			user.save()
			if (len(parsed_json['description'])):
			 	userProfile = UserProfile.objects.create(description=parsed_json['description'])
			 	userProfile.user_id = User.objects.get(username=parsed_json['login']).id
			 	userProfile.save()
			newuser = auth.authenticate(username=parsed_json['login'], password=parsed_json['password'])
			auth.login(request, newuser)
			return JsonResponse({'success': True, 'userId': user.id, 'worker': user.last_name })
		elif (User.objects.filter(email=parsed_json['email']).exists()):
			return JsonResponse({'errorCode': 1 })
		elif (User.objects.filter(password=parsed_json['password']).exists()):
			return JsonResponse({'errorCode': 2 })
		elif (User.objects.filter(username=parsed_json['login']).exists()):
			return JsonResponse({'errorCode': 3 })
		elif (auth.authenticate(username=parsed_json['login'], password=parsed_json['password'])):
			newuser = auth.authenticate(username=parsed_json['login'], password=parsed_json['password'])
			auth.login(request, newuser)
	else:
		return redirect('/')
Пример #2
0
    def test_add_user(self):
        """
        Tests the add_user command.
        """

        with self.assertRaises(User.DoesNotExist):
            User.objects.get(username='******')

        call_command('add_user', 'foo', 'bar', '*****@*****.**')

        user = authenticate(username='******', password='******')
        self.assertIsNotNone(user)
        self.assertFalse(user.is_superuser)
        self.assertFalse(user.is_staff)
        self.assertTrue(user.is_active)

        call_command('add_user', 'foo_admin', 'bar', '*****@*****.**', is_superuser=True)
        user = authenticate(username='******', password='******')
        self.assertIsNotNone(user)
        self.assertTrue(user.is_superuser)
        self.assertFalse(user.is_staff)
        self.assertTrue(user.is_active)

        call_command('add_user', 'foo_admin1', 'bar', '*****@*****.**', is_staff=True, is_active=False)
        user = authenticate(username='******', password='******')
        self.assertIsNotNone(user)
        self.assertFalse(user.is_superuser)
        self.assertTrue(user.is_staff)
        self.assertFalse(user.is_active)

        # Make sure no error is thrown when creating a user that already exists
        call_command('add_user', 'foo_admin1', 'bar', '*****@*****.**', is_staff=True, is_active=False)
Пример #3
0
def login_view(request):
    context = {}
    if request.user.is_authenticated():
        return HttpResponseRedirect(reverse('shirtmanager:index'))
    if request.method == "POST":
        username = request.POST.get('username')
        password = request.POST.get('password')
        user = authenticate(username=username, password=password)

        if user is None:
            try:
                email = User.objects.get(email=username)

                user = authenticate(username=email.username, password=password)
            except User.DoesNotExist:
                user = None

        if user is not None:
            login(request, user)

            return HttpResponseRedirect(reverse('shirtmanager:index'))
        else:
            messages.error(request, "Invalid credentials, please try again.")

    return render(request, 'shirtmanager/login.html', context)
Пример #4
0
def signup(request):
    if request.user and request.user.is_active:
        return redirect("hq")
    errors = {}
    email = ""
    password = ""
    if request.method == "POST":
        email = request.POST.get("email", None)
        password = request.POST.get("password", None)
        if not email:
            errors["email"] = "Please enter an email"
        elif not EMAIL_REGEX.match(email):
            errors["email"] = "Invalid email"
        if not password:
            errors["password"] = "******"
        elif len(password) < 6:
            errors["password"] = "******"
        if not len(errors):
            if User.objects.filter(email=email).exists():
                user = authenticate(username=email, password=password)
                if user is not None and user.is_active:
                    login(request, user)
                    return redirect("hq")
                errors["email"] = "Email already registered"
            else:
                User.objects.create_user(email, email, password)
                user = authenticate(username=email, password=password)
                login(request, user)
                return redirect("hq")
    d = {"errors": errors, "email": email, "password": password}
    return render(request, "signup.html", d)
Пример #5
0
def signup(request):
    print 'SIGNUP!!!!!!!!!!!!!!!!!'
    print request.session['currentUrl']
    if request.method == "POST" and 'buttonform1' in request.POST:
        form = SignupConfirmForm(request.POST)
        if form.is_valid():
            user = User.objects.create_user(
                form.cleaned_data["username"],
                form.cleaned_data["email"],
                form.cleaned_data["password"],
            )
            thisUser = authenticate(username=form.cleaned_data['username'], password=form.cleaned_data['password'])
        if thisUser is not None and thisUser.is_active:
            auth.login(request, thisUser)
            return HttpResponseRedirect(request.session['currentUrl'])
    elif request.method == "POST" and 'buttonform2' in request.POST:
            username = request.POST['username']
            password = request.POST['password']
            user = authenticate(username=username, password=password)
            if user is not None and user.is_active:
                auth.login(request, user)
                return HttpResponseRedirect(request.session['currentUrl'])
            else:
                return HttpResponse("Your username and password do not match.")
    else:
        form1 = SignupConfirmForm()
        form2 = SigninForm()
        data = {
            'form1': form1,
            'form2': form2,
        }
        return render(request, 'signup.html', data)
Пример #6
0
 def clean(self):
     username = self.cleaned_data.get('username', '').lower()
     password = self.cleaned_data.get('password', '')
     
     user = User.objects.filter(Q(username__iexact=username) | Q(email=username))
     if username and user:
         self.user_cache = authenticate(username=user[0].username, password=password)
         if self.user_cache is None:
             email_username = User.objects.filter(email=username)
             if email_username:
                 self.user_cache = authenticate(username=email_username[0].username, password=password)
             if self.user_cache is None:
                 # logging.info(" ***> [%s] Bad Login: TRYING JK-LESS PASSWORD" % username)
                 jkless_password = password.replace('j', '').replace('k', '')
                 self.user_cache = authenticate(username=username, password=jkless_password)
                 if self.user_cache is None:
                     logging.info(" ***> [%s] Bad Login" % username)
                     raise forms.ValidationError(_("Whoopsy-daisy. Try again."))
                 else:
                     # Supreme f**k-up. Accidentally removed the letters J and K from
                     # all user passwords. Re-save with correct password.
                     logging.info(" ***> [%s] FIXING JK-LESS PASSWORD" % username)
                     self.user_cache.set_password(password)
                     self.user_cache.save()
             elif not self.user_cache.is_active:
                 raise forms.ValidationError(_("This account is inactive."))
     elif username and not user:
         raise forms.ValidationError(_("That username is not registered. Create an account with it instead."))
         
