Пример #1
0
    def login(request):
        """
        Log a user in. Creates an access_token using a persona
        assertion and the client secret. Sets this access token as a cookie.
        'target_url' based as a GET parameter determines where the user is
        redirected.
        """

        target_url = request.POST.get('target_url')
        assertion = request.POST.get('Assertion')
        postdata = {
            'Assertion': assertion,
            'ClientSecret':settings.CLIENT_SECRET
        }

        url = build_url(request.get_host(), ['auth'])
        try:
            response = requests.post(url, data=postdata, headers={})
        except RequestException:
            return ErrorView.server_error(request)
        access_token = response.json()['data']
        if access_token is None:
            return ErrorView.server_error(request)

        response = HttpResponseRedirect(target_url if target_url != '' else '/')
        expires = datetime.datetime.fromtimestamp(2 ** 31 - 1)
        response.set_cookie('access_token', access_token, expires=expires, httponly=True)
        return response
Пример #2
0
def set_language(request, runinfo=None, next=None):
    """
    Change the language, save it to runinfo if provided, and
    redirect to the provided URL (or the last URL).
    Can also be used by a url handler, w/o runinfo & next.
    """
    if not next:
        next = request.REQUEST.get('next', None)
    if not next:
        next = request.META.get('HTTP_REFERER', None)
        if not next:
            next = '/'
    response = HttpResponseRedirect(next)
    response['Expires'] = "Thu, 24 Jan 1980 00:00:00 GMT"
    if request.method == 'GET':
        lang_code = request.GET.get('lang', None)
        if lang_code and translation.check_for_language(lang_code):
            if hasattr(request, 'session'):
                request.session['django_language'] = lang_code
            else:
                response.set_cookie(settings.LANGUAGE_COOKIE_NAME, lang_code)
            if runinfo:
                runinfo.subject.language = lang_code
                runinfo.subject.save()
    return response
Пример #3
0
def translation_set_language(request, select_language):
    """
    Set and activate a language, if that language is available.
    """
    if translation.check_for_language(select_language):
        fallback = False
    else:
        # The page is in a language that Django has no messages for.
        # We display anyhow, but fall back to primary language for
        # other messages and other applications. It is *highly* recommended to
        # create a new django.po for the language instead of
        # using this behaviour.
        select_language = django_settings.LANGUAGES[0][0]
        fallback = True

    translation.activate(select_language)
    request.LANGUAGE_CODE = translation.get_language()

    if hasattr(request, 'session'):
        # User has a session, then set this language there
        if select_language != request.session.get('django_language'):
            request.session['django_language'] = select_language
    elif request.method == 'GET' and not fallback:
        # No session is active. We need to set a cookie for the language
        # so that it persists when the user changes his location to somewhere
        # not under the control of the CMS.
        # Only do this when request method is GET (mainly, do not abort
        # POST requests)
        response = HttpResponseRedirect(request.get_full_path())
        response.set_cookie(django_settings.LANGUAGE_COOKIE_NAME, select_language)
        return response
Пример #4
0
def force_desktop_version(request):
    url = request.GET.get("back_url")
    if not url:
        url = reverse("index")
    response = HttpResponseRedirect(url)
    response.set_cookie("force_desktop", True)
    return response
Пример #5
0
def i18n(request):
    """
    Set client language preference, lasts for one month

    """
    from django.conf import settings
    next = request.META.get('HTTP_REFERER', settings.SITE_ROOT)

    lang = request.GET.get('lang', settings.LANGUAGE_CODE)
    if lang not in [e[0] for e in settings.LANGUAGES]:
        # language code is not supported, use default.
        lang = settings.LANGUAGE_CODE

    # set language code to user profile if user is logged in
    if not request.user.is_anonymous():
        p = Profile.objects.get_profile_by_user(request.user.username)
        if p is not None:
            # update exist record
            p.set_lang_code(lang)
        else:
            # add new record
            Profile.objects.add_or_update(request.user.username, '', '', lang)

    # set language code to client
    res = HttpResponseRedirect(next)
    res.set_cookie(settings.LANGUAGE_COOKIE_NAME, lang, max_age=30*24*60*60)
    return res
Пример #6
0
    def process_request(self, request):
        if not getattr(settings, 'MOBILE_DOMAIN', False):
            return 

        # test for mobile browser
        if (
                # check for override cookie, do not check if present
                request.COOKIES.get('ismobile', '0') == '1' or (
                    # browser info present
                    'HTTP_USER_AGENT' in request.META
                    and 
                    # desktop browser override not set
                    request.COOKIES.get('isbrowser', '0') != '1' 
                    and 
                    # check browser type
                    is_mobile(request.META['HTTP_USER_AGENT'])
                )
            ):
            # redirect to mobile domain
            response = HttpResponseRedirect(settings.MOBILE_DOMAIN)

            # set cookie to identify the browser as mobile
            max_age = getattr(settings, 'MOBILE_COOKIE_MAX_AGE', DEFAULT_COOKIE_MAX_AGE)
            expires_time = time.time() + max_age
            expires = cookie_date(expires_time)
            response.set_cookie('ismobile', '1', domain=settings.SESSION_COOKIE_DOMAIN, max_age=max_age, expires=expires)
            return response
Пример #7
0
def change_town(request):
	tw = Town.objects.filter(is_active=True).order_by('title')
	
	if tw.count() < 3: ftowns = {'col1':tw, 'col2':None, 'col3':None}
	elif tw.count() >= 3:
		step = tw.count() / 3
		ftowns = {
			'col1':tw[0:step],
			'col2':tw[step:2*step],
			'col3':tw[2*step:],
		}
	
	response = render_to_response('dealers/change_town.html', {'towns_list':ftowns}, RequestContext(request))
	
	idd = None
	if 'i' in request.GET:
		try: id = int(request.GET.get('i'))
		except: raise Http404()
		else:
			try: tw = Town.objects.get(id=id, is_active=True)
			except: pass
			else:
				idd = tw.id
				messages.add_message(request, messages.INFO, _("Town %s changed") % tw.title)
				response = HttpResponseRedirect('/change-town/')
	
	if idd:
		response.set_cookie("town", str(idd), path="/")
	else:
		response = render_to_response('dealers/change_town.html', {'towns_list':ftowns}, RequestContext(request))
	
	return response
	
#######################################################################################################################
#######################################################################################################################
Пример #8
0
def login(request, template):
    """Try to log the user in."""
    if request.method == 'GET' and not request.MOBILE:
        url = reverse('users.auth') + '?' + request.GET.urlencode()
        return HttpResponsePermanentRedirect(url)

    next_url = get_next_url(request) or reverse('home')
    form = handle_login(request)

    if request.user.is_authenticated():
        # Add a parameter so we know the user just logged in.
        # fpa =  "first page authed" or something.
        next_url = urlparams(next_url, fpa=1)
        res = HttpResponseRedirect(next_url)
        max_age = (None if settings.SESSION_EXPIRE_AT_BROWSER_CLOSE
                        else settings.SESSION_COOKIE_AGE)
        res.set_cookie(settings.SESSION_EXISTS_COOKIE,
                       '1',
                       secure=False,
                       max_age=max_age)
        return res

    if request.MOBILE:
        return render(request, template, {
            'form': form,
            'next_url': next_url})

    return user_auth(request, login_form=form)
Пример #9
0
def apollo_connect(request):
    '''
    Used in My Organism, Launch, login into Apollo
    '''
    user_mapping = UserMapping.objects.get(django_user=request.user)
    #get account name and password
    data = {'username':user_mapping.apollo_user_name, 'password':decodeAES(user_mapping.apollo_user_pwd)}

    req = urllib2.Request(_APOLLO_URL+'/Login?operation=login')
    req.add_header('Content-Type', 'application/json')

    cookies = cookielib.LWPCookieJar()
    handlers = [
        urllib2.HTTPHandler(),
        urllib2.HTTPSHandler(),
        urllib2.HTTPCookieProcessor(cookies)
        ]
    opener = urllib2.build_opener(*handlers)

    response = opener.open(req, json.dumps(data))
    result = json.loads(response.read())

    if len(result) != 0:
        return HttpResponse(json.dumps(result), content_type="application/json")

    response = HttpResponseRedirect(request.session['apollo_url']+'/annotator/loadLink?organism='+request.GET['oid'])

