Пример #1
0
 def check_access(cls, request):
     if request.GET.get('data'):
         data = Sign().unsign(request.GET.get('data'), SMS_AGE * 2)
         if data.get('ip') == get_ip(request):
             user_agent = md5(request.META['HTTP_USER_AGENT'])
             if data.get('user_agent') == user_agent:
                 return True
Пример #2
0
 def check_access(cls, request):
     if request.GET.get('data'):
         data = Sign().unsign(request.GET.get('data'), SMS_AGE * 2)
         if data.get('ip') == get_ip(request):
             user_agent = md5(request.META['HTTP_USER_AGENT'])
             if data.get('user_agent') == user_agent:
                 return True
Пример #3
0
def get_data(request):
    data = Sign().unsign(request.GET.get('data'), age=SMS_AGE * 2)
    if data is not None and 'credentials' in data:
        if 'captcha' in data['credentials']:
            data['credentials'].pop('captcha')
        user = authenticate(**data['credentials'])
        if user is not None and user.is_active:
            if get_ip(request) == data.get('ip'):
                return data
    raise Http404('Data is not valid!')
Пример #4
0
def get_data(request):
    data = Sign().unsign(request.GET.get('data'), age=SMS_AGE * 2)
    if data is not None and 'credentials' in data:
        if 'captcha' in data['credentials']:
            data['credentials'].pop('captcha')
        user = authenticate(**data['credentials'])
        if user is not None and user.is_active:
            if get_ip(request) == data.get('ip'):
                return data
    raise Http404('Data is not valid!')
Пример #5
0
def _get_data(request):
    data = Sign().unsign(request.GET.get("data"), age=SMS_AGE * 2)
    if data is not None and "credentials" in data:
        if "captcha" in data["credentials"]:
            data["credentials"].pop("captcha")
        user = authenticate(**data["credentials"])
        if user is not None and user.is_active:
            if get_ip(request) == data.get("ip"):
                return data
    raise Http404("Data is not valid!")
Пример #6
0
 def generate_codes(self):
     data = {}
     rand = RandomPassword()
     for i in range(1, CODE_RANGES + 1):
         data[i] = rand.get(max_value=CODE_LEN)
     self.code = Sign().sign(json.dumps(data))
     return self.save()
Пример #7
0
 def get_data(self):
     codes = json.loads(Sign().unsign(self.code))
     data = collections.OrderedDict(
         sorted(codes.items(), key=lambda t: int(t[0])))
     return dict(
         codes=data,
         number=self.get_code_number()
     )
Пример #8
0
    def activate(self, request, activation_key):
        sign_key = Sign().unsign(request.GET.get('key'), SMS_AGE * 2)
        if str(activation_key) != str(sign_key):
            raise Http404('Not found!')

        obj = super(ActivationDoneView, self).activate(request, activation_key)
        if obj is not None:
            UserAuthPhone.objects.filter(user=obj).update(enabled=1)
        return obj
Пример #9
0
 def notify(cls, request, message=None, force=False):
     obj = cls.objects.filter(user=request.user)
     if (obj.exists() and obj[0].enabled) or force:
         obj = UserAuthPhone.objects.filter(user=request.user)
         message = message if message else SMS_NOTIFICATION_MESSAGE
         if obj.exists():
             send_sms(SMS_FROM, Sign().unsign(obj[0].phone), message)
         elif request.user.email:
             send_mail(
                 [request.user.email], MAIL_DEFAULT_SUBJECT, message)
Пример #10
0
 def send_link(cls, request, user):
     data = {
         'ip': get_ip(request),
         'user_agent': md5(request.META.get('HTTP_USER_AGENT')),
     }
     link = 'http://%s%s?data=%s' % (
         Site.objects.get_current(),
         reverse('auth_login'),
         Sign().sign(data)
     )
     send_mail(
         [user.email], _('Link for unlock access'), link
     )
Пример #11
0
    def send_codes(cls, request):
        settings_list = cls.objects.filter(user=request.user)

        if settings_list.exists():
            created_seconds = (now() - settings_list[0].created).seconds
            if created_seconds > 300:
                return