     return self.cleaned_data
Пример #7
0
def login(request): 
	if request.method == 'POST':  #check to see if form has been submitted
		form = LoginForm(request.POST)  #capture data
		if form.is_valid():  #validate data
			cleaned_data = form.clean()
			username = cleaned_data['username']
   			password = cleaned_data['password']
			if username and password:
				try: #attempt to use email to login
					currentuser = User.objects.get(email = username)
					user = auth.authenticate(username = currentuser.username, password = password)
					auth.login(request, user)
					return HttpResponseRedirect('/')
					
				except: #assume that an actual username has been entered
					user = auth.authenticate(username=username, password=password)
					if user is not None and user.is_active:
						# Correct password, and the user is marked "active"
						auth.login(request, user)
						# Render home page.
						return HttpResponseRedirect('/')
					
				form = LoginForm()
				return render(request, 'login.html', {'form': form, 'form_error':True})
				
    		else:
        		# Return to login page.
				form = LoginForm()
				return render(request, 'login.html', {'form': form, 'form_error':True})
	else:
		form = LoginForm() #load blank form
	return render(request, 'login.html', {'form': form, 'form_error':False})
Пример #8
0
def registration(request):
    if request.user.is_authenticated():
        return redirect('access')
    args = {}
    args.update(csrf(request))
    args['form'] = UserCreationForm()
    if request.POST:
        newuser_form = UserCreationForm(request.POST)
        if len(request.POST.get('username')) < 6 or len(request.POST.get('username')) > 18 or not re.match(
                r'^[a-zA-Z0-9]+$', request.POST.get('username')):
            args['incorrect_login'] = "******"
            return render_to_response('registration/registration.html', args)
        if len(request.POST.get('password1')) < 6 or len(request.POST.get('password1')) > 18 or not re.match(
                r'^(?=[0-9+а-яА-ЯёЁa-zA-Z0-9]*(?=.*?\d).*)', request.POST.get('password1')):
            args['incorrect_password'] = "******"
            return render_to_response('registration/registration.html', args)
        if request.POST.get('password1') != request.POST.get('password2'):
            args['mismatch_passwords'] = "Пароли не совпадают"
            return render_to_response('registration/registration.html', args)
        if newuser_form.is_valid():
            newuser_form.save()
            auth.authenticate(username=newuser_form['username'], password=newuser_form['password1'])
            args['success_registration'] = "Поздравляем! Вы успешно зарегистрировались в системе!"
            return render_to_response('login/login.html', args)
        else:
            args['form'] = newuser_form
            args['non_unique_login'] = "******"
            return render_to_response('registration/registration.html', args)
    else:
        return render_to_response('registration/registration.html', args)
Пример #9
0
def api_fetch_api_key(request, username=REQ(), password=REQ()):
    # type: (HttpRequest, str, str) -> HttpResponse
    return_data = {} # type: Dict[str, bool]
    if username == "google-oauth2-token":
        user_profile = authenticate(google_oauth2_token=password,
                                    realm_subdomain=get_subdomain(request),
                                    return_data=return_data)
    else:
        user_profile = authenticate(username=username,
                                    password=password,
                                    realm_subdomain=get_subdomain(request),
                                    return_data=return_data)
    if return_data.get("inactive_user") == True:
        return json_error(_("Your account has been disabled."),
                          data={"reason": "user disable"}, status=403)
    if return_data.get("inactive_realm") == True:
        return json_error(_("Your realm has been deactivated."),
                          data={"reason": "realm deactivated"}, status=403)
    if return_data.get("password_auth_disabled") == True:
        return json_error(_("Password auth is disabled in your team."),
                          data={"reason": "password auth disabled"}, status=403)
    if user_profile is None:
        if return_data.get("valid_attestation") == True:
            # We can leak that the user is unregistered iff they present a valid authentication string for the user.
            return json_error(_("This user is not registered; do so from a browser."),
                              data={"reason": "unregistered"}, status=403)
        return json_error(_("Your username or password is incorrect."),
                          data={"reason": "incorrect_creds"}, status=403)
    return json_success({"api_key": user_profile.api_key, "email": user_profile.email})
def get_resource(request, file_location):
    try:
        username = request.session.get('username', None)
        remote_ip = request.META.get('REMOTE_ADDR', None)
        if remote_ip is not None:
            # Authenticated if the instance requests resource.
            instances = Instance.objects.filter(ip_address=remote_ip)
            authenticated = len(instances) > 0
        elif username is not None:
            authenticate(username=username, password="")
            # User Authenticated by this line
            authenticated = True

        if not authenticated:
            raise Exception("Unauthorized access")
        path = settings.PROJECT_ROOT + "/init_files/" + file_location
        if os.path.exists(path):
            file = open(path, 'r')
            content = file.read()
            response = HttpResponse(content)
            # Download it, even if it looks like text
            response['Content-Disposition'] = \
                'attachment; filename=%s' % file_location.split("/")[-1]
            return response
        template = get_template('404.html')
        variables = RequestContext(request, {
            'message': '%s not found' % (file_location,)
        })
        output = template.render(variables)
        return HttpResponse(output)
    except Exception as e:
        logger.debug("Resource request failed")
        logger.exception(e)
        return HttpResponseRedirect(settings.REDIRECT_URL + "/login")
Пример #11
0
 def test_authenticate(self):
     get_user_model()._default_manager.create_user(**self.user_data)
     user = authenticate(username='******', password='******')
     self.assertEqual(None, user)
     user = authenticate(username='******', password='******')
     db_user = User.objects.get(username='******')
     self.assertEqual(user.id, db_user.id)
Пример #12
0
def login_user(request):
    state = "Please log in below..."
    template="index.html"
    salon = None
    username = password = ''
    client_id=''
    if request.POST:
        username = request.POST.get('username')
        password = request.POST.get('password')
        user=None
        
        #print username;
        #print password;
        try :
            user=User.objects.get(email=username);
            if user is not None:
                user=authenticate(username=user.username,password=password)
            else :
                user = authenticate(username=username, password=password)
        except :
            user = authenticate(username=username, password=password)
            state="user is none"
        if user is not None:
     
            if user.is_active:
                login(request, user)                
            else:
                state = "Your account is not active, please contact the site admin."
        else:
            state = "Your username and/or password were incorrect."
    page_context={"state":state}
    return render_to_response(template,page_context, context_instance=RequestContext(request))  
Пример #13
0
    def create_user(self):
        from django.contrib.auth import authenticate, login
        from django.contrib.auth.models import User                

        if self.request.method == 'POST':
            form = UserForm(self.request.POST)
    
            if form.is_valid():
                name = form.cleaned_data['fb_id']
                password = form.cleaned_data['name']
                
                #if the user already exists, log them in, o/w create them         
                user = authenticate(username=name, password=password)
                if user is not None:
                    login(self.request, user)
                else:        
                    user = User.objects.create_user(name, '', password)
                    user.save()
                    user = authenticate(username=name, password=password)
                    login(self.request, user)                
        else:
            #if a mobile user goes to the non mobile site, redirect them to the mobile site
            if self.request.MOBILE and not self.mobile:
                return HttpResponseRedirect(reverse('pickup_finder.views.mobile_home'))
            form = UserForm()

        if self.request.user.is_authenticated():
            if self.mobile:
                return HttpResponseRedirect(reverse('pickup_finder.views.mobile_view_games'))
            else:
                return HttpResponseRedirect(reverse('pickup_finder.views.dashboard'))
            
        context = RequestContext(self.request, {'form' : form, 'facebook_id' : APIKeys.FACEBOOK_PROD, 'mobile' : self.mobile})
        return render_to_response("index.html", context)             
Пример #14
0
def lti(request, gid):
    graph = get_object_or_404(Graphs, pk=gid)

    if request.method != 'POST' or 'oauth_consumer_key' not in request.POST:
        return HttpResponse("Improper LTI request method", status=405)