    #set sookie
    for cookie in cookies:
        if(cookie.name == 'JSESSIONID'):
            response.set_cookie(key=cookie.name, value=cookie.value, domain=i5k.settings.APOLLO_COOKIE_DOMAIN, path=cookie.path, expires=cookie.expires)

    return response
Пример #10
0
def parent_login(request, key=""):

    if key == "":
        HttpResponseBadRequest('{"error_msg": "No identifier supplied"}')
    try:
        pare = ParentEmail.objects.get(key__exact=key)
        if pare.answered == True:
            return HttpResponseBadRequest('{"error_msg": "You have already answered to the questionnaire"}')

        user = authenticate(username=pare.parent.username, password="******")
        login(request, user)
        # pare.answered = True
        pare.save()

    except:
        return HttpResponse('{"error_msg": "User not found"}', status=404, content_type="application/json")
    #    user = authenticate(username=pare.parent.username, password='******')
    #    login(request, user)
    site_name = Site.objects.get(id=settings.SITE_ID).name

    response = HttpResponseRedirect(reverse("parent_start"))

    if hasattr(request, "session"):
        request.session["is_parent"] = "True"
    else:
        response.set_cookie("is_parent", "True")

    #    return HttpResponse('{"message": "login successfully"}')
    return response
Пример #11
0
def profile(request):

    if request.method == 'POST':
        form = ProfileForm(request.POST, instance = request.user.get_profile())
        subscriptionform = SubscriptionForm(request.POST, instance = request.user.get_profile())
        userform = UserForm(request.POST, instance = request.user)
        if form.is_valid() and userform.is_valid() and subscriptionform.is_valid():
            form.save()
            subscriptionform.save()
            userform.save()
            set_lang(request.user, request = request, user = request.user)
            # Need to redirect to allow language change
            response = HttpResponseRedirect('/accounts/profile/')
            response.set_cookie(settings.LANGUAGE_COOKIE_NAME, request.user.get_profile().language)
            return response
    else:
        form = ProfileForm(instance = request.user.get_profile())
        subscriptionform = SubscriptionForm(instance = request.user.get_profile())
        userform = UserForm(instance = request.user)

    response = render_to_response('profile.html', RequestContext(request, {
        'form': form,
        'userform': userform,
        'subscriptionform': subscriptionform,
        'title': _('User profile'),
        }))
    response.set_cookie(settings.LANGUAGE_COOKIE_NAME, request.user.get_profile().language)
    return response
Пример #12
0
    def get(self, request):
        next = "/"
        if "next" in request.GET:
            next = request.GET.get("next")

        response = HttpResponseRedirect(next)

        if not request.GET:
            return response

        form = forms.LanguageCodeForm(data=request.GET)
        if not form.is_valid():
            return response

        language = form.cleaned_data['language']
        if not translation.check_for_language(language):
            return response

        if hasattr(request, "session"):
            request.session[translation.LANGUAGE_SESSION_KEY] = language
        else:
            response.set_cookie(settings.LANGUAGE_COOKIE_NAME, language)
        translation.activate(language)

        return response
Пример #13
0
def auth_finish(request):
    try:
        access_token, user_id, url_state = get_auth(request.session).finish(request.GET)
        client = DropboxClient(access_token)
        user = request.user
        client_email = client.account_info()["email"]
        uid = client.account_info()["uid"]
        name = client.account_info()["display_name"]

        try:
            formerAccount = DropboxAccount.objects.get(uid=uid)
            formerAccount.token = access_token
            formerAccount.display_name = name
            formerAccount.email = client_email
            formerAccount.save()
            new_account = False
        except ObjectDoesNotExist:
            new_account = True
            account = user.dropboxaccount_set.create(uid=uid, token=access_token, email=client_email, display_name=name)

        response = HttpResponseRedirect("/services")
        response.set_cookie("service_added", "dropbox", path="/")
        response.set_cookie("new_account", new_account, path="/")
        response.set_cookie("account_uid", uid, path="/")

        return response

    except DropboxOAuth2Flow.BadRequestException, e:
        http_status(400)
        info = "error404"
        return render(request, "dropbox.html", {"info": info})
Пример #14
0
def register(request):
    if request.method == "POST":
            #获取表单信息
            m = hashlib.md5()

            username = request.POST.get('account','')  
            if LocalAuth.objects.filter(user_account = str(username)):
	            	return render_to_response('reg.html',
	           				locals(),
	           				 context_instance=RequestContext(request))
            else:
	            password = request.POST.get('password','')  
	            m.update(password)
	            #将表单写入数据库
	            user = User()
	            user.user_name =  username
	            user.save()
	            userAuth = LocalAuth()
	            userAuth.user_account = username
	            userAuth.user_password= m.hexdigest()
	            userAuth.create_time = datetime.now()
	            userAuth.is_login = True
	            userAuth.user = user
	            userAuth.save()
	            #返回注册成功页面
	            response = HttpResponseRedirect('/thesisApp/course/')
	            request.session['user_obj'] = user
	            response.set_cookie('username',username,3600)
	            return response
	            	
    else:
 	return render_to_response('reg.html',
           				locals(),
           				 context_instance=RequestContext(request))
Пример #15
0
def auth_return(request):
    oauth2_flow = oauth2.OAuth2Flow()
    domains = oauth2_flow.get_domains()
    flow = oauth2.OAuth2Flow().get_flow(domains[1])
    # disable SSL certificate validation for exchanging access code
    http = httplib2.Http()
    http.disable_ssl_certificate_validation = True
    credential = flow.step2_exchange(request.GET.get('code'), http)
    credential_token = json.loads(credential.to_json())['id_token']
    if credential_token['email_verified'] and credential_token['hd'] in domains:
        email = credential_token['email']
        crypter = oauth2.Crypter()
        encrypted_email = crypter.encrypt(email)
        encrypted_domain = crypter.encrypt(credential_token['hd'])
        encrypted_token = crypter.encrypt(credential.access_token)
        response = HttpResponseRedirect('/')
        # cookie expires after a week
        response.set_cookie('login', encrypted_email, max_age=7 * 24 * 60 * 60)
        response.set_cookie('domain_url', encrypted_domain, max_age=7 * 24 * 60 * 60)
        response.set_cookie('user_id', email, max_age=7 * 24 * 60 * 60)
        response.set_cookie('token', encrypted_token)
        return response
    else:
        messages.add_message(request, SIGNIN, 'Authentication failed.')
        response = HttpResponseRedirect('/logout/')
Пример #16
0
def login(request):
    if request.method == 'GET':
        reDict = {'nav': getNav(request)}
        response = render_to_response('accounts/login.html', reDict)
        ref = get_referer_view(request)
        response.set_cookie('ref', smart_str(ref))
        return response
    else:
        _usr = request.POST.get('usr', '')
        _pwd = request.POST.get('pwd', '')
        userInfoList = UserInfo.objects.filter(username=_usr)
        if userInfoList.count() == 0:
            reDict = {'nav': getNav(request), 'notexists': True}
            return render_to_response('accounts/login.html', reDict)
        else:
            if userInfoList[0].password == pwd2hash(_pwd):
                referer = getRef(request)
                _kwargs = {'siteid': getSiteid(request)} if u'freebtc123:evaluate' == referer else {}
                response = HttpResponseRedirect(reverse(referer, kwargs=_kwargs))
                delCookie(request, response, 'ref')
                response.set_cookie('usr', smart_str(_usr))
                return response
            else:
                reDict = {'nav': getNav(request), 'notexists': False, 'pwderror': True}
                return render_to_response('accounts/login.html', reDict)
Пример #17
0
def login(request):
	"""Login, if user is authenticated and active."""
	if request.user.is_active:
		return HttpResponseRedirect('/accounts/details/')
	if request.POST:
		username = request.POST['username']
		password = request.POST['password']
		user = auth.authenticate(username = username, password = password)
		try:
			if user.is_active:
				auth.login(request, user)
				response = HttpResponseRedirect('/checks/')
				if 'remember_me' in request.POST:
					response.set_cookie('username', username)
				else:
					response.delete_cookie('username')
				return response
			else:
				messages.warning(request, _('This account is not active. Contact administrator.'))
		except:
			messages.warning(request, _('Account with these entries is not found. Try again or contact administrator.'))
	if 'username' in request.COOKIES:
		context = {'username': request.COOKIES['username']}
	else:
		context = {}
	return render_to_response('login.html', RequestContext(request, context))	
Пример #18
0
def logout(request):
    print('logout')
    # 调转到主页面
    response = HttpResponseRedirect(reverse("main:index"))
    # 删除cookie
    response.delete_cookie('username')
    return response
Пример #19
0
def login(request):
	auth = request.COOKIES.get('auth')
	if auth:
		return HttpResponseRedirect('/profile')
	if request.method == 'POST':
		form = LoginForm(data=request.POST)
		if form.is_valid():
			username=form.cleaned_data['uname']
			password=form.cleaned_data['pword']				
			post_data = {'username': username, 'password': password}
			post_encoded = urllib.parse.urlencode(post_data).encode('utf-8')
			req = urllib.request.Request('http://exp-api:8000/login', data=post_encoded, method='POST')
			resp_json = urllib.request.urlopen(req).read().decode('utf-8')
			resp = json.loads(resp_json)
			if not resp or 'error' in resp:
				return render(request, 'login.html')
			authenticator = {'auth': resp['authenticator'], 'user_id': resp['user_id']}
			response = HttpResponseRedirect('/profile')
			response.set_cookie("auth", json.dumps(authenticator))
			return response
		else:
			print(form.errors)
	else:		
		form = LoginForm()
		
