def setUp(self):
language = factories.LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
hashpw = hash_alg.encode(password="******", salt="123salt123")
secretariat = factories.SecretariatUserFactory(language=language,
password=hashpw)
self.client.login(username=secretariat.username, password="******")
self.art7 = self.obligation_factory(ObligationTypes.ART7.value)
self.raf = self.obligation_factory(ObligationTypes.ESSENCRIT.value)
weur = factories.RegionFactory(abbr="WEUR",
name="Western Europe and Others")
unsp = factories.SubregionFactory(region=weur,
abbr="UNK",
name="Unspecified")
self.treaty = factories.TreatyFactory()
self.annex = factories.AnnexFactory()
self.au = factories.PartyFactory(abbr="AU",
name="Australia",
subregion=unsp)
self.p = {
year: self.period_factory(year)
for year in range(1980, 2020)
}
self.g = {gid: self.group_factory(gid) for gid in ["AI", "CI", "F"]}
def dang_ky(request):
form = CustomerCreate()
registered = False
if request.method == "POST":
form = CustomerCreate(data=request.POST)
hasher = Argon2PasswordHasher()
if form.is_valid(
) and form.cleaned_data['mat_khau'] == form.cleaned_data['confirm']:
request.POST._mutable = True
register = form.save(commit=False)
register.ho_ten = form.cleaned_data['ho_ten']
register.user_name = form.cleaned_data['user_name']
register.mat_khau = hasher.encode(form.cleaned_data['mat_khau'],
'somewhere')
register.email = form.cleaned_data['email']
register.phone = form.cleaned_data['phone']
register.dia_chi = form.cleaned_data['dia_chi']
register.save()
registered = True
return render(request, 'customers/profile.html',
{'username': register.user_name})
elif form.cleaned_data['mat_khau'] != form.cleaned_data['confirm']:
form.add_error('confirm', 'Mật khẩu không khớp')
else:
form = CustomerCreate()
return render(request, 'customers/dang_ky.html', {
'form': form,
'registered': registered
})
def setUp(self):
super().setUp()
self.maxDiff = None
self.workflow_class = "default"
self.obligation = ObligationFactory(_obligation_type="art7")
self.region = RegionFactory.create()
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory(subregion=self.subregion)
self.another_party = AnotherPartyFactory(subregion=self.subregion)
self.language = LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password="******", salt="123salt123"))
self.client.login(username=self.secretariat_user.username,
password='******')
self.substance = SubstanceFactory()
self.another_substance = AnotherSubstanceFactory()
self.blend = BlendFactory()
BlendComponentFactory(blend=self.blend,
substance=self.substance,
percentage=Decimal('0.5'))
BlendComponentFactory(blend=self.blend,
substance=self.another_substance,
percentage=Decimal('0.5'))
ReportingChannelFactory()
def setUp(self):
super().setUp()
self.workflow_class = "default"
self.region = RegionFactory.create()
self.period = ReportingPeriodFactory.create(
name="2018 test",
start_date=datetime.strptime('2018-01-01', '%Y-%m-%d'),
end_date=datetime.strptime('2018-12-31', '%Y-%m-%d'))
self.newer_period = ReportingPeriodFactory.create(
name="2019 test",
start_date=datetime.strptime('2019-01-01', '%Y-%m-%d'),
end_date=datetime.strptime('2019-12-31', '%Y-%m-%d'))
self.obligation = ObligationFactory.create(
_obligation_type=self._obligation_type)
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory(subregion=self.subregion)
self.another_party = AnotherPartyFactory(subregion=self.subregion)
self.language = LanguageEnFactory()
PartyHistoryFactory(party=self.party, reporting_period=self.period)
hash_alg = Argon2PasswordHasher()
self.secretariat_user = SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password="******", salt="123salt123"))
self.client.login(username=self.secretariat_user.username,
password='******')
self.substance = SubstanceFactory()
ReportingChannelFactory()
def get_hash(self):
try:
ph_obj = Argon2PasswordHasher()
return ph_obj.encode(password=self.password,
salt=get_random_string())
except HashingError:
raise HashingError("Provide valid data type for password.")