    # confirm oauth credentials with ims_lti tool
    tool_provider = DjangoToolProvider(graph.lti_key, graph.lti_secret, request.POST)
    try:
        if tool_provider.valid_request(request) is False:
            raise PermissionDenied()
    except:
        raise PermissionDenied()

    # build username from userid
    userid = getattr(tool_provider, "user_id", None)
    if userid is None: raise PermissionDenied()

    username = "******" % (userid)

    # try to get the user
    user = authenticate(username=username)
    if user is None:
        u = User.objects.create_user(username=username)
        u.set_unusable_password()
        u.save()
        user = authenticate(username=username)

    # have the user ready to go, login
    login(request, user)

    # LTI user logged in, forward to map
    return HttpResponseRedirect(reverse("maps:display", kwargs={"gid":gid}))
Пример #15
0
def autenticar(request, matricula, rowguid):
    aluno = PreInscricao.objects.get(matricula=matricula)

    try:
        user = aluno.user_info.user
        user = authenticate(username=matricula, password=rowguid)
        if not user:
            user = aluno.user_info.user
            user.backend = 'django.contrib.auth.backends.ModelBackend'
        login(request, user)
        request.session['site_interno'] = True

        return HttpResponseRedirect(reverse('portal.accounts.views.user_info', args=[request.user.id,]))
    except:
        aluno_role = UserDisciplineRole.objects.student_role()
        User.objects.create_user(aluno.email, aluno.email, rowguid).save()
        user = authenticate(username=aluno.email, password=rowguid)
        user_info = UserInfo(name=aluno.nome,city=aluno.cidade,province=aluno.estado,email=aluno.email, user=user, birth_date=aluno.data_nasc)
        user_info.save()
        aluno.user_info = user_info
        aluno.save()
        login(request, user)

        institutions = set()
        courses      = set()

        for id_disc in aluno.disciplinas:
            try:
                disciplina = DisciplineMetadata.objects.get(cod_turma=id_disc, periodo=PERIODO_ATUAL).discipline

                institutions.add(disciplina.course.institution.id)
                courses.add(disciplina.course.id)

                #Associando a disciplina ao aluno
                queryset = RelUserDiscipline.objects.filter(role=aluno_role, user=user_info, discipline=disciplina, period=PERIODO_ATUAL)
                if not queryset.exists():
                    RelUserDiscipline(user=user_info, discipline=disciplina, role=aluno_role, period=PERIODO_ATUAL).save()

                #Associando o aluno ao curso
                queryset = RelUserCourse.objects.filter(role=UserCourseRole.objects.student_role(), user=user_info, course=disciplina.course, period=PERIODO_ATUAL)
                if not queryset.exists():
                    RelUserCourse(role=UserCourseRole.objects.student_role(), user=user_info, course=disciplina.course, period=PERIODO_ATUAL).save()

                #Associando o aluno à instituição de ensino
                queryset = RelUserInstitution.objects.filter(role=UserInstitutionRole.objects.student_role(), user=user_info, institution=disciplina.course.institution, period=PERIODO_ATUAL)
                if not queryset.exists():
                    RelUserInstitution(role=UserInstitutionRole.objects.student_role(), user=user_info, institution=disciplina.course.institution, period=PERIODO_ATUAL).save()
            except Exception, e:
                logging.exception(e)
                logging.error("[confirma_adicionar_aluno] - Nao foi possivel localizar a disciplina %s" % id_disc)

        #Para cada uma das instituicoes afetadas
        for inst in institutions:
            rebuild_caches_institution(inst) #Reconstroi a sua cache
        #Para cada um dos cursos afetados
        for course in courses:
            rebuild_caches_course(course)

        request.session['site_interno'] = True
        return HttpResponseRedirect(reverse('portal.accounts.views.user_info', args=[request.user.id,]))
Пример #16
0
def weibo_auth_end(request):
    code   = request.GET['code']
    client = APIClient(app_key=weibo_app_key, app_secret=weibo_app_secret, redirect_uri=weibo_call_back)
    r      = client.request_access_token(code)

    uid          = r.uid
    access_token = r.access_token 
    expires_in   = r.expires_in 

    client.set_access_token(access_token, expires_in)

    response = HttpResponseRedirect("/")

    response.set_cookie('token', access_token)
    response.set_cookie('expires_in', str(int(expires_in)))
    response.set_cookie('weibo_uid', str(uid))

    show=client.users.show.get(access_token=access_token, uid=uid)

    username   = '******' + str(uid)
    password   = '******'
    first_name = 'weibo'
    last_name  = show['screen_name']

    user = auth.authenticate(username=username, password=password)
    if user is None:
        user = User.objects.create_user(username=username, password=password)
        user.first_name = first_name
        user.last_name  = last_name
        user.save()

    user = auth.authenticate(username=username, password=password)
    auth.login(request, user)

    return response
Пример #17
0
def process_registration(request):
    #See if registration already exists.  If yes + correct PW, login + index.html.  If yes + wrong PW, back to register
    username = request.POST['username']
    password = request.POST['password']

    user = authenticate(username=username, password=password)

    if user is not None:
        if user.is_active:
            login(request, user)
            return HttpResponseRedirect(reverse('homePage'))
        else:
            messages.success(request, "you're a user, but you have been disabled.")
            return HttpResponseRedirect(reverse('registration'))
    else:
        #If username isn't taken, create user and login
        try:
            new_user = User.objects.create_user(username=username, password=password)
            new_user.save()

        except:  #TODO: specify exception classes
            messages.error(request, "Failed on create new user.  Username is probably taken, try another.")
            return HttpResponseRedirect(reverse('registration'))

        try:
            #Now that the user has been created, we can authenticate with the user/pass we used to create them
            user_trying_again = authenticate(username=username, password=password)
            login(request, user_trying_again)
        except:
            messages.error(request, "Login failed after (possibly) creating user " + str(new_user))

        return HttpResponseRedirect(reverse('homePage'))
Пример #18
0
def register_loginza_user(uid, provider, defaults, request):
    """
    Register user in the system from Loginza OpenID
    :rtype: Profile
    """
    # Check if user already exists but uses different OpenID
    if 'email' in defaults:
        try:
            user = Profile.objects.get(email=defaults['email'])
        except Profile.DoesNotExist:
            pass
        else:
            user = authenticate(email=user.email)
            auth_login(request, user)
            return user