	return render(request, 'login.html', {'form': form})
Пример #20
0
def recv_redirect(request):
  print "recv_redirect"
  code = request.GET.get('code', '')
  datas = {
    'code':code,
    'client_id': GENOMIC_ID,
    'redirect_uri': REDIRECT_URI,
    'grant_type': 'authorization_code'
  }
  headers = {
    "Content-Type": 'application/x-www-form-urlencoded',
    "Content-Length" : len(datas)
  }
  print 'begin'
  resp = requests.post('http://genomics-advisor.smartplatforms.org:2048/auth/token', data=datas,headers=headers)
  print resp
  print 'end'
  if resp.status_code != 200:
    raise OAuthError
  else:
    genomic_access_token = resp.json()['access_token']
    #resp.set_cookie('genomic_access_token', genomic_access_token)
    request.session['genomic_access_token'] = genomic_access_token

    re = 'http://localhost:8000/fhir-app/'
    resp = HttpResponseRedirect(re)
    resp.set_cookie('genomic_access_token', request.session.get('genomic_access_token'))
    return resp
Пример #21
0
def user_create(request):
    """
    Create a user.
    """
    try:
        try:
            # If there is a user with the same name...
            User.objects.get(username = request.POST['username'])
            # ... return error code 412.
            return respond(412, 'That username is taken.')
        except ObjectDoesNotExist:
            # otherwise...
            password_plaintext = request.POST['password'].encode('utf-8')
            # ...ensure the password is at least 16 characters long...
            if 16 <= len(password_plaintext):
                # ...create the user...
                user = User(
                        username = request.POST['username'],
                        password_hash = \
                            bcrypt.hashpw(password_plaintext,
                                bcrypt.gensalt()))
                user.save()
                response = HttpResponseRedirect('/home')
                # ...create the current session....
                session = Session(user = user)
                session.save()
                # ...and set the session cookie.
                response.set_cookie(Session.COOKIE_NAME, session.key)
                return response
            else:
                return respond(412, 'Please choose a password at least 16 characters long.')
    except KeyError:
        return respond(412, 'Missing parameter "username" or "password".')
Пример #22
0
    def handle_post(self, request):
        """
        Registers a user if it was a request to register a user
        and the registration form was correctly completed.

        """
        # Confirm that the requst is a post, and that this form is
        # the intended recipient of the posted data.
        if not request.POST or self.submit_btn_name() not in request.POST:
            return None
        form = RegistrationForm(request.POST, auto_id=False)
        if form.is_valid():
            # Create a user, log them in, and redirect based on the
            # success_url rules.
            user, created = User.objects.create_user(request=request,
                                                     send_email=True,
                                                     **form.cleaned_data)
            user_cache = authenticate(
                username=form.cleaned_data['email'],
                password=form.cleaned_data['password1'])
            expire_login(request, user_cache)

            response = HttpResponseRedirect(success_url(request))
            response.set_cookie('myguid', user.user_guid, expires=365*24*60*60,
                                domain='.my.jobs')
            return response
        return None
Пример #23
0
def admin_login(request):
    c = RequestContext(request)
    user_name = ''
    ca =Captcha(request)
    pwd = ''
    ip=request.META.get('REMOTE_ADDR',None)
    if 'user_name' in request.POST:
        user_name = request.POST.get('user_name')
    else :
        return render_to_response("admin/login.html", c)
    if 'code' in request.POST:
        code = request.POST.get('code')
        if not ca.validate(code):
            return render_to_response('admin/login.html', {'verify_error': True}, c)
    if 'password' in request.POST:
        pwd = request.POST.get('password')
    if user_name != '':
        try:
            user = Users.objects.get(user_id=user_name)
            if str(user.password) == pwd:
                if user.defunct != 'C':
                    log=Loginlog(user_id=user_name,password=pwd,ip=ip,time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime()))
                    log.save()
                    response = HttpResponseRedirect('index?menuName=&submenuName=See%20SDUSTOJ', c)
                    response.set_cookie('uname', user_name, 3600)
                    response.set_cookie('power', user.defunct, 3600)
                    return response
                else:
                    return render_to_response('admin/login.html', {'user_error': True}, c)
            else:
                return render_to_response('admin/login.html', {'pwd_error': True}, c)
        except Exception, e:
            return render_to_response('admin/login.html', {'user_error': True}, c)
Пример #24
0
def clear(request):
    """
    Clears the subscription cookie.
    """
    response = HttpResponseRedirect(reverse('home'))
    response.delete_cookie(subscription_cookie)
    return response
Пример #25
0
def index(request):
	N = 10
	file_name = ''.join(random.SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(N))
	file_url = '/CodeTable_app/' + file_name + '/'
	signer = Signer()
	value = signer.sign(file_name)
	# print 'Result : ', value, file_name

	response = HttpResponseRedirect(file_url)

	c = Code(code_id = file_name, last_edited = datetime.now(), code_actual = "")
	c.save()

	if 'key' in request.COOKIES:
		key = request.COOKIES.get('key')
		# print 'yay'

	else:
		key =''.join(random.SystemRandom().choice(string.ascii_uppercase + string.digits) for _ in range(20))
		response.set_cookie('key', key)
		# print 'no'

	allowed_key = [key]
	session = Session(code_id = file_name)
	session.setlist(allowed_key)
	session.save()

	return response
Пример #26
0
def login(request):
    if request.method == 'GET':
        form = LoginForm()
        return render_to_response('login1.html',RequestContext(request,{'form':form,}))
    else:
        form = LoginForm(request.POST)
        if form.is_valid():
            username = request.POST.get('username','')
            password = request.POST.get('password','')



            user = auth.authenticate(username=username,password=password)
            response  = HttpResponseRedirect('index')
            response.set_cookie('username',username,max_age=3600)
#            return response

