def voter_file_process(election,voter_file):
last_alias_num = election.last_alias_num
num_voters = 0
new_voters = []
for voter in voter_file.itervoters():
num_voters += 1
# Is the voter a user?
new_user = False
user = User.get_by_type_and_id('password', voter['voter_id'])
if not user:
new_user = True
random_password = generate_password()
password.create_user(voter['voter_id'], random_password, voter['name'], voter['email'])
user = User.get_by_type_and_id('password', voter['voter_id'])
voter_registered = create_voter(user,election)
if new_user:
voter_send_email.delay(voter_registered.id, election.uuid, "new_user", random_password)
else:
voter_send_email.delay(voter_registered.id, election.uuid, "old_user")
if election.use_voter_aliases:
voter_alias_integers = range(last_alias_num+1, last_alias_num+1+num_voters)
random.shuffle(voter_alias_integers)
for i, voter in enumerate(new_voters):
voter.alias = 'V%s' % voter_alias_integers[i]
voter.save()
voter_file.num_voters = num_voters
voter_file.processing_finished_at = timezone.now()
voter_file.save()
def password_forgotten_view(request):
"""
forgotten password view and submit.
includes return_url
"""
from helios_auth.view_utils import render_template
from helios_auth.models import User
if request.method == "GET":
return render_template(request, 'password/forgot', {'return_url': request.GET.get('return_url', '')})
else:
username = request.POST['username']
return_url = request.POST['return_url']
try:
user = User.get_by_type_and_id('password', username)
except User.DoesNotExist:
return render_template(request, 'password/forgot', {'return_url': request.GET.get('return_url', ''), 'error': 'no such username'})
body = """
This is a password reminder:
Your username: %s
Your password: %s
--
%s
""" % (user.user_id, user.info['password'], settings.SITE_TITLE)
# FIXME: make this a task
send_mail('password reminder', body, settings.SERVER_EMAIL, ["%s <%s>" % (user.info['name'], user.info['email'])], fail_silently=False)
return HttpResponseRedirect(return_url)
def password_login_view(request):
from helios_auth.view_utils import render_template
from helios_auth.views import after
from helios_auth.models import User
error = None
if request.method == "GET":
form = LoginForm()
else:
form = LoginForm(request.POST)
# set this in case we came here straight from the multi-login chooser
# and thus did not have a chance to hit the "start/password" URL
request.session["auth_system_name"] = "password"
if "return_url" in request.POST:
request.session["auth_return_url"] = request.POST.get("return_url")
if form.is_valid():
username = form.cleaned_data["username"].strip()
password = form.cleaned_data["password"].strip()
try:
user = User.get_by_type_and_id("password", username)
if password_check(user, password):
request.session["password_user_id"] = user.user_id
return HttpResponseRedirect(reverse(url_names.AUTH_AFTER))
except User.DoesNotExist:
pass
error = "Bad Username or Password"
return render_template(request, "password/login", {
"form": form,
"error": error
})
def password_login_view(request):
from helios_auth.view_utils import render_template
from helios_auth.views import after
from helios_auth.models import User
error = None
if request.method == "GET":
form = LoginForm()
else:
form = LoginForm(request.POST)
# set this in case we came here straight from the multi-login chooser
# and thus did not have a chance to hit the "start/password" URL
request.session['auth_system_name'] = 'password'
if request.POST.has_key('return_url'):
request.session['auth_return_url'] = request.POST.get('return_url')
if form.is_valid():
username = form.cleaned_data['username'].strip()
password = form.cleaned_data['password'].strip()
try:
user = User.get_by_type_and_id('password', username)
if password_check(user, password):
request.session['password_user'] = user
return HttpResponseRedirect(reverse(after))
except User.DoesNotExist:
pass
error = 'Bad Username or Password'
return render_template(request, 'password/login', {
'form': form,
'error': error
})
def password_forgotten_view(request):
"""
forgotten password view and submit.