    user, created = Profile.objects.get_or_create(uid=uid, provider=provider,
                                                  is_active=True, defaults=defaults)
    if created:
        user.set_unusable_password()
        user.save()
        transfer_objects(request.user, user)
    user = authenticate(uid=uid, provider=provider)
    if user.is_active:
        auth_login(request, user)
    return user
Пример #19
0
 def testFullProcess(self):
     """ 
     Tests the full registration process for new accounts
     """
     post_data = {
         'username' : 'testActivationCodeUser',
         'email' : '*****@*****.**',
         'password1' : 'password',
         'password2' : 'password',
         'name' : 'pen_name',
         'date_of_birth_year' : 1986,
         'date_of_birth_month' : 8,
         'date_of_birth_day' : 16,
         'timezone' : 'Europe/London',
         'country' : 'GB',
     }
     response = self.client.post(reverse('accounts:register'), post_data)
     self.assertEqual(response.status_code, 302)
     self.assertRedirects(response, reverse('accounts:register-done'))
     self.assertEqual(len(mail.outbox), 1)
     self.assertEqual(mail.outbox[0].subject, 'Welcome to RPG Engine!')
     user = authenticate(username='******', 
                         password='******')
     self.assertFalse(user.is_active)
     user = User.objects.get(username="******")
     response = self.client.get(reverse('accounts:activate', args=[
                   user.registrationprofile_set.all()[0].activation_key]))
     self.assertEqual(response.status_code, 302)
     self.assertRedirects(response, reverse('accounts:activate-done'))
     user = authenticate(username='******', 
                         password='******')
     self.assertTrue(user.is_active)
Пример #20
0
 def test_user_can_authenticate_with_username_parameter(self):
     auth = authenticate(username=self.email, password=self.password)
     self.assertEquals(self.user, auth)
     # Invalid username should be ignored
     auth = authenticate(email=self.email, password=self.password,
                         username='******')
     self.assertEquals(self.user, auth)
Пример #21
0
def login(request):
    """Procesa el login"""
    if not request.user.is_authenticated():
        username = request.POST.get('correo')
        password = request.POST.get('password')
        user = auth.authenticate(username=username, password=password)
        if user is not None:
            if user.is_active:
                auth.login(request, user)
                messages.success(request, '¡Bienvenido!')
            else:
                messages.error(request, 'Lo sentimos, esta cuenta está desactivada')
        else:
            # buscamos el correo, si no existe, lo mandamos a registro
            if existe_usuario(email=request.POST.get('correo', '')):
                messages.error(request, 'contraseña incorrecta')
            else:
                # lo procedemos a inscribir
                formulario = APILoginForm(request.POST)
                if formulario.is_valid():
                    nuevo_usuario = MODELO_USUARIO(username=username, email=username)
                    nuevo_usuario.set_password(password)
                    nuevo_usuario.save()
                    user = auth.authenticate(username=username, password=password)
                    auth.login(request, user)
                    messages.success(request, 'Te has registrado!!')
                    messages.info(request, 'Termina de llenar tu perfil')
                    return HttpResponseRedirect('/perfil')
                else:
                    messages.warning(request, 'datos de registro inválidos')
                    return HttpResponseRedirect('/')
            messages.error(request, 'Nadie registrado con ese correo, verifique por favor')
    else:
        messages.warning(request, 'Ya tienes una sesión')
    return HttpResponseRedirect('/')
Пример #22
0
    def test_delete(self):
	view_name='user_delete'
	"""
	User logged in should be able to delete user
	UMCloudDj.views.user_delete
        """
	self.c = Client();
	self.user = User.objects.get(username="******")
        self.user.set_password('hello') 
        self.user.save()
        self.user = authenticate(username='******', password='******') 
        login = self.c.login(username='******', password='******') 

	testuser2 = User.objects.get(username="******")
        testuser2id = testuser2.id;

        requesturl = reverse(view_name, kwargs={'pk':testuser2id})
        response = self.c.get(requesturl)
        self.assertEquals(response.status_code,200)

	view_name="user_delete"
	"""
	Logged in user deleting unknown user: 4040
	UMCloudDj.views.user_delete
	"""
	self.c = Client();
        self.user = User.objects.get(username="******")
        self.user.set_password('hello')
        self.user.save()
        self.user = authenticate(username='******', password='******')
        login = self.c.login(username='******', password='******')

	requesturl = reverse(view_name, kwargs={'pk':42})
	response = self.c.get(requesturl)
	self.assertEqual(response.status_code, 404)
Пример #23
0
    def test_authentication(self):
        auth_user = authenticate(username=self.my_user.email, password=self.my_user_raw_password)
        self.assertEqual(auth_user, self.my_user)

        auth_user = authenticate(username='******',
                                  password='******')
        self.assertIsNone(auth_user)
Пример #24
0
def make_and_login_participant(id_string, request):
    """ If there is a participant with this id_string, log them in. If
    not, create one and log them in.  See:
    http://stackoverflow.com/questions/3222549/
       how-to-automatically-login-a-user-after-registration-in-django
    """
    # you'd better check before invoking this function.
    assert request.user.is_staff
    participant = get_object_or_404(Participant, id_string=id_string)
    if not participant.user:
        assert participant.user is None  # do not mock this line.
        new_user = User()
        new_user.set_unusable_password()
        new_user.username = id_string
        new_user.save()
        participant.user = new_user
        participant.save()
    participant.user.backend = 'django.contrib.auth.backends.ModelBackend'
    assert participant.user is not None
    messages.info(request, "Logged in!")
    authenticate(
        username=participant.user.username,
        password=participant.user.password)
    login(request, participant.user)
    return participant
Пример #25
0
def openid_done(request, provider=None):
    """
    When the request reaches here, the user has completed the Openid
    authentication flow. He has authorised us to login via Openid, so
    request.openid is populated.
    After coming here, we want to check if we are seeing this openid first time.
    If we are, we will create a new Django user for this Openid, else login the
    existing openid.
    """
    if not provider:
        provider = request.session.get("openid_provider", "")
    if hasattr(request, "openid") and request.openid:
        # check for already existing associations
        openid_key = str(request.openid)

        if request.user and request.user.is_authenticated():
            res = authenticate(openid_key=openid_key, request=request, provider=provider, user=request.user)
            if res:
                return HttpResponseRedirect(ADD_LOGIN_REDIRECT_URL + "?add_login=true")
            else:
                return HttpResponseRedirect(ADD_LOGIN_REDIRECT_URL + "?add_login=false")
        else:
            # authenticate and login
            user = authenticate(openid_key=openid_key, request=request, provider=provider)
            if user:
                login(request, user)
                if "openid_next" in request.session:
                    openid_next = request.session.get("openid_next")
                    if len(openid_next.strip()) > 0:
                        return HttpResponseRedirect(openid_next)
                return HttpResponseRedirect(LOGIN_REDIRECT_URL)
            else:
                return HttpResponseRedirect(LOGIN_URL)
    else:
        return HttpResponseRedirect(LOGIN_URL)
Пример #26
0
def linkedin_login_done(request):
    request_token = request.session.get("linkedin_request_token", None)

    # If there is no request_token for session
    # Means we didn't redirect user to linkedin
    if not request_token:
        # Send them to the login page
        return HttpResponseRedirect(reverse("socialauth_login_page"))

    linkedin = LinkedIn(LINKEDIN_CONSUMER_KEY, LINKEDIN_CONSUMER_SECRET)
    verifier = request.GET.get("oauth_verifier", None)
    access_token = linkedin.getAccessToken(request_token, verifier)

    request.session["access_token"] = access_token
    if request.user and request.user.is_authenticated():
        res = authenticate(linkedin_access_token=access_token, user=request.user)
        if res:
            return HttpResponseRedirect(ADD_LOGIN_REDIRECT_URL + "?add_login=true")
        else:
            return HttpResponseRedirect(ADD_LOGIN_REDIRECT_URL + "?add_login=false")
    else:
        user = authenticate(linkedin_access_token=access_token)

        # if user is authenticated then login user
        if user:
            login(request, user)
        else:
            # We were not able to authenticate user
            # Redirect to login page
            del request.session["access_token"]
            del request.session["request_token"]
            return HttpResponseRedirect(reverse("socialauth_login_page"))