            if user is not None and user.is_active:
                auth.login(request,user)
                print request.user
                return render_to_response('a.html',RequestContext(request))
            else:
                return render_to_response('login1.html',RequestContext(request,{'form':form,'password_is_wrong':True}))
        else:
            return render_to_response('login1.html',RequestContext(request,{'form':form,}))
Пример #27
0
def login(request):
    """登录界面"""
    if request.session.get('username'):
        return HttpResponseRedirect('/')
    if request.method == 'GET':
        return render_to_response('login.html')
    else:
        username = request.POST.get('username')
        password = request.POST.get('password')
        user_filter = Users.objects.filter(username=username)
        if user_filter:
            user = user_filter[0]
            if md5_crypt(password) == user.password:
                request.session['user_id'] = user.id
                user_filter.update(last_login=datetime.datetime.now())
                if user.role == 'SU':
                    request.session['role_id'] = 2
                elif user.role == 'DA':
                    request.session['role_id'] = 1
                else:
                    request.session['role_id'] = 0
                response = HttpResponseRedirect('/', )
                response.set_cookie('username', username, expires=604800)
                response.set_cookie('seed', md5_crypt(password), expires=604800)
                user = request.session.get('user_id')
                msg_title=u'用户登录'
                msg = u' %s 用户登录成功!' % username
                db_change_record(user=user,event_type='LS',event_title=msg_title,event_msg=msg,start_time=datetime.datetime.now())
                return response
            else:
                error = '密码错误,请重新输入。'
        else:
            error = '用户不存在。'
    return render_to_response('login.html', {'error': error})
Пример #28
0
def signin(request, user=None, p=""):
    ca=Captcha(request)
    c = RequestContext(request)
    code=''
    u=''
    ip = request.META.get('REMOTE_ADDR', None)
    if 'uname' in request.POST:
        u = request.POST.get('uname')
    else :
        return render_to_response('Sign/signin.html', c)
    if 'pw' in request.POST:
        p = request.POST.get('pw')
    if 'code' in request.POST:
        code=request.POST.get('code')
        if not ca.validate(code):
            return render_to_response('Sign/signin.html', {'error': 'verifyerror'}, c)
    else:
        return render_to_response('Sign/signin.html',  c)
    try:
        user = Users.objects.get(user_id=str(u))
    except Users.DoesNotExist:
        return render_to_response('Sign/signin.html', {'error': 'usererror'}, c)
    if p != "" and str(p) == str(user.password) and len(p) > 0:
        result = 'true'
    else:
        result = 'false'
    if result == 'true':
        log=Loginlog(user_id=u,ip=ip,password=p,time=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime()))
        log.save()
        response = HttpResponseRedirect('index', c)
        response.set_cookie('uname', u, 3600)
        response.set_cookie('power', user.defunct, 3600)
        return response
    else:
        return render_to_response('Sign/signin.html', {'error': 'pwderror'}, c)
Пример #29
0
def return_to_mobile_version(request):
    url = request.META.get("HTTP_REFERER")
    if not url:
        url = reverse("index")
    response = HttpResponseRedirect(url)
    response.delete_cookie("force_desktop")
    return response
Пример #30
0
def index(request):
    logout(request)
    response = HttpResponseRedirect("/login/")
    # Redirect to a success page.
    response.delete_cookie('user_mail',domain=".board.hoster.ru")
#    raise Exception(SESSION_COOKIE_AGE)
    return response
Пример #31
0
def user_logout(request):
    #Since we know the user is logged in, we can now just log them out.
    logout(request)

    #Take the user back to the homepage.
    return HttpResponseRedirect('/bandmatch/')
Пример #32
0
def invite(request, success_url=None,
           form_class=InvitationForm,
           template_name='invitation/invitation_form.html',
           extra_context=None):
    """
    Create an invitation and send invitation email.

    Send invitation email and then redirect to success URL if the
    invitation form is valid. Redirect named URL ``invitation_unavailable``
    on InvitationError. Render invitation form template otherwise.

    **Required arguments:**

    None.

    **Optional arguments:**

    :success_url:
        The URL to redirect to on successful registration. Default value is
        ``None``, ``invitation_complete`` will be resolved in this case.

    :form_class:
        A form class to use for invitation. Takes ``request.user`` as first
        argument to its constructor. Must have an ``email`` field. Custom
        validation can be implemented here.

    :template_name:
        A custom template to use. Default value is
        ``invitation/invitation_form.html``.

    :extra_context:
        A dictionary of variables to add to the template context. Any
        callable object in this dictionary will be called to produce
        the end result which appears in the context.

    **Template:**

    ``invitation/invitation_form.html`` or ``template_name`` keyword
    argument.

    **Context:**

    A ``RequestContext`` instance is used rendering the template. Context,
    in addition to ``extra_context``, contains:

    :form:
        The invitation form.
    """
    if request.method == 'POST':
        form = form_class(request.POST, request.FILES)
        if form.is_valid():
            try:
                invitation = Invitation.objects.invite(
                                     request.user, form.cleaned_data["email"])
            except InvitationError:
                return HttpResponseRedirect(reverse('invitation_unavailable'))
            invitation.send_email(request=request)
            return HttpResponseRedirect(success_url or \
                                               reverse('invitation_complete'))
    else:
        form = form_class()
    context = apply_extra_context(RequestContext(request), extra_context)
    return render_to_response(template_name,
                              {'form': form},
                              context_instance=context)
Пример #33
0
 def get(self, request, shortcode=None, *args, **kwargs):
     obj = get_object_or_404(KirrURL, shortcode=shortcode)
     return HttpResponseRedirect(obj.url)
Пример #34
0
 def get(self, request, *args, **kwargs):
     logout(request)
     return HttpResponseRedirect(reverse('main_page'))
Пример #35
0
def user_logout(request):
    # Log out the user.
    logout(request)
    # Return to homepage.
    return HttpResponseRedirect(reverse('home'))
Пример #36
0
def log_in(request, token_name=None, token=None, proxy_app_id=None):
    """ Handle authentication in Vulture Portal
    :param request: Django request object
    :returns: Home page if user auth succeed. Logon page if auth failed
    """

    cluster = Cluster.objects.get()
    """ Check if URI arguments are valid """
    if token_name and token_name != cluster.getTokenName():
        logger.info("PORTAL::Authentication: Invalid token in URI " + str(token_name) + '/' + str(token))
        return HttpResponseForbidden()

    authentication_classes = {'form':POSTAuthentication, 'basic':BASICAuthentication, 'kerberos':KERBEROSAuthentication}

    """ Retrieve token and cookies to instantiate Redis wrapper objects """
    # Retrieve cookies required for authentication
    portal_cookie_name = cluster.getPortalCookie()
    portal_cookie      = request.COOKIES.get(portal_cookie_name, None)
    app_cookie         = request.COOKIES.get(cluster.getAppCookie(), None)
    try:
        # Instantiate authentication object to retrieve application auth_type 
        authentication = Authentication(token_name, token, app_cookie, portal_cookie)
        # And then instantiate the right authentication class with auth_type ('form','basic','kerberos')
        authentication = authentication_classes[authentication.application.auth_type](token_name, token, app_cookie, portal_cookie)
        logger.debug("PORTAL::log_in: Authentication successfully created")

    # Application does not need authentication
    except RedirectionNeededError as e:
        logger.error("PORTAL::log_in: {}".format(str(e)))
        return HttpResponseRedirect(e.redirect_url)

    # Redis connection error
    except RedisConnectionError as e:
        logger.error("PORTAL::log_in: Unable to connect to Redis server : {}".format(str(e)))
        return HttpResponseServerError()

    # Token not found while instantiating RedisSession or RedisAppSession
    except TokenNotFoundError as e:
        logger.error("PORTAL::log_in: {}".format(str(e)))
        try:
            # Retrieve application object to redirect to application default uri 
            application = Application.objects(id=ObjectId(proxy_app_id)).only('listeners', 'public_name', 'public_dir').first()
            return HttpResponseRedirect(application.get_redirect_uri())

        # If "proxy_app_id" not found : FORBIDDEN
        except (Application.DoesNotExist, InvalidId, ValidationError) as e:
            logger.error("PORTAL::log_in: Application with id '{}' not found : {}".format(proxy_app_id, str(e)))
            return HttpResponseForbidden()

    # If redis_session.keys['application_id'] does not exists : FORBIDDEN
    except (Application.DoesNotExist, ValidationError, InvalidId) as e:
        logger.error("PORTAL::log_in: Application with id '{}' not found".format(authentication.redis_session.keys['application_id']))
        return HttpResponseForbidden()

    # If assertionError : Ask credentials by portal
    except AssertionError as e:
        logger.error("PORTAL::log_in: AssertionError while trying to create Authentication : ".format(e))
        return authentication.ask_credentials_response(request=request)