            codes = json.loads(Sign().unsign(settings_list[0].code))
            codes_list = collections.OrderedDict(
                sorted(codes.items(), key=lambda t: int(t[0])))
            message = ''
            for (k, v) in codes_list.items():
                message += '%s. %s\n' % (k, v)
            send_mail(
                [request.user.email], CODES_SUBJECT, message
            )
            return True
Пример #12
0
 def get_code_number(self):
     number = random.choice(range(1, CODE_RANGES + 1))
     self.number = Sign().sign(number)
     self.save()  # update_fields=['number']
     return number
Пример #13
0
 def _code_is_valid(self, code):
     data = json.loads(Sign().unsign(self.code))
     number = str(Sign().unsign(self.number, SMS_AGE))
     return str(code) == str(data.get(number))
Пример #14
0
 def _code_is_valid(self, code):
     if code.isdigit():
         return check_seed(Sign().unsign(self.code), int(code))
Пример #15
0
 def _code_is_valid(self, code):
     return str(Sign().unsign(self.code, SMS_AGE)) == str(code)
Пример #16
0
 def send_sms(self):
     code = str(RandomPassword().get(SMS_CODE_LEN, SMS_ASCII)).lower()
     send_sms(SMS_FROM, Sign().unsign(self.phone), SMS_MESSAGE % code)
     self.code = Sign().sign(code)
     self.save()
Пример #17
0
 def save(self, *args, **kwargs):
     if self.phone.startswith('+'):
         self.phone = Sign().sign(get_formatted_phone(self.phone))
     super(UserAuthPhone, self).save(*args, **kwargs)
Пример #18
0
 def make(self):
     if not self.code:
         self.code = Sign().sign(random_seed())
         self.save()
Пример #19
0
def login(request,
          template_name='secureauth/login.html',
          redirect_field_name=REDIRECT_FIELD_NAME,
          authentication_form=BaseAuthForm,
          current_app=None,
          extra_context=None,
          redirect_to=''):  # pylint: disable=R0913
    args = [redirect_field_name, redirect_to]
    redirect_to = request.GET.get(*args) or request.POST.get(*args)

    if CHECK_ATTEMPT and UserAuthAttempt.is_banned(request):
        return HttpResponseBadRequest()

    if request.method == "POST":
        form = authentication_form(request,
                                   data=request.POST,
                                   test_cookie_enabled=False)
        if form.is_valid():
            if not is_safe_url(url=redirect_to, host=request.get_host()):
                redirect_to = settings.LOGIN_REDIRECT_URL
                if '/' not in redirect_to and '.' not in redirect_to:
                    redirect_to = reverse(settings.LOGIN_REDIRECT_URL)

            user = form.get_user()

            if UserAuthIPRange.is_blocked(request, user):
                return render(request, 'secureauth/blocked_ip.html')

            if SMS_FORCE or len(get_available_auth_methods(user)) > 1:
                data = {
                    'credentials': form.cleaned_data,
                    'user_pk': user.pk,
                    'ip': get_ip(request),
                    'redirect_to': redirect_to,
                    'extra_context': extra_context,
                }
                data = Sign().sign(data)
                return HttpResponseRedirect(
                    '%s?data=%s' % (reverse('auth_confirmation'), data))
            else:
                auth_login(request, user)

                if request.session.test_cookie_worked():
                    request.session.delete_test_cookie()

                if UserAuthLogging.is_enabled(request):
                    UserAuthActivity.check_location(request)
                    UserAuthActivity.log_auth(request)
                UserAuthAttempt.remove(request)
                request.session['ip'] = get_ip(request)
                return HttpResponseRedirect(redirect_to)
        elif CHECK_ATTEMPT is True:
            UserAuthAttempt.clean()
            UserAuthAttempt.store(request)
    else:
        form = authentication_form(request)

    request.session.set_test_cookie()

    current_site = get_current_site(request)

    context = {
        'form': form,
        redirect_field_name: redirect_to,
        'site': current_site,
        'site_name': current_site.name,
    }
    if extra_context is not None:
        context.update(extra_context)
    if django.VERSION < (1, 8):
        return TemplateResponse(request,
                                template_name,
                                context,
                                current_app=current_app)
    else:
        return TemplateResponse(request, template_name, context)
Пример #20
0
 def set_data(self, question, answer):
     self.code = Sign().sign(answer)
     self.question = Sign().sign(question)
     self.save()
     return self
Пример #21
0
 def get_google_url(self):
     data = model_to_dict(Site.objects.get_current())
     data.update(model_to_dict(self.user))
     return get_google_url(Sign().unsign(self.code), TOTP_NAME % data)
Пример #22
0
 def get_success_url(self):
     key = Sign().sign(self.kwargs.get('activation_key'))
     return reverse(
         'registration_activation_done', kwargs=self.kwargs
     ) + '?key=' + key
Пример #23
0
 def get_question(self):
     return Sign().unsign(self.question)
Пример #24
0
 def decrypt(key, **kwargs):
     if 'initial' in kwargs:
         if kwargs['initial'] and key in kwargs['initial'].keys():
             unsigned = Sign().unsign(kwargs['initial'][key])
             if unsigned is not None:
                 kwargs['initial'][key] = unsigned
Пример #25
0
 def _code_is_valid(self, code):
     return Sign().unsign(self.code) == code