        # authentication was successful, use is now logged in
        return HttpResponseRedirect(LOGIN_REDIRECT_URL)
Пример #27
0
 def _func(request, *args, **kwargs):
   user = getattr(request, 'user', None)
   is_authenticated = getattr(user, 'is_authenticated', lambda: False)
   if ((user is not None 
         and callable(is_authenticated) and not is_authenticated()) 
       or user is None):
     user = None
     try:
       creds = args[:2]
       user = authenticate(username=creds[0], password=creds[1])
       if user is not None:
         args = args[2:]
     except IndexError: 
       if 'username' in kwargs and 'password' in kwargs:
         user = authenticate(username=kwargs['username'],
                             password=kwargs['password'])
         if user is not None:
           kwargs.pop('username')
           kwargs.pop('password')
       else:
         raise InvalidParamsError(
           'Authenticated methods require at least '
           '[username, password] or {username: password:} arguments')
     if user is None:
       raise InvalidCredentialsError
     request.user = user
   return func(request, *args, **kwargs)
Пример #28
0
def reg_or_bind(request, uid, thrid, name='', avatar=''):
    if request.user.is_authenticated():  # login, bind new thrid account
        if not is_bound_by_other(request.user, uid, thrid):
            print 'bind new third account', uid
            to_eval = 'bind_%s_account(request.user,uid)' % thrid.lower()
            eval(to_eval)
            return HttpResponseRedirect('/account/')
        else:
            return HttpResponseRedirect('/login/bound/')
    else:  # loggout or create new
        if not is_existed(uid):  # not is User.username
            account = is_bound(uid, thrid)
            if account:  # in Account.weibo_uid\douban_uid\qq_number
                print 'login bound third account', uid
                print 'user.username', account.user.username
                user = authenticate(uid=account.user.username)
                login(request, user)
                return HttpResponseRedirect('/account/')
            else:  # create new account
                print 'create new account', uid
                to_eval = 'create_%s_account(uid=uid,name=name,avatar=avatar)' % thrid.lower(
                )
                account = eval(to_eval)
                login(request, account.user)
                return HttpResponseRedirect('/account/')
        else:  # login
            print 'login account', uid
            user = authenticate(uid=uid)
            login(request, user)
            return HttpResponseRedirect('/account/')
Пример #29
0
def login(request):
    if request.method == 'POST':
        try:
            user = request.POST['user'].strip()
            pwd = request.POST['pwd'].strip()
        except:
            return HttpResponseBadRequest()
        from django.contrib.auth import authenticate, login
        auth = authenticate(username = user , password = pwd)
        if auth is not None:
           login(request, auth)
           return HttpResponse()
        else:
            url = 'http://ws.espol.edu.ec/saac/wsandroid.asmx?WSDL' #http://ws.espol.edu.ec/saac/wsandroid.asmx?WSDL
            imp = Import('http://www.w3.org/2001/XMLSchema')
            imp.filter.add('http://tempuri.org/')
            doctor = ImportDoctor(imp)
            client = Client(url, doctor=doctor)
            auth = client.service.autenticacion(user,pwd)
            if auth == True:
                auth = User.objects.create_user(username=user, password=pwd)
                auth.save()
                auth = authenticate(username = user , password = pwd)
                login(request, auth)
                return HttpResponse()
            else:
                return HttpResponseBadRequest()
    else:
        return HttpResponseBadRequest()
Пример #30
0
    def clean(self):
        data = self.cleaned_data  # pylint: disable=no-member
        username = data.get('username')
        password = data.get('password')

        user = authenticate(username=username, password=password)

        # If the username was not found try the user using username as
        # the email address. It is valid because the edx-platform has
        # a unique constraint placed on the email field.
        if user is None:
            try:
                user_obj = User.objects.get(email=username)
                user = authenticate(username=user_obj.username, password=password)
            except User.DoesNotExist:
                user = None

        if (
            user is None
            # TODO This is a temporary workaround while the is_active field on the
            # user is coupled with whether or not the user has verified ownership
            # of their claimed email address.  Once is_active is decoupled from
            # verified_email, we can uncomment the following line.
            # or not user.is_active
        ):
            raise OAuthValidationError({'error': 'invalid_grant'})

        data['user'] = user
        return data
Пример #31
0
            password = form.cleaned_data['password']

            try:
                validate_email(username_or_email)
            except Exception, e:
                username = username_or_email
            else:
                email = username_or_email
                try:
                    user = User.objects.get(email=email)
                except Exception, e:
                    username = ''
                else:
                    username = user.username

            user = authenticate(username=username, password=password)
            login_error = False
            if user is not None and not user.groups.filter(
                    name__exact='strangers').count():
                if user.is_active:
                    django_user_login(request, user)
                    next_page = request.GET.get('next')
                    if (next_page):
                        return HttpResponseRedirect(next_page)
                    else:
                        return HttpResponseRedirect(
                            reverse('bitfund.core.views.index'))
                else:
                    login_error = 'your account is disabled'
            else:
                login_error = 'login / password key pair is wrong'
Пример #32
0
def test_login(request):
    test_user = authenticate(username='******', password='******')
    login(request, test_user)
    return redirect('/polls/new')
Пример #33
0
    def clean(self):
        user = authenticate(username=self.cleaned_data.get('username'))

        return self.cleaned_data
Пример #34
0
 def validate(self, data):
     user = authenticate(**data)
     if user and user.is_active:
         return user
     raise serializers.ValidationError("Incorrect Credentials")
Пример #35
0
def token(request):
    data = request.data
    err = {}
    expire = 3600*720
    if 'clientid' not in data:
        err['clientid'] = 'required'
    if 'clientsecret' not in data:
        err['clientsecret'] = 'required'
    if 'granttype' not in data:
        err['granttype'] = 'required'
    if err:
        return Response({'error/s':err},status= status.HTTP_400_BAD_REQUEST)
    if data['granttype'] == 'password':
        if 'username' not in data:
            err['username'] = '******'
        if 'password' not in data:
            err['password'] = '******'
        if 'usertype' not in data:
            err['usertype'] = 'required'
        else:
            if data['usertype'] not in ('intern','company'):
                err['usertype'] = 'invalid user'
    elif data['granttype'] == 'refeshtoken':
        if 'refreshtoken' not in data:
            err['refreshtoken'] = 'required'
    else:
        return Response({'error':'unsupported grant type'})
    if err:
        return Response({'error/s':err},status= status.HTTP_400_BAD_REQUEST)
    else:
        client = Client.objects.filter(client_id = data['clientid'],client_secret = data['clientsecret'])
        if client.exists():
            if data['granttype'] == 'password':
                if data['usertype'] == 'intern':
                    user = Intern.objects.select_related('user__user','sub').filter(user__user__email = data['username'])
                if data['usertype'] == 'company':
                    user = Company_User.objects.select_related('user__user').filter(user__user__email = data['username'])
                if not user.exists():
                    return Response({'error':'Invalid user'},status= status.HTTP_401_UNAUTHORIZED)
                else:
                    user = list(user)[0]
                auth = authenticate(username=data['username'], password=data['password'])
                if auth:
                    if 'sub' in request.GET and data['usertype'] == 'company' and request.GET['sub'] !='main':
                        if user.sub.link != request.GET['sub']:
                            return Response({'error':'Invalid Credentials'},status=status.HTTP_401_UNAUTHORIZED)
                    token = AuthToken(client = list(client)[0],user = user.user.user,expires = expire)
                    token.save()
                    return Response({
                        'token':token.token,
                        'refreshtoken':token.refresh_token,
                        'expires':token.expires,
                        'user':data['username']
                    })
                else:
                    return Response({'error':'Invalid Credentials'},status=status.HTTP_401_UNAUTHORIZED)
            elif data['granttype'] == 'refeshtoken':
                token = AuthToken.objects.select_related('user').filter(refresh_token = data['refreshtoken'])
                if token.exists() and not token.first().revoked:
                    if (datetime.now - token.added).total_seconds > token.expire :
                        return Response({'error':'time expired'},status= status.HTTP_401_UNAUTHORIZED)
                    token = list(token)[0]
                    refresh(token)
                    return Response({
                        'token':token.token,
                        'refreshtoken':token.refresh_token,
                        'expires':token.expires,
                        'user':token.user.username
                    })
                else:
                    err = 'invalid token'
            else:
                return Reponse({'error':'unsupported grant type'})
        else:
            err = 'invalid client'
    return Response({'error/s':err},status= status.HTTP_400_BAD_REQUEST)
def login(request):
    if request.method == 'POST':
        name=request.POST['name']
        password=request.POST['password']
        user=authenticate(request, us)
    return render(request,'authentication/login.html')
Пример #37
0
    def test_authenticate_no_code(self):
        user = authenticate(self.request)