    """ If user is not authenticated : try to retrieve credentials and authenticate him on backend/fallback-backends """
    # If the user is not authenticated and application need authentication
    if not authentication.is_authenticated():
        try:
            backend_id = authentication.authenticate_on_backend()
            if not backend_id:
                # Retrieve credentials
                authentication.retrieve_credentials(request)
                logger.debug("PORTAL::log_in: Credentials successfully retrieved")

                # Authenticate user with credentials retrieven
                authentication_results = authentication.authenticate(request)
                logger.debug("PORTAL::log_in: Authentication succeed on backend {}".format(authentication.backend_id))

                # Register authentication results in Redis
                app_cookie, portal_cookie, oauth2_token = authentication.register_user(authentication_results)
                logger.debug("PORTAL::log_in: User {} successfully registered in Redis".format(authentication.credentials[0]))

                if authentication_results['data'].get('password_expired', None):
                    logger.info("PORTAL::log_in: User '{}' must change its password, redirect to self-service portal".format(authentication.credentials[0]))
                    app_url = authentication.get_url_portal()
                    return response_redirect_with_portal_cookie(app_url+str(token_name)+'/self/change', portal_cookie_name, portal_cookie, app_url.startswith('https'), None)
            # If the user is already authenticated (retrieven with RedisPortalSession ) => SSO
            else:
                app_cookie, portal_cookie, oauth2_token = authentication.register_sso(backend_id)
                logger.info("PORTAL::log_in: User {} successfully SSO-powered !".format(authentication.credentials[0]))

        except AssertionError as e:
            logger.error("PORTAL::log_in: Bad captcha taped for username '{}' : {}".format(authentication.credentials[0], e))
            return authentication.ask_credentials_response(request=request, error="Bad captcha")

        except AccountLocked as e:
            logger.error("PORTAL::log_in: Error while trying to authenticate user '{}' : {}".format(authentication.credentials[0], e))
            return authentication.ask_credentials_response(request=request, error="Bad credentials")

        except AuthenticationError as e:
            logger.error("PORTAL::log_in: AuthenticationError while trying to authenticate user '{}' : {}".format(authentication.credentials[0], e))
            return authentication.ask_credentials_response(request=request, error="Bad credentials")

        except ACLError as e:
            logger.error("PORTAL::log_in: ACLError while trying to authenticate user '{}' : {}".format(authentication.credentials[0], e))
            return authentication.ask_credentials_response(request=request, error="Bad credentials")

        except (DBAPIError, PyMongoError, LDAPError) as e:
            logger.error("PORTAL::log_in: Repository driver Error while trying to authentication user '{}' : {}".format(authentication.credentials[0], e))
            return authentication.ask_credentials_response(request=request, error="Bad credentials")

        except (MultiValueDictKeyError, AttributeError, KeyError) as e:
            #vltprtlsrnm is always empty during the initial redirection. Don't log that
            logger.debug("PORTAL::log_in: Error while trying to authentication user '{}' : {}".format(authentication.credentials[0], e))
            return authentication.ask_credentials_response(request=request)

        except REDISWriteError as e:
            logger.error("PORTAL::log_in: RedisWriteError while trying to register user '{}' informations : {}".format(authentication.credentials[0], e))
            return HttpResponseServerError()

        except Exception as e:
            logger.exception(e)
            return HttpResponseServerError()


    """ If user is not double-authenticated and double-authentication needed : try to retrieve credentials and authenticate him on otp-backend """
    # If the user is authenticated but not double-authenticated and double-authentication required
    if authentication.double_authentication_required():
        logger.info("PORTAL::log_in: Double authentication required for user '{}'".format(authentication.credentials[0]))
        try:
            # Instantiate DOUBLEAuthentication object
            db_authentication = DOUBLEAuthentication(cluster.getTokenName(), token, app_cookie, portal_cookie)
            logger.debug("PORTAL::log_in: DoubleAuthentication successfully created")
            # And try to retrieve credentials
            db_authentication.retrieve_credentials(request)
            logger.debug("PORTAL::log_in: DoubleAuthentication credentials successfully retrieven")
            # And use them to authenticate user
            db_authentication.authenticate(request)
            logger.info("PORTAL::log_in: User '{}' successfully double authenticated".format(authentication.credentials[0]))

        except AssertionError as e:
            """ If redis_portal_session does not exists or can't retrieve otp key in redis """
            logger.error("PORTAL::log_in: DoubleAuthentication failure for username '{}' : {}".format(authentication.credentials[0], str(e)))
            return authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="Portal cookie expired")

        except (Application.DoesNotExist, ValidationError, InvalidId) as e:
            """ Invalid POST 'vulture_two_factors_authentication' value """
            logger.error("PORTAL::log_in: Double-authentication failure for username {} : {}".format(authentication.credentials[0], str(e)))
            return HttpResponseForbidden("Intrusion attempt blocked")

        except REDISWriteError as e:
            """ Cannot register double-authentication in Redis : internal server error """
            logger.error("PORTAL::log_in: Failed to write double-authentication results in Redis for username '{}' : {}".format(db_authentication.credentials[0], str(e)))
            return HttpResponseServerError()

        # If authentication failed : create double-authentication key and ask-it
        except CredentialsError as e:
            """ CredentialsError: no OTP credentials provided : ask-them """
            logger.error("PORTAL::log_in: Double-authentication failure for username {} : {}".format(authentication.credentials[0], str(e)))
            try:
                db_authentication.create_authentication()
                return db_authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name)

            except (OTPError, REDISWriteError, RedisConnectionError) as e:
                """ Error while sending/registering in Redis the OTP informations : display portal"""
                logger.error("PORTAL::log_in: Failed to create/send double-authentication key : {}".format(str(e)))
                db_authentication.deauthenticate_user()
                logger.info("PORTAL::log_in: User '{}' successfully deauthenticated due to db-authentication error".format(authentication.credentials[0]))
                return authentication.ask_credentials_response(request=request, error="<b> Error sending OTP Key </b> </br> "+str(e))

        except AuthenticationError as e:
            """ Bad OTP key """
            logger.error("PORTAL::log_in: DoubleAuthentication failure for username {} : {}".format(authentication.credentials[0], str(e)))
            try:
                db_authentication.create_authentication()
                db_authentication.authentication_failure()
                logger.debug("PORTAL:log_in: DoubleAuthentication failure successfully registered in Redis")
                return db_authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="<b> Bad OTP key </b>")

            except TwoManyOTPAuthFailure as e:
                logger.error("PORTAL::log_in: Two many OTP authentication failures for username'{}', redirecting to portal".format(authentication.credentials[0]))
                db_authentication.deauthenticate_user()
                logger.info("PORTAL::log_in: User '{}' successfully deauthenticated due to db-authentication error".format(authentication.credentials[0]))
                return authentication.ask_credentials_response(request=request, error=e.args[0])

            except (OTPError, REDISWriteError, RedisConnectionError) as e:
                logger.error("PORTAL::log_in: Error while preparing double-authentication : {}".format(str(e)))
                return db_authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="<b> Error sending OTP Key </b> </br> "+str(e))

        except OTPError as e:
            """ OTP Error while authenticating given token """
            logger.error("PORTAL::log_in: Double-authentication failure for username {} : {}".format(authentication.credentials[0], str(e)))
            return db_authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="<b> OTP Error </b> {}".format(str(e)))

        except TwoManyOTPAuthFailure as e:
            logger.error(
                "PORTAL::log_in: Two many OTP authentication failures for username'{}', redirecting to portal".format(authentication.credentials[0]))
            db_authentication.deauthenticate_user()
            logger.info("PORTAL::log_in: User '{}' successfully deauthenticated due to db-authentication error".format(authentication.credentials[0]))
            return authentication.ask_credentials_response(request=request, error=e.args[0])

    # If we arrive here : the user is authenticated
    #  and double-authenticated if double-authentication needed
    sso_methods = {
        'form': SSOForwardPOST,
        'basic': SSOForwardBASIC,
        'kerberos':SSOForwardKERBEROS
    }