def setUp(self):
super().setUp()
ContentType.objects.clear_cache()
self.workflow_class = "default"
self.region = RegionFactory.create()
self.period = ReportingPeriodFactory.create(name="Some period")
self.obligation = ObligationFactory.create(name="Some obligation")
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory(subregion=self.subregion)
self.another_party = AnotherPartyFactory(subregion=self.subregion)
self.language = LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password="******", salt="123salt123")
)
self.party_user = ReporterUserFactory(
language=self.language,
party=self.party,
password=hash_alg.encode(password="******", salt="123salt123"),
)
self.another_party_user = ReporterUserAnotherPartyFactory(
language=self.language,
party=self.another_party,
password=hash_alg.encode(password="******", salt="123salt123"),
)
self.substance = SubstanceFactory()
ReportingChannelFactory()
def setUp(self):
super().setUp()
self.workflow_class = 'base'
self.region = RegionFactory.create()
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory(subregion=self.subregion)
self.another_party = AnotherPartyFactory(subregion=self.subregion)
self.language = LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password='******', salt='123salt123'))
self.secretariat_user_ro = SecretariatUserROFactory(
language=self.language,
password=hash_alg.encode(password='******', salt='123salt123'))
self.reporter = ReporterUserFactory(language=self.language,
party=self.party,
password=hash_alg.encode(
password='******',
salt='123salt123'))
self.reporter_same_party = ReporterUserSamePartyFactory(
language=self.language,
party=self.party,
password=hash_alg.encode(password='******', salt='123salt123'))
self.reporter_another_party = ReporterUserAnotherPartyFactory(
language=self.language,
party=self.another_party,
password=hash_alg.encode(password='******', salt='123salt123'))
ReportingChannelFactory()
def setUp(self):
super().setUp()
hash_alg = Argon2PasswordHasher()
region = RegionFactory.create()
subregion = SubregionFactory.create(region=region)
party = PartyFactory.create(subregion=subregion)
another_party = AnotherPartyFactory(subregion=subregion)
self.language_en = LanguageEnFactory()
self.language_fr = LanguageFrFactory()
self.reporter = ReporterUserFactory.create(
first_name='Test',
last_name='Test',
email='*****@*****.**',
language=self.language_en,
party=party,
password=hash_alg.encode(password='******', salt='123salt123'),
)
self.reporter_same_party = ReporterUserSamePartyFactory(
language=self.language_en,
party=party,
password=hash_alg.encode(password='******', salt='123salt123')
)
self.reporter_another_party = ReporterUserAnotherPartyFactory(
language=self.language_en,
party=another_party,
password=hash_alg.encode(password='******', salt='123salt123')
)
self.secretariat_user = SecretariatUserFactory(
language=self.language_en,
password=hash_alg.encode(password='******', salt='123salt123')
)
self.client.login(username=self.reporter.username, password='******')
ReportingChannelFactory()
def setUp(self):
super().setUp()
self.workflow_class = 'base'
self.region = RegionFactory.create()
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory(subregion=self.subregion)
self.language = LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password='******', salt='123salt123'))
self.reporter = ReporterUserFactory(language=self.language,
party=self.party,
password=hash_alg.encode(
password='******',
salt='123salt123'))
ReportingChannelFactory.create(name='Web form',
is_default_party=True,
is_default_secretariat=False)
ReportingChannelFactory.create(name='Email',
is_default_party=False,
is_default_secretariat=True)
ReportingChannelFactory.create(name='API',
is_default_party=False,
is_default_secretariat=False)
SubmissionFormatFactory()
def setUp(self):
super().setUp()
self.workflow_class = "default"
self.obligation = ObligationFactory(_obligation_type=self._obligation_type)
self.region = RegionFactory.create()
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory(subregion=self.subregion)
self.another_party = AnotherPartyFactory(subregion=self.subregion)
self.language = LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password="******", salt="123salt123")
)
self.party_user = ReporterUserFactory(
language=self.language,
party=self.party,
password=hash_alg.encode(password="******", salt="123salt123"),
)
self.another_party_user = ReporterUserFactory(
language=self.language,
username="******",
party=self.another_party,
password=hash_alg.encode(password="******", salt="123salt123"),
)
ReportingChannelFactory()
def setUp(self):
super().setUp()
self.language = factories.LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = factories.SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password="******", salt="123salt123"),