        self.assertIs(user, None)
Пример #38
0
 def test_authenticates(self):
     self.assertEqual(authenticate(username='******', password='******'), self.user1)
Пример #39
0
 def create_user_and_login(self, username: str, password: str):
     User.objects.create_user(username=username, password=password)
     user = authenticate(self.request, username=username, password=password)
     if user is not None:
         login(self.request, user)
Пример #40
0
 def form_valid(self, form):
     response = super(RegistrationView, self).form_valid(form)
     user = authenticate(username=form.cleaned_data["username"],
                         password=form.cleaned_data["password1"])
     login(self.request, user)
     return response
Пример #41
0
def jwt_get_username_from_payload_handler(payload):
    username = payload.get('sub')
    authenticate(remote_user=username)
    return username
Пример #42
0
 def clean(self):
     email = self.cleaned_data['email']
     password = self.cleaned_data['password']
     if not authenticate(email=email, password=password):
         raise forms.ValidationError("Invalid login")
Пример #43
0
 def test_permission_denied(self):
     "user is not authenticated after a backend raises permission denied #2550"
     self.assertEqual(authenticate(username='******', password='******'), None)
Пример #44
0
    def login(self, request, **kwargs):
        self.method_check(request, allowed=['post'])

        data = self.deserialize(request,
                                request.body,
                                format=request.META.get(
                                    'CONTENT_TYPE', 'application/json'))
        email = data.get('email')
        new_user = False
        try:
            user = User.objects.get(email=email)
            new_user = False
        except User.DoesNotExist:
            u = User()
            u.email = data.get('email')
            u.first_name = data.get('first_name', "")
            u.last_name = data.get('last_name', "")
            u.profile_pic_url = data.get('profile_pic_url', "")
            u.details = data.get('details', "")
            u.user_type = data.get('user_type')
            u.save()
            new_user = True
        user = authenticate(email=email)
        if user and request.GET.get('type') == 'user':
            if user.user_type > 0:
                return self.create_response(
                    request, {
                        'success':
                        False,
                        'details':
                        'An vendor account is existed with the same email, try to login with another email'
                    })
            login(request, user)
            bundle = self.build_bundle(obj=user, request=request)
            bundle = self.full_dehydrate(bundle)
            return self.create_response(
                request, {
                    'success': True,
                    'sessionKey': request.session.session_key,
                    'user': bundle,
                    'new_user': new_user
                })
        elif user and request.GET.get('type') == 'vendor':
            if user.user_type == 0:
                return self.create_response(
                    request, {
                        'success':
                        False,
                        'details':
                        'An User account is existed with the same email, try to login with another email'
                    })
            login(request, user)
            bundle = self.build_bundle(obj=user, request=request)
            bundle = self.full_dehydrate(bundle)
            return self.create_response(
                request, {
                    'success': True,
                    'sessionKey': request.session.session_key,
                    'user': bundle,
                    'new_user': new_user
                })

        else:
            return self.create_response(request, {
                'success': False,
                'details': 'login failed'
            })
Пример #45
0
 def clean(self):
     username = self.cleaned_data['username']
     password = self.cleaned_data['password']
     if not authenticate(username=username, password=password):
         raise forms.ValidationError(self.error_messages['password_incorrect'], code='password_incorrect', )
     return self.cleaned_data
Пример #46
0
 def clean_old_password(self):
     if not authenticate(username=self.username,
                         password=self.cleaned_data.get('old_password')):
         raise ValidationError('旧密码输入错误')
     else:
         return self.cleaned_data.get('old_password')
Пример #47
0
    def post(self, request):
        body = json.loads(request.body)

        if not body.get('method'):
            return Response(status=400)

        if body['method'] == 'google':

            try:
                googleUser = id_token.verify_oauth2_token(
                    body['id_token'], requests.Request(),
                    settings.GOOGLE_CLIENT_ID)
            except Exception as ex:
                return Response(str(ex),
                                status=status.HTTP_404_NOT_FOUND,
                                template_name=None,
                                content_type=None)

            if googleUser['iss'] not in [
                    'accounts.google.com', 'https://accounts.google.com'
            ]:
                return Response(data={"Google internal problem."}, status=400)

            try:
                user = User.objects.get(email=googleUser['email'])

            except Exception as ex:
                if body.get('email'):
                    username = body['email']
                    password = User.objects.make_random_password()
                    user = User.objects.create_user(username, username)
                    user.set_password(password)
                    token, _ = Token.objects.get_or_create(user=user)
                    print("google - created account for ", username)
                    return Response({'token': token.key}, status=200)

                else:
                    return Response(data={"Error creating google account."},
                                    status=400)

            print("google - logged on ", body['email'])
            token, _ = Token.objects.get_or_create(user=user)
            return Response({'token': token.key}, status=200)

        if (body['method'] == 'password'):

            if body.get('email'):
                try:
                    username = User.objects.get(email=body['email']).username
                except User.DoesNotExist:
                    return Response(data={"Email not registered."}, status=400)

            elif body.get('username'):
                username = body['username']

            else:
                return Response(data={"Username not registered."}, status=400)

            if not body.get('password'):
                return Response(data={"Missing or invalid password."},
                                status=400)

            user = authenticate(username=username, password=body['password'])

            if user is None:
                return Response(data={"Username or password invalid."},
                                status=400)

            token, _ = Token.objects.get_or_create(user=user)

            return Response({'token': token.key}, status=200)

        else:
            return Response(data={"Missing authentication method."},
                            status=400)
Пример #48
0
def home_view(request):
    context = common_data()
    context['active'] = 'home'
    context['company'] = CompanyRegister
    context['candidate'] = CandidateRegister
    context['loginform'] = LoginForm
    context['categories'] = models.CategoryModel.objects.all()
    context['posts'] = CompanyVacancy.objects.all()[:4]
    if not request.user.is_authenticated:

        if request.method == "POST":
            if request.is_ajax():

                country = request.POST.get('country')
                countryModel = CountryModel.objects.filter(id=int(country)).last()
                data = CityModel.objects.filter(country=countryModel)
                result = []
                for i in data:
                    obj = {
                        'name': i.name,
                        'id': i.id
                    }
                    result.append(obj)
                return JsonResponse({
                    'data': result
                })
            if 'company' in request.POST:
                form = CompanyRegister(request.POST)
                if form.is_valid():
                    user = form.save(commit=False)
                    # user.username = user.email
                    user.set_password(request.POST.get('password1'))
                    user.check = 'COM'
                    user.city = CityModel.objects.filter(id=request.POST.get('city')).last()
                    user.is_active = False
                    user.save()
                    messages.info(
                        request, 'please verify your email'
                    )
                    return redirect('home')
                else:
                    context['company'] = form
            elif 'candidate' in request.POST:
                print('ASDGRHJM')
                form = CandidateRegister(request.POST)
                if form.is_valid():
                    user = form.save(commit=False)
                    # user.username = user.email
                    user.set_password(request.POST.get('password1'))
                    user.check = 'CAN'
                    user.is_active = False
                    user.save()
                    messages.info(
                        request, 'please verify your email'
                    )
                    return redirect('home')
                else:
                    context['candidate'] = form
            else:
                login_form = LoginForm(request.POST)
                if login_form.is_valid():

                    username = login_form.cleaned_data.get('username')
                    password = login_form.cleaned_data.get('password')
                    user = authenticate(username=username, password=password)

                    if user:
                        if user.is_active:
                            login(request, user)

                            return redirect('home')
    else:
        apply = notifications(request)
        context['notifications'] = apply
    context['comps'] = MyUser.objects.filter(check='COM')[1:]

    return render(request, 'home.html', context)
Пример #49
0
def login(request):
	user = auth.authenticate(uid=request.GET.get('token'))
	if user:
		auth.login(request, user)
	return redirect('/')
Пример #50
0
    def get(self, request):
        app = request.query_params.get('app', c.GURU)
        redirect_uri = '{}/auth/login-callback'.format(
            settings.FRONTEND_URL
        )
        if app == c.USERS:
            redirect_uri = '{}/auth/login-callback'.format(
                settings.GLUU_USER_APP
            )
        query_params = {
            'code': request.query_params.get('code', ''),
            'redirect_uri': redirect_uri,
            'state': request.query_params.get('state', '')
        }
        token_json = api.get_token_from_callback(query_params)
        access_token = token_json.get('access_token')
        id_token = token_json.get('id_token')
        if not access_token:
            raise e.OxdError('Invalid token')
        user = authenticate(
            request, access_token=access_token, id_token=id_token
        )
        if user is not None:
            company = user.company
            if not company:
                domain = user.email
                email_parts = user.email.split('@')

                if len(email_parts) > 1:
                    domain = email_parts[1]

                companies = m.Company.objects.filter(
                    website__icontains=domain
                )
                if companies.count() == 1:
                    membership, created = m.Membership.objects.get_or_create(
                        user=user,
                        company=companies[0]
                    )
                    if created:
                        membership.role = im.UserRole.objects.get(name='user')
                    membership.is_primary = True
                    membership.save()

                else:
                    company = m.Company.objects.create(
                        name=user.email
                    )
                    m.Membership.objects.create(
                        user=user,
                        company=company,
                        role=im.UserRole.objects.get(name='admin'),
                        is_primary=True
                    )

            user_serializer = s.UserSerializer(user)
            return Response(
                {
                    'results': user_serializer.data
                },
                status=status.HTTP_200_OK
            )

        return Response(
            {
                'user': '******'
            },
            status=status.HTTP_403_FORBIDDEN
        )
Пример #51
0
    def __call__(self, request, invitation_id, **kwargs):
        logging.info("Don't use this view in more apps until it gets cleaned up.")
        # add the correct parameters to this instance
        self.request = request
        self.inv_id = invitation_id
        if 'domain' in kwargs:
            self.domain = kwargs['domain']

        if request.GET.get('switch') == 'true':
            logout(request)
            return redirect_to_login(request.path)
        if request.GET.get('create') == 'true':
            logout(request)
            return HttpResponseRedirect(request.path)

        try:
            invitation = Invitation.get(invitation_id)
        except ResourceNotFound:
            messages.error(request, _("Sorry, it looks like your invitation has expired. "
                                      "Please check the invitation link you received and try again, or request a "
                                      "project administrator to send you the invitation again."))
            return HttpResponseRedirect(reverse("login"))
        if invitation.is_accepted:
            messages.error(request, _("Sorry, that invitation has already been used up. "
                                      "If you feel this is a mistake please ask the inviter for "
                                      "another invitation."))
            return HttpResponseRedirect(reverse("login"))

        self.validate_invitation(invitation)

        if invitation.is_expired:
            return HttpResponseRedirect(reverse("no_permissions"))

        # Add zero-width space to username for better line breaking
        username = self.request.user.username.replace("@", "&#x200b;@")
        context = {
            'create_domain': False,
            'formatted_username': username,
            'domain': self.domain,
            'invite_to': self.domain,
            'invite_type': _('Project'),
            'hide_password_feedback': settings.ENABLE_DRACONIAN_SECURITY_FEATURES,
        }
        if request.user.is_authenticated:
            context['current_page'] = {'page_name': _('Project Invitation')}
        else:
            context['current_page'] = {'page_name': _('Project Invitation, Account Required')}
        if request.user.is_authenticated:
            is_invited_user = request.couch_user.username.lower() == invitation.email.lower()
            if self.is_invited(invitation, request.couch_user) and not request.couch_user.is_superuser:
                if is_invited_user:
                    # if this invite was actually for this user, just mark it accepted
                    messages.info(request, _("You are already a member of {entity}.").format(
                        entity=self.inviting_entity))
                    invitation.is_accepted = True
                    invitation.save()
                else:
                    messages.error(request, _("It looks like you are trying to accept an invitation for "
                                             "{invited} but you are already a member of {entity} with the "
                                             "account {current}. Please sign out to accept this invitation "
                                             "as another user.").format(
                                                 entity=self.inviting_entity,
                                                 invited=invitation.email,
                                                 current=request.couch_user.username,
                                             ))
                return HttpResponseRedirect(self.redirect_to_on_success)

            if not is_invited_user:
                messages.error(request, _("The invited user {invited} and your user {current} do not match!").format(
                    invited=invitation.email, current=request.couch_user.username))