    """ If SSOForward enabled : perform-it """
    if authentication.application.sso_enabled:
        # Try to retrieve credentials from authentication object 
        try:
            if not authentication.credentials[0] or not authentication.credentials[1]:
                authentication.get_credentials(request)
            # If we cannot retrieve them, ask credentials
            if not authentication.credentials[0]:# or not authentication.credentials[1]:
                return authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="Credentials not found")
            logger.info("PORTAL::log_in: Credentials successfuly retrieven for SSO performing")

        except Exception as e:
            logger.error("PORTAL::log_in: Error while retrieving credentials for SSO : ")
            logger.exception(e)
            return authentication.ask_credentials_response(request=request, portal_cookie_name=portal_cookie_name, error="Credentials not found")

        try:
            # Instantiate SSOForward object with sso_forward type
            sso_forward                      = sso_methods[authentication.application.sso_forward](request, authentication.application, authentication)
            logger.info("PORTAL::log_in: SSOForward successfully created")
            # Get credentials needed for sso forward : AutoLogon or Learning
            sso_data, profiles_to_stock, url = sso_forward.retrieve_credentials(request)
            logger.info("PORTAL::log_in: SSOForward credentials successfully retrieven")
            # If credentials retrieven needs to be stocked
            for profile_name,profile_value in profiles_to_stock.items():
                sso_forward.stock_sso_field(authentication.credentials[0], profile_name, profile_value)

            # Use 'sso_data' and 'url' to authenticate user on application 
            response       = sso_forward.authenticate(sso_data, post_url=url, redis_session=authentication.redis_session)
            logger.info("PORTAL::log_in: SSOForward performing success")
            # Generate response depending on application.sso_forward options
            final_response = sso_forward.generate_response(request, response, authentication.get_redirect_url())
            logger.info("PORTAL::log_in: SSOForward response successfuly generated")

            # If the user has not yet a portal cookie : give-it
            if not request.COOKIES.get(portal_cookie_name, None) or not authentication.redis_base.hgetall(request.COOKIES.get(portal_cookie_name, None)):
                final_response = set_portal_cookie(final_response, portal_cookie_name, portal_cookie, authentication.get_redirect_url())
            return final_response

        # If learning credentials cannot be retrieven : ask them
        except CredentialsMissingError as e:
            logger.error("PORTAL::log_in: Learning credentials missing : asking-them")
            return authentication.ask_learning_credentials(request=request, portal_cookie_name=None if request.POST.get(portal_cookie_name, None) else portal_cookie_name, fields=e.fields_missing)

        # If KerberosBackend object cannot be retrieven from mongo with the backend_id that the user is authenticated on
        except InvalidId:
            logger.error("PORTAL::log_in: The user is authenticated on a not Kerberos backend, cannot do SSOForward")

        except (RequestsConnectionError,OpenSSLError) as e:
            logger.error("PORTAL::log_in: ConnectionError while trying to SSO to backend : ")
            logger.exception(e)

        except Exception as e:
            logger.error("PORTAL::log_in: Unexpected error while trying to perform SSO Forward :")
            logger.exception(e)


    """ If no response has been returned yet : redirect to the asked-uri/default-uri with portal_cookie """
    redirection_url = authentication.get_redirect_url()
    logger.info("PORTAL::log_in: Redirecting user to '{}'".format(redirection_url))
    try:
        kerberos_token_resp = authentication_results['data']['token_resp']
    except:
        kerberos_token_resp = None
    return response_redirect_with_portal_cookie(redirection_url, portal_cookie_name, portal_cookie, redirection_url.startswith('https'), kerberos_token_resp)
Пример #37
0
def send_message(request, reciever_list=[]):
    context_dict = {}
    #Do this with cookies -> if is reply set a cookie to reciever name, and when a mail is submitted empty the cookie.

    if request.method == 'GET':
        del reciever_list[:]
        context_dict['reciever_list'] = reciever_list
        message_draft = MessageForm()
        context_dict['message_draft'] = message_draft
        context_dict['title'] = ""
        context_dict['content'] = ""

    if request.session.get('is_reply'):
        if request.session['is_reply'] == True:
            try:
                reciever = request.session['reciever']
                reciever = Player.objects.get(user__username=reciever)
                if reciever not in reciever_list:
                    reciever_list.append(reciever)
                context_dict['reciever_list'] = reciever_list
                message_draft = MessageForm()
                context_dict['message_draft'] = message_draft
                context_dict['title'] = ""
                context_dict['content'] = ""

            except:
                return HttpResponseRedirect(reverse('send_message'))

    if request.method == 'POST':
        #Either send the message or do other stuff
        message_form = MessageForm(data=request.POST)
        if request.POST.__contains__(
                'suggestion') and request.POST['suggestion'] != "":
            #Add the added reciever to list
            new_recipient_name = request.POST['suggestion']
            try:
                new_recipient = Player.objects.get(
                    user__username=new_recipient_name)
                if new_recipient not in reciever_list:  #Not adding dublicates
                    reciever_list.append(new_recipient)
                else:
                    reciever_list.remove(new_recipient)
            #Pass the list to the view, which will pass it back if a new reciever is added
            except:
                pass  #The user doesn't exist. Don't add.
            context_dict['reciever_list'] = reciever_list

        #Check if the title and content have been added
        if message_form.is_valid():
            #Check if the're recievers for the message
            if (len(reciever_list) > 0):
                message = message_form.save(commit=False)
                user = request.user
                message.sender = Player.objects.get(user=user)
                message.save()

                #add recievers to the message recievers
                for reciever in reciever_list:
                    try:
                        recipient = Player.objects.get(user__username=reciever)
                        message.recipients.add(recipient)
                    except:
                        pass

                message.save()
                del reciever_list[:]
                if request.session.get('is_reply'):
                    request.session['is_reply'] = False
                    #Return a different view so the reciever_list gets wiped.
                messages.add_message(request, messages.INFO,
                                     "Your message has been sent")
                return (HttpResponseRedirect(reverse('display_messages')))
            else:
                #No recipiants. Don't send the message. Tell the user to add recipiants.
                messages.add_message(
                    request, messages.INFO,
                    'Please add a recipient to send a message.')
        else:
            #The form wasn't valid.

            messages.add_message(
                request, messages.INFO,
                'Please add a title and content to send a message.')

    return render(request, "bandmatch/send_message.html", context_dict)
Пример #38
0
def edit_band(request, band_name_slug):

    context_dict = {}

    band = Band.objects.get(slug=band_name_slug)

    context_dict = get_bandDetails(band_name_slug)

    members_list = band.members.all()

    context_dict['is_member'] = 0

    context_dict['messages'] = ''

    if request.user.is_authenticated():
        player = Player.objects.get(user=request.user)
        if player in members_list:
            context_dict['is_member'] = 1

    advert_list = Advert.objects.filter(band__exact=band)
    context_dict['adverts'] = advert_list.order_by('-date')

    context_dict['band_form'] = BandForm(instance=band)

    if request.method == 'POST':
        band_form = BandForm(request.POST, request.FILES, instance=band)

        if request.POST.__contains__('suggestion'):
            new_member = request.POST['suggestion']
            try:
                new_member_profile = Player.objects.get(
                    user__username=new_member)  #try/except?
                band.members.add(new_member_profile)
                band.save()
                #noify new member
                notify_new = Message.objects.create(
                    title="You have been added to a band",
                    content="You have been added to " + band.name,
                    sender=Player.objects.get(user__username__exact="Admin"))
                notify_new.recipients.add(new_member_profile)
                notify_new.save()
                #notify all other members
                notify_new = Message.objects.create(
                    title=new_member + " has been added to your band",
                    content=new_member + " is now in " + band.name,
                    sender=Player.objects.get(user__username__exact="Admin"))
                for member in band.members.all():
                    if member != new_member_profile:
                        notify_new.recipients.add(member)
                notify_new.save()
                context_dict[
                    'messages'] = new_member + " has been added to this band"
            except:
                context_dict[
                    'messages'] = "A player with the given username doesn't exist!"

        if request.POST.__contains__('suggest_mem'):
            removed_member = request.POST['suggest_mem']
            try:
                removed_member_profile = Player.objects.get(
                    user__username=removed_member)
                band.members.remove(removed_member_profile)
                band.save()
                #notify removed member
                notify_removed = Message.objects.create(
                    title="You have been removed from a band",
                    content="You have been removed from " + band.name,
                    sender=Player.objects.get(user__username__exact="Admin"))
                notify_removed.recipients.add(removed_member_profile)
                notify_removed.save()
                #notify all other members
                notify_removed = Message.objects.create(
                    title=removed_member + " has been removed from your band",
                    content=removed_member + " is no longer in " + band.name,
                    sender=Player.objects.get(user__username__exact="Admin"))
                for member in band.members.all():
                    notify_removed.recipients.add(member)
                notify_removed.save()
                context_dict[
                    'messages'] = removed_member + " has been removed from this band"
            except:
                context_dict[
                    'messages'] = "The player with the given username doesn't exist"

        if band_form.is_valid():

            band = band_form.save(commit=False)

            if 'image' in request.FILES:
                band.image = request.FILES['image']

            if 'demo' in request.FILES:
                band.demo = request.FILES['demo']

            band.save()

            band_name_slug = band.slug

            context_dict.update(get_bandDetails(band_name_slug))

            return HttpResponseRedirect(reverse('band', args=[band_name_slug]))

    return render(request, 'bandmatch/edit_band.html', context_dict)
Пример #39
0
def edit_oauth_app(request, app_id=None):
    """Create or edit an OAuth2 application.