)
subregion = factories.SubregionFactory()
parties = ['TP', 'NPA', 'NPB']
for party in parties:
factories.PartyFactory(
abbr=party,
name=f"{party} party",
subregion=subregion,
)
factories.ReportingPeriodFactory(
name='2000',
start_date=datetime.strptime('2000-01-01', '%Y-%m-%d'),
end_date=datetime.strptime('2000-12-31', '%Y-%m-%d'),
)
factories.ReportingChannelFactory(name="Legacy")
substances = [100, 101, 102, 103, 104, 105, 106, 999]
for substance_id in substances:
factories.SubstanceFactory(
substance_id=substance_id,
name=f"Chemical {substance_id}",
)
factories.ObligationFactory(pk=1)
def verify_password(self, p):
passwordHasher = Argon2PasswordHasher()
try:
if passwordHasher.verify(self.password,
p.objects.get(email=self.email).password):
return True
except p.DoesNotExist:
return False
def setUp(self):
super().setUp()
self.hash_alg = Argon2PasswordHasher()
self.region = RegionFactory.create()
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory.create(subregion=self.subregion)
self.obligation = ObligationFactory.create(_form_type=self._form_type)
self.language = LanguageEnFactory()
ReportingChannelFactory()
def register(request):
if request.method == 'POST':
register_form = RegisterFormInput(data=request.POST)
if not register_form.is_valid():
# Redirect with Unknown Error
return redirect('index')
full_name = register_form.cleaned_data.get('full_name')
user_name = register_form.cleaned_data.get('user_name')
password = register_form.cleaned_data.get('password')
repeat_password = register_form.cleaned_data.get('repeat_password')
# Check whether user_name is available to be taken or not
try:
user = SiteUser.objects.get(email__exact=user_name)
# User already exists in the database
if user:
set_alert(request, 'user_exists')
return redirect('index')
except ObjectDoesNotExist:
user = SiteUser(email=user_name)
# Check whether user has properly entered the password
if password != repeat_password:
set_alert(request, 'password_mismatch')
return redirect('index')
user.password = make_password(password, hasher=Argon2PasswordHasher())
# Split to obtain first and last name of the user
name = full_name.split()
if(len(name) == 1):
user.first_name = name[0]
else:
user.first_name = name[0]
user.last_name = ' '.join(name[1:])
# Finally generate a Session ID
session_id = uuid.uuid4().hex
user.session_id = session_id
try:
user.save()
create_session(request, user_name, name[0])
except Error:
# Inform user there was some problem creating the user report to administrator
set_alert(request, 'generic_error')
return redirect('index')
set_alert(request, 'user_logged_in')
return redirect('home')
def setUp(self):
super().setUp()
self.language = factories.LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = factories.SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password="******", salt="123salt123"),
)
self.subregion = factories.SubregionFactory()
factories.ReportingChannelFactory(name="Legacy")
factories.ObligationFactory(pk=1)
def dang_nhap(request):
err = ''
if request.session.has_key('username'):
return redirect('customers:profile')
elif request.method == "POST":
hashers = Argon2PasswordHasher()
_ten = request.POST.get('user_name')
_mat_khau = hashers.encode(request.POST.get('mat_khau'), 'somewhere')
kh = Customer.objects.filter(user_name=_ten, mat_khau=_mat_khau)
if kh.count() > 0:
request.session['username'] = kh[0].ho_ten
return redirect('customers:profile')
else:
err = "thong tin dang nhap khong dung"
return render(request, 'customers/dang_nhap.html', {'err': err})
def setUp(self):
super().setUp()
self.region = RegionFactory.create()
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory(subregion=self.subregion)
self.language = LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password="******", salt="123salt123"))
self.client.login(username=self.secretariat_user.username,
password='******')
self.obligation = ObligationFactory(name="Other obligation",
other=True,
_obligation_type="other")
ReportingChannelFactory()
def setUp(self):
super().setUp()
self.workflow_class = "default_exemption"
self.obligation = ObligationFactory(_obligation_type="exemption")
self.region = RegionFactory.create()
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory(subregion=self.subregion)
self.language = LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password="******", salt="123salt123"))
self.reporter = ReporterUserFactory(language=self.language,
party=self.party,
password=hash_alg.encode(
password='******',
salt='123salt123'))
self.another_substance = AnotherSubstanceFactory()
self.substance = SubstanceFactory()
ReportingChannelFactory()
def setUp(self):
super().setUp()