            if request.method == "POST":
                couch_user = CouchUser.from_django_user(request.user, strict=True)
                self._invite(invitation, couch_user)
                track_workflow(request.couch_user.get_email(),
                               "Current user accepted a project invitation",
                               {"Current user accepted a project invitation": "yes"})
                send_hubspot_form(HUBSPOT_EXISTING_USER_INVITE_FORM, request)
                return HttpResponseRedirect(self.redirect_to_on_success)
            else:
                mobile_user = CouchUser.from_django_user(request.user).is_commcare_user()
                context.update({
                    'mobile_user': mobile_user,
                    "invited_user": invitation.email if request.couch_user.username != invitation.email else "",
                })
                return render(request, self.template, context)
        else:
            if request.method == "POST":
                form = WebUserInvitationForm(request.POST)
                if form.is_valid():
                    # create the new user
                    user = activate_new_user(form, domain=invitation.domain)
                    user.save()
                    messages.success(request, _("User account for %s created!") % form.cleaned_data["email"])
                    self._invite(invitation, user)
                    authenticated = authenticate(username=form.cleaned_data["email"],
                                                 password=form.cleaned_data["password"])
                    if authenticated is not None and authenticated.is_active:
                        login(request, authenticated)
                    track_workflow(request.POST['email'],
                                   "New User Accepted a project invitation",
                                   {"New User Accepted a project invitation": "yes"})
                    send_hubspot_form(HUBSPOT_NEW_USER_INVITE_FORM, request, user)
                    return HttpResponseRedirect(reverse("domain_homepage", args=[invitation.domain]))
            else:
                if CouchUser.get_by_username(invitation.email):
                    return HttpResponseRedirect(reverse("login") + '?next=' +
                        reverse('domain_accept_invitation', args=[invitation.domain, invitation.get_id]))
                form = WebUserInvitationForm(initial={
                    'email': invitation.email,
                    'hr_name': invitation.domain,
                    'create_domain': False,
                })

        context.update({"form": form})
        return render(request, self.template, context)
def authenticate_with_username(password: str, username: str, request: HttpRequest = None) -> Union[UserModel, None]:
    return authenticate(request=request, username=username, password=password)
Пример #53
0
 def validate(self, data):
     user = authenticate(**data)
     if user and user.is_active:
         return user
     raise serializers.ValidationError("Unable to log in with provided credentials.")
Пример #54
0
def alumneRecoverPasswd( request , username, oneTimePasswd ):     
    
    client_address = getClientAdress( request )

    infoForm = [ ('Usuari',username,),]
    if request.method == 'POST':
        form = recuperacioDePasswdForm(  request.POST  )
        errors = []
        if form.is_valid(  ):         
            passwd = form.cleaned_data['p1']               
            data_neixement = form.cleaned_data['data_neixement']
            
            alumneOK = True
            try:
                alumneUser =  AlumneUser.objects.get( username = username)
                dataOK = data_neixement == alumneUser.getAlumne().data_neixement
                a_temps = datetime.now() - timedelta( minutes = 30 )
                codiOK = OneTimePasswd.objects.filter( usuari = alumneUser.getUser(), 
                                                                  clau = oneTimePasswd, 
                                                                  moment_expedicio__gte = a_temps,
                                                                  reintents__lt = 3 )
            except AlumneUser.DoesNotExist:
                alumneOK = False
            if not alumneOK:
                errors.append( u'Dades incorrectes. Demaneu un altre codi de recuperació. Si el problema persisteix parleu amb el tutor.')
            elif codiOK and not dataOK:
                errors.append( u'La data proporcionada no és correcta.')
                codiOK[0].reintents += 1
                codiOK[0].save()
            elif dataOK and not codiOK:
                errors.append( u"L'enllaç que esteu utilitzant està caducat o no és correcta. Demaneu un altre codi de recuperació.")
            elif not dataOK and not codiOK:
                errors.append( u"Dades incorrectes. Demaneu un altre codi de recuperació.")                
                #todoBloquejar oneTimePasswd
            elif alumneUser.alumne.esBaixa():
                errors.append( u'Cal parlar amb el tutor per recuperar accés a aquest compte.')
            elif codiOK and dataOK and not alumneUser.alumne.esBaixa():                
                alumneUser.set_password( passwd )
                alumneUser.is_active = True
                alumneUser.save()
                if alumneUser.alumne.motiu_bloqueig:
                    alumneUser.alumne.motiu_bloqueig = u""
                    alumneUser.alumne.save()
                user = authenticate(username=alumneUser.username, password=passwd)
                login( request, user )
 

            if not errors:
                codiOK.update( reintents = 3 )

                #apunto el login:
                LoginUsuari.objects.create( usuari = user, exitos = True, ip = client_address) 
                                
                url_next = '/' 
                return HttpResponseRedirect( url_next )        
            else:
                try:
                    #apunto el login:
                    LoginUsuari.objects.create( usuari = alumneUser, exitos = False, ip = client_address) 
                except:
                    pass
                form._errors.setdefault(NON_FIELD_ERRORS, []).extend(  errors  )    

    else:
        form = recuperacioDePasswdForm(   )
        
    return render(
                request,
                'form.html',
                    {'form': form,
                     'infoForm':infoForm,
                     'head': u'Recuperació de Contrasenya' 
                     }
                )
Пример #55
0
def EditProfile(request):
    userdata = UserDetail.objects.filter(usr=request.user).first()
    first = FirstTask.objects.filter(usr=request.user).first()
    skdata = UserSkills.objects.filter(usr=request.user).first()
    up = UserPort.objects.filter(usr=request.user).first()
    pdata = Project.objects.all()
    error = False

    if request.method == "POST":
        if 'img' in request.FILES:
            i = request.FILES['img']
            userdata.image = i
            userdata.save()
            return redirect('EditProfile')
        elif 'phone' in request.POST:
            phone = request.POST['phone']
            userdata.phone = phone
            userdata.save()
            return redirect('EditProfile')
        elif 'projectname' in request.POST:
            Projectname = request.POST['projectname']
            Profiletitle = request.POST['projecttype']
            projectimg = request.FILES['projectimg']
            Project.objects.create(usr=request.user,
                                   ProjectName=Projectname,
                                   ProjectType=Profiletitle,
                                   ProjectImg=projectimg)
            return redirect('EditProfile')

        elif 'skill' in request.POST:
            sk = request.POST['skill']
            UserSkills.objects.update(usr=request.user, Skills=sk)
            return redirect('EditProfile')

        elif 'Linkedin' in request.POST:
            linkedin = request.POST['Linkedin']
            UserPort.objects.update(usr=request.user, LinkedIn=linkedin)
            return redirect('EditProfile')
        elif 'Behance' in request.POST:
            linkedin = request.POST['Behance']
            UserPort.objects.update(usr=request.user, Behance=linkedin)
            return redirect('EditProfile')
        elif 'Instagram' in request.POST:
            linkedin = request.POST['Instagram']
            UserPort.objects.update(usr=request.user, Instagram=linkedin)
            return redirect('EditProfile')
        elif 'Twitter' in request.POST:
            linkedin = request.POST['Twitter']
            UserPort.objects.update(usr=request.user, Twitter=linkedin)
            return redirect('EditProfile')
        elif 'Github' in request.POST:
            linkedin = request.POST['Github']
            UserPort.objects.update(usr=request.user, Github=linkedin)
            return redirect('EditProfile')

        elif 'old' in request.POST:
            o = request.POST['old']
            n = request.POST['new']
            data = authenticate(usr=request.user.username, pas=o)
            if data:
                data.set_password(n)
                data.save()
                Logout(request)
                return SignIn(data)

            else:
                error = True
        else:
            return redirect('EditProfile')

    dis = {
        'userdata': userdata,
        'first': first,
        'skill': skdata,
        'userport': up,
        'error': error,
        'pdata': pdata
    }
    return render(request, 'profile_edit.html', dis)