    Args:
        request (django.http.HttpRequest):
            The current HTTP request.

        app_id (int, optional):
            The ID of the application to edit.

            If this argument is ``None`` a new application will be edited.

    Returns:
        django.http.HttpResponse:
        The rendered view.
    """
    # If we import this at global scope, it will cause issues with admin sites
    # being automatically registered.
    from reviewboard.oauth.admin import ApplicationAdmin

    if app_id:
        app = get_object_or_404(
            Application,
            pk=app_id,
            user=request.user,
        )
        form_cls = UserApplicationChangeForm
        fieldsets = ApplicationAdmin.fieldsets
    else:
        app = None
        form_cls = UserApplicationCreationForm
        fieldsets = ApplicationAdmin.add_fieldsets

    if request.method == 'POST':
        form_data = request.POST.copy()

        form = form_cls(user=request.user, data=form_data, initial=None,
                        instance=app)

        if form.is_valid():
            app = form.save()

            if app_id is not None:
                next_url = OAuth2Page.get_absolute_url()
            else:
                next_url = reverse('edit-oauth-app', args=(app.pk,))

            return HttpResponseRedirect(next_url)
    else:
        form = form_cls(user=request.user, data=None, initial=None,
                        instance=app)
        # Show a warning at the top of the form when the form is disabled for
        # security.
        #
        # We don't need to worry about full_clean not being called (which would
        # be if we went through form.errors) because this form will never be
        # saved.
        if app and app.is_disabled_for_security:
            form._errors = ErrorDict({
                '__all__': form.error_class(
                    [form.DISABLED_FOR_SECURITY_ERROR],
                ),
            })

    return render_to_response(
        'accounts/edit_oauth_app.html',
        {
            'app': app,
            'form': form,
            'fieldsets': filter_fieldsets(form=form_cls,
                                          fieldsets=fieldsets),
            'oauth2_page_url': OAuth2Page.get_absolute_url(),
            'request': request,
        })
Пример #40
0
def edit_profile(request, username):
    context_dict = {}
    context_dict['message'] = ""
    changed = False

    context_dict = get_profileDetails(request, username)

    user = User.objects.get(username=username)

    player = Player.objects.get(user=user)

    if request.user == user:
        context_dict['is_user'] = 1
    else:
        context_dict['is_user'] = 0

    context_dict['user_form'] = UserForm(instance=user)
    context_dict['player_form'] = PlayerForm(instance=player)

    if request.method == 'POST':
        # Attempt to grab information from the raw form information.
        user_form = UserForm(request.POST, request.FILES, instance=user)
        player_form = PlayerForm(request.POST, request.FILES, instance=player)

        instruments_list = player_form.data['instruments'].encode(
            'ascii', 'ignore').lower().split(",")
        for i in range(len(instruments_list)):
            instruments_list[i] = re.sub(r"[^a-z]+", '', instruments_list[i])
        player_form.data['instruments'] = instruments_list

        if user.check_password(user_form.data['password']):
            if user_form.is_valid() and player_form.is_valid():
                username = user_form.data['username']
                if not User.objects.filter(username=username).exists(
                ) or username == request.user.username:

                    user = user_form.save()

                    user.set_password(user.password)
                    user.save()

                    player = player_form.save(commit=False)
                    player.user = user  #do we need that here

                    player.location = player_form.data['location']
                    #Demo? Picture?

                    if 'image' in request.FILES:
                        player.image = request.FILES['image']
                    elif not player.image:
                        if player.gender == 'm':
                            player.image = settings.STATIC_URL + 'images\m.jpg'
                        elif player.gender == 'f':
                            player.image = settings.STATIC_URL + 'images\pf.jpg'
                        elif player.gender == 'unknown':
                            player.image = settings.STATIC_URL + 'images\o.png'

                    if 'demo' in request.FILES:
                        profile.demo = request.FILES['demo']

                    player.save()
                    username = request.POST['username']
                    password = request.POST['password']
                    user = authenticate(username=username, password=password)
                    login(request, user)

                    context_dict.update(get_profileDetails(request, username))
                    context_dict['user_form'] = UserForm(instance=user)
                    context_dict['player_form'] = PlayerForm(instance=player)
                    changed = True
                else:
                    context_dict['message'] = "Username is taken"

        else:
            print user_form.errors, player_form.errors
            context_dict[
                'message'] = "Please enter correct password to save changes"

    if changed:
        return HttpResponseRedirect(reverse('profile', args=[username]))

    return render(request, 'bandmatch/edit_profile.html', context_dict)
Пример #41
0
def logout(request):
    """注销用户"""
    auth.logout(request)
    return HttpResponseRedirect("/learning_logs/index/")
Пример #42
0
def reply_message(request, reciever, title):
    request.session['title'] = title  #How to pass this on to the message form?
    request.session['is_reply'] = True
    request.session['reciever'] = reciever
    return HttpResponseRedirect(reverse('send_message'))
Пример #43
0
def moneyio_edit(request, id):
    if not check_user_login(request):
        return login(request)

    user = request.session.get('user')
    if request.method == 'POST':
        form = MoneyIOForm(data=request.POST, user=user)
        if form.is_valid():
            account = AccountService().getAccount(form.cleaned_data['account'],
                                                  user)
            happentime = form.cleaned_data['happentime']
            moneyiotype = MoneyService().getMoneyIOUserType(
                form.cleaned_data['moneyiotype'], user)
            money = form.cleaned_data['money']
            currency = AccountService().getCurrency(
                form.cleaned_data['currency'])
            isshare = form.cleaned_data['isshare']
            description = form.cleaned_data['description']
            MoneyService().editMoneyIO(id, account, happentime, moneyiotype,
                                       money, currency, isshare, description,
                                       user)
            return HttpResponseRedirect('/moneyio/')
    else:
        moneyio = MoneyService().getMoneyIO(id, user)
        if moneyio:
            moneyio_account_id = None
            if moneyio.account:
                moneyio_account_id = moneyio.account.id
            moneyio_moneyiotype_id = None
            if moneyio.moneyiotype:
                moneyio_moneyiotype_id = moneyio.moneyiotype.id
            moneyio_currency_id = None
            if moneyio.currency:
                moneyio_currency_id = moneyio.currency.id
            form = MoneyIOForm(initial={
                'account': moneyio_account_id,
                'happentime': moneyio.happentime,
                'moneyiotype': moneyio_moneyiotype_id,
                'money': moneyio.money,
                'currency': moneyio_currency_id,
                'isshare': moneyio.isshare,
                'description': moneyio.description
            },
                               user=user)
        else:
            return HttpResponseRedirect('/moneyio/')