includes return_url
"""
from helios_auth.view_utils import render_template
from helios_auth.models import User
if request.method == "GET":
return render_template(request, 'password/forgot', {'return_url': request.GET.get('return_url', '')})
else:
username = request.POST['username']
return_url = request.POST['return_url']
try:
user = User.get_by_type_and_id('password', username)
except User.DoesNotExist:
return render_template(request, 'password/forgot', {'return_url': request.GET.get('return_url', ''), 'error': 'no such username'})
body = """
This is a password reminder:
Your username: %s
Your password: %s
--
%s
""" % (user.user_id, user.info['password'], settings.SITE_TITLE)
# FIXME: make this a task
send_mail('password reminder', body, settings.SERVER_EMAIL, ["%s <%s>" % (user.info['name'], user.info['email'])], fail_silently=False)
return HttpResponseRedirect(return_url)
def password_login_view(request):
from helios_auth.view_utils import render_template
from helios_auth.views import after
from helios_auth.models import User
error = None
if request.method == "GET":
form = LoginForm()
else:
form = LoginForm(request.POST)
# set this in case we came here straight from the multi-login chooser
# and thus did not have a chance to hit the "start/password" URL
request.session['auth_system_name'] = 'password'
if request.POST.has_key('return_url'):
request.session['auth_return_url'] = request.POST.get('return_url')
if form.is_valid():
username = form.cleaned_data['username'].strip()
password = form.cleaned_data['password'].strip()
try:
user = User.get_by_type_and_id('password', username)
if password_check(user, password):
request.session['password_user_id'] = user.user_id
return HttpResponseRedirect(reverse(after))
except User.DoesNotExist:
pass
error = 'Bad Username or Password'
return render_template(request, 'password/login', {'form': form, 'error': error})
def create_user(username, password, name = None):
from helios_auth.models import User
user = User.get_by_type_and_id('password', username)
if user:
raise Exception('user exists')
info = {'password' : password, 'name': name}
user = User.update_or_create(user_type='password', user_id=username, info = info)
user.save()
def create_user(username, password, name = None):
from helios_auth.models import User
user = User.get_by_type_and_id('password', username)
if user:
raise Exception('user exists')
info = {'password' : password, 'name': name}
user = User.update_or_create(user_type='password', user_id=username, info = info)
user.save()
def password_forgotten_view(request):
"""
forgotten password view and submit.
includes return_url
"""
from helios_auth.view_utils import render_template
from helios_auth.models import User
if request.method == "GET":
return render_template(
request,
"password/forgot",
{"return_url": request.GET.get("return_url", "")},
)
else:
username = request.POST["username"]
return_url = request.POST["return_url"]
try:
user = User.get_by_type_and_id("password", username)
except User.DoesNotExist:
return render_template(
request,
"password/forgot",
{
"return_url": request.GET.get("return_url", ""),
"error": "no such username",
},
)
body = """
This is a password reminder:
Your username: %s
Your password: %s
--
%s
""" % (
user.user_id,
user.info["password"],
settings.SITE_TITLE,
)
# FIXME: make this a task
send_mail(
"password reminder",
body,
settings.SERVER_EMAIL,
["%s <%s>" % (user.info["name"], user.info["email"])],
fail_silently=False,
)
return HttpResponseRedirect(return_url)
def create_user(username, password, name=None):
from helios_auth.models import User
user = User.get_by_type_and_id("password", username)
if user:
raise Exception("user exists")
info = {"password": password, "name": name}
user = User.update_or_create(user_type="password",
user_id=username,
info=info)
user.save()
def create_user(username, password, name = None):
from helios_auth.models import User
from django.db import models
try:
user = User.get_by_type_and_id('password', username)
raise Exception('user exists')
except User.DoesNotExist:
pass
info = {'password' : password, 'name': name}
user = User.update_or_create(user_type='password', user_id=username, info = info)
user.save()
def get_user_info_after_auth(request):
from helios_auth.models import User
user = User.get_by_type_and_id('password',
request.session['password_user_id'])
del request.session['password_user_id']
return {
'type': 'password',
'user_id': user.user_id,
'name': user.name,
'info': user.info,
'token': None
}
def get_user_info_after_auth(request):
from helios_auth.models import User
user = User.get_by_type_and_id("password",
request.session["password_user_id"])
del request.session["password_user_id"]
return {
"type": "password",
"user_id": user.user_id,
"name": user.name,
"info": user.info,
"token": None,
}
def create_user(username, password, name=None):
from helios_auth.models import User
from django.db import models
try:
user = User.get_by_type_and_id('password', username)
raise Exception('user exists')
except User.DoesNotExist:
pass
info = {'password': password, 'name': name}
user = User.update_or_create(user_type='password',
user_id=username,
info=info)
user.save()
def password_forgotten_view(request):
"""
forgotten password view and submit.