self.workflow_class = "default"
self.obligation = ObligationFactory(_form_type="hat")
self.region = RegionFactory.create()
self.subregion = SubregionFactory.create(region=self.region)
self.party = PartyFactory(subregion=self.subregion)
self.another_party = AnotherPartyFactory(subregion=self.subregion)
self.language = LanguageEnFactory()
hash_alg = Argon2PasswordHasher()
self.secretariat_user = SecretariatUserFactory(
language=self.language,
password=hash_alg.encode(password="******", salt="123salt123"))
self.client.login(username=self.secretariat_user.username,
password='******')
self.substance = SubstanceFactory()
self.another_substance = AnotherSubstanceFactory()
ReportingChannelFactory()
def save(self):
passwordHasher = Argon2PasswordHasher()
self.password = passwordHasher.encode(self.password,
passwordHasher.salt())
super().save()
# active_token = PasswordResetTokenGenerator().make_token(Shops.objects.get(email=request.data['email']))
#
# subject, from_email, to = 'confirm your email', '*****@*****.**', request.data['email']
# text_content = 'Confirmation of registration'
# html_content = '<a href="' + env('SITE_URL') + '/face_tracking/confirm?token=' + str(active_token) + '&email=' + \
# request.data['email'] + '">Confirm Registretion</a>'
# msg = EmailMultiAlternatives(subject, text_content, from_email, [to])
# msg.attach_alternative(html_content, "text/html")
# msg.send()
#
# # generator = SchemaGenerator()
# # schema = generator.get_schema(request=request)
#
# return Response(serializer.data, status=status.HTTP_201_CREATED)
ph = Argon2PasswordHasher()
@api_view(['POST'])
@permission_classes([
AllowAny,
])
def authenticate_user(request):
try:
email = request.data['email']
password = request.data['password']
shop = Shops.objects.get(email=email)
if not (ph.verify(password, shop.password)):
res = {'error': 'invalid email of password'}
def verify_hash(self, _hash):
try:
ph_obj = Argon2PasswordHasher()
return ph_obj.verify(password=self.password, encoded=_hash)
except VerificationError:
return False
class User(models.Model, CustomModelMixin):
""" Custom user model """
id = models.UUIDField(primary_key= True, default= uuid.uuid4, editable= False)
email = models.EmailField(_("Email"), max_length= 256, blank= False, unique= True)
password = models.CharField(_("Password"), max_length= 265, blank= False)
is_active = models.BooleanField(_("Is active?"), default= True)
deleted_date = models.DateTimeField(_("Deleted date"), blank= True)
created_at = models.DateTimeField(_("Created at"), auto_now_add= True)
updated_at = models.DateTimeField(_("Updated at"), auto_now= True)
class Meta:
verbose_name = _('user')
verbose_name_plural = _('users')
app_label = 'users_app'
_tokenize_fields = (
'id', 'email', 'password', 'created_at'
)
hasher = Argon2PasswordHasher()
@property
def tokenize_fields(self):
payload = {}
print("META: ", self._meta)
for field in self._tokenize_fields:
payload[field] = getattr(self, field)
return payload
def __str__(self):
return self.email
def _generate_confirm_code(self):
return restore_password_link + get_random_string()
@classmethod
def _hash_password(cls, password):
cls.hasher.encode(password, get_random_string())
def _check_hash(self, password):
cls.hasher.verify(password)
def _encode_token(self):
return jwt.encode(
self.tokenize_fields,
jwt_settings['JWT_SECRET_KEY'],
jwt_settings['JWT_ALGORITHM'],
).decode('utf-8')
@staticmethod
def _decode_token(token, context= None):
return jwt.decode(
token,
jwt_settings['JWT_SECRET_KEY'],
jwt_settings['JWT_VERIFY'],
options= {
'verify_exp': jwt_settings['JWT_VERIFY_EXPIRATION'],
},
leeway= jwt_settings['JWT_LEEWAY'],
audience= jwt_settings['JWT_AUDIENCE'],
issuer= jwt_settings['JWT_ISSUER'],
algorithms= [jwt_settings['JWT_ALGORITHM']]
)
@classmethod
def login(cls, login, password):
user = cls.objects.filter(email= login).first()
if not (user or user._check_hash(password)):
raise Exception("Invalid password or email")
return user._encode_token()
@classmethod
def find_by_token(cls, token, context= None):
try:
payload = cls._decode_token(token, context)
user = cls.objects.filter(email= payload['email'], id= payload['id']).first()
if not (user or user._check_hash(payload['password'])):
raise GraphQLJWTError(_('Password was changed'))
del payload['password']
except jwt.ExpiredSignature:
raise GraphQLJWTError(_('Signature has expired'))
except jwt.DecodeError:
raise GraphQLJWTError(_('Error decoding signature'))
except jwt.InvalidTokenError:
raise GraphQLJWTError(_('Invalid token'))
return payload
@classmethod
def find_by_id(cls, user_id):
return cls.objects.filter(id= user_id).first()
def delete(self):
self.deleted_date = datetime.utcnow()
self.is_active = False
self.profile.delete()
self.save()