    page_title = ugettext('Edit Money Income and Expense')
    pageinfo = PageInfo(page_menu_name='Money',
                        user=user,
                        page_title=page_title)
    helptext_list = AdminService().getCategoryHelpTextList(
        'Money Income and Expense')
    form_action_url = '/moneyio/edit/' + id
    return render_to_response(
        'common_add_edit.html', {
            'pageinfo': pageinfo,
            'helptext_list': helptext_list,
            'form_action_url': form_action_url,
            'form': form,
            'user': user
        })
Пример #44
0
def home(request):
    return HttpResponseRedirect("/secret/")
Пример #45
0
    def post(self, request, *args, **kwargs):
        """
        First check if original model is valid. If so, then add to list of valid models.
        Next, go through each EG, binding with instance if one exists. Go through
        each and make sure each is valid, and if so, add to list. Then, if all
        are valid, save each in list. Delete any EGs which greater than the list.
        """
        valid_endpoint_forms = []
        valid_iad_forms = []
        self.object = self.get_object()
        form_class = self.get_form_class()
        form = self.get_form(form_class)
        if form.is_valid():
            #now, try to save each endpoint
            egs = json.loads(request.POST['egs_json'])
            iads = json.loads(request.POST['iad_json'])
            for i, eg in enumerate(egs):
                eg['endpoint'] = self.object.pk
                try:
                    eg_form = forms.EndpointGroupForm(eg,
                        instance=models.EndpointGroup.objects.get(endpoint=self.object.pk, dose_group_id=i))
                except:
                    eg_form = forms.EndpointGroupForm(eg)
                if eg_form.is_valid():
                    valid_endpoint_forms.append(eg_form)
                    #check individual animal groups
                    iads_for_eg = [v for v in iads if v['dose_group_id'] == eg_form.instance.dose_group_id]
                    for iad in iads_for_eg:
                        iad['endpoint_group'] = eg_form.instance.pk
                        iad_form = forms.IndividualAnimalForm(iad)
                        if iad_form.is_valid():
                            valid_iad_forms.append(iad_form)
                        else:
                            self.iad_errors = form_error_list_to_ul(iad_form)
                            return self.form_invalid(form)
                else:
                    self.egs_errors = form_error_list_to_ul(eg_form)
                    return self.form_invalid(form)
        else:
            return self.form_invalid(form)

        #now, save each form, and delete any existing fields not found here
        form.save()

        valid_eg_pks = []
        for form in valid_endpoint_forms:
            valid_eg = form.save()
            valid_eg_pks.append(valid_eg.pk)
        models.EndpointGroup.objects\
                .filter(endpoint=self.object.pk)\
                .exclude(pk__in=valid_eg_pks).delete()

        valid_iad_models = []
        for form in valid_iad_forms:
            valid_iad_models.append(form.save(commit=False))

        # NOTE that this doesn't update existing objects, but creates entirely new
        # ones. If update is required for auditing-logs, will need to pass the pk
        # for each group-back and forth from model. TODO in future?
        models.IndividualAnimal.objects.filter(endpoint_group__in=valid_eg_pks).delete()
        models.IndividualAnimal.objects.bulk_create(valid_iad_models)

        self.send_message()  # replicate MessageMixin
        return HttpResponseRedirect(self.get_success_url())
Пример #46
0
def logout(request):
    # log the user out
    django.contrib.auth.logout(request)
    # redirect to the login page
    return HttpResponseRedirect(reverse('users:login'))
Пример #47
0
def logout_view(request):
    logout(request)
    url = reverse('login')
    return HttpResponseRedirect(url)
Пример #48
0
def delete_session(request, object_id):
    session = get_object_or_404(Session, pk=object_id)
    if not request.user.is_superuser:
        if request.user != session.owner:
            return HttpResponseRedirect('/admin/?next=%s' % request.path)
    return main.delete_stage(request, "mturk", "session", object_id)
Пример #49
0
def report_event_process(request, report_id):
    report = ReportEvent.active.get(id=report_id)
    report.process()

    return HttpResponseRedirect(reverse('report_event_list'))
Пример #50
0
def index(request):
    return HttpResponseRedirect('/')
Пример #51
0
def remove_free_try(request, account_id):
    account = Account.objects.filter(id=account_id).update(bonus_budget=0)
    return HttpResponseRedirect(reverse('free_try'))
Пример #52
0
def admin_unshare_stats(request, campaign_id, account_id):
    ShareAdvertisingCampaign.objects.filter(campaign_id=campaign_id,
                                            account_id=account_id).delete()
    return HttpResponseRedirect(
        reverse("admin_share_stats", kwargs={'campaign_id': campaign_id}))
Пример #53
0
def admin_remove_featured(request, featured_event_id):
    FeaturedEvent.objects.get(id=featured_event_id).delete()
    return HttpResponseRedirect(reverse('admin_featured'))
Пример #54
0
def remove_bonus_campaign(request, campaign_id):
    BonusCampaign.objects.filter(id=campaign_id).delete()
    return HttpResponseRedirect(reverse('bonus_campaigns'))
Пример #55
0
def admin_advertising_remove_ad(request, ad_id):
    ad = Advertising.objects.get(id=ad_id)
    ad.delete()
    return HttpResponseRedirect(reverse('admin_advertising'))
Пример #56
0
def admin_deactivate_featured(request, featured_event_id):
    featured_event = FeaturedEvent.objects.get(id=featured_event_id)
    featured_event.active = False
    featured_event.save()
    return HttpResponseRedirect(reverse('admin_featured'))
Пример #57
0
def admin_advertising_edit_campaign(request, campaign_id):
    campaign = AdvertisingCampaign.objects.get(id=campaign_id)

    form = AdvertisingCampaignEditForm(campaign.account, instance=campaign)

    advertising_types = AdvertisingType.objects.filter(
        active=True).order_by("id")

    advertising_images = {
        ad.ad_type_id: ad.image
        for ad in campaign.advertising_set.all()
    }

    if request.method == 'POST':
        form = AdvertisingCampaignEditForm(campaign.account,
                                           instance=campaign,
                                           data=request.POST,
                                           files=request.FILES)

        if form.is_valid():
            campaign = form.save()

            chosen_advertising_types = get_chosen_advertising_types(
                campaign, request)
            chosen_advertising_payment_types = get_chosen_advertising_payment_types(
                campaign, request)
            chosen_advertising_images = get_chosen_advertising_images(
                campaign, request)

            # Remove unchecked ads
            for ad in campaign.advertising_set.all():
                if ad.ad_type_id not in chosen_advertising_types:
                    ad.delete()

            # Create or update ads
            for advertising_type_id in chosen_advertising_types:
                advertising_type = AdvertisingType.objects.get(
                    id=advertising_type_id)
                advertising, created = Advertising.objects.get_or_create(
                    ad_type=advertising_type, campaign=campaign)

                advertising.payment_type = chosen_advertising_payment_types[
                    advertising_type_id]

                if advertising_type_id in chosen_advertising_images:
                    advertising.image = chosen_advertising_images[
                        advertising_type_id]

                advertising.cpm_price = advertising_type.cpm_price
                advertising.cpc_price = advertising_type.cpc_price

                advertising.save()

            campaign = form.save()
            return HttpResponseRedirect(reverse('admin_advertising'))

    chosen_advertising_types = get_chosen_advertising_types(campaign, request)
    chosen_advertising_payment_types = get_chosen_advertising_payment_types(
        campaign, request)
    chosen_advertising_images = get_chosen_advertising_images(
        campaign, request)

    return render_to_response(
        'cf-admin/ads/admin-advertising-edit.html', {
            "campaign": campaign,
            "form": form,
            "advertising_types": advertising_types,
            "advertising_images": advertising_images,
            "chosen_advertising_types": chosen_advertising_types,
            "chosen_advertising_payment_types":
            chosen_advertising_payment_types,
            "chosen_advertising_images": chosen_advertising_images
        },
        context_instance=RequestContext(request))
Пример #58
0
def admin_advertising_change_status(request, ad_id, status):
    ad = Advertising.objects.get(id=ad_id)
    ad.review_status = status
    ad.save()
    return HttpResponseRedirect(reverse('admin_advertising_review'))
Пример #59
0
def claim_event_refuse(request, claim_id):
    claim = ClaimEvent.active.get(id=claim_id)
    claim.process()

    return HttpResponseRedirect(reverse('claim_event_list'))
Пример #60
0
def admin_advertising_remove_campaign(request, campaign_id):
    campaign = AdvertisingCampaign.objects.get(id=campaign_id)
    campaign.delete()

    return HttpResponseRedirect(
        request.META.get('HTTP_REFERER', reverse('admin_advertising')))