includes return_url
"""
from helios_auth.view_utils import render_template
from helios_auth.models import User
if request.method == "GET":
return render_template(request, "password/forgot", {"return_url": request.GET.get("return_url", "")})
else:
username = request.POST["username"]
return_url = request.POST["return_url"]
try:
user = User.get_by_type_and_id("password", username)
except User.DoesNotExist:
return render_template(
request,
"password/forgot",
{"return_url": request.GET.get("return_url", ""), "error": "no such username"},
)
body = """
This is a password reminder:
Your username: %s
Your password: %s
--
%s
""" % (
user.user_id,
user.info["password"],
settings.SITE_TITLE,
)
# FIXME: make this a task
send_mail(
"password reminder",
body,
settings.SERVER_EMAIL,
["%s <%s>" % (user.info["name"], user.info["email"])],
fail_silently=False,
)
return HttpResponseRedirect(return_url)
def get_user(request):
# push the expiration of the session back
# request.session.set_expiry(settings.SESSION_COOKIE_AGE)
# set up CSRF protection if needed
if 'csrf_token' not in request.session or not isinstance(
request.session['csrf_token'], str):
request.session['csrf_token'] = str(uuid.uuid4())
if 'user' in request.session:
user = request.session['user']
# find the user
user_obj = User.get_by_type_and_id(user['type'], user['user_id'])
return user_obj
else:
return None
def post(self, request):
try:
user = auth_user(request)
election_params = json.loads(request.body)
election_params['short_name'] = "%s_%s" % (
election_params['short_name'], user['username'])
election_params['uuid'] = str(uuid.uuid1())
election_params['cast_url'] = reverse(
'elections-cast',
args=[election_params['uuid']],
request=request)
election_params['openreg'] = False # registration starts closed
election_params['admin'] = User.get_by_type_and_id(
'password', user['username'])
election = Election.objects.create(**election_params)
return response(201, {'uuid': election_params['uuid']})
except Exception as err:
return get_error(err)
def get_user(request):
# push the expiration of the session back
# request.session.set_expiry(settings.SESSION_COOKIE_AGE)
# set up CSRF protection if needed
if "csrf_token" not in request.session or (
type(request.session["csrf_token"]) != str
and type(request.session["csrf_token"]) != str):
request.session["csrf_token"] = str(uuid.uuid4())
if "user" in request.session:
user = request.session["user"]
# find the user
user_obj = User.get_by_type_and_id(user["type"], user["user_id"])
return user_obj
else:
return None
def get_user(request):
# push the expiration of the session back
# request.session.set_expiry(settings.SESSION_COOKIE_AGE)
# set up CSRF protection if needed
if not request.session.has_key('csrf_token') or (
type(request.session['csrf_token']) != str
and type(request.session['csrf_token']) != unicode):
request.session['csrf_token'] = str(uuid.uuid4())
if request.session.has_key('user'):
user = request.session['user']
# find the user
user_obj = User.get_by_type_and_id(user['type'], user['user_id'])
return user_obj
else:
return None
def process(self):
logger.error('--------------------- processing voterfile')
self.processing_started_at = datetime.datetime.utcnow()
self.save()
election = self.election
last_alias_num = election.last_alias_num
num_voters = 0
new_voters = []
for voter in self.itervoters():
num_voters += 1
# does voter for this user already exist
existing_voter = Voter.get_by_election_and_voter_id(election, voter['voter_id'])
if existing_voter:
logger.error(existing_voter.voter_login_id)
# create the voter
if not existing_voter:
voter_uuid = str(uuid.uuid4())
user = User.get_by_type_and_id('dnie', voter['voter_id'])
existing_voter = Voter(uuid= voter_uuid, user = user, voter_login_id = voter['voter_id'],
voter_name = voter['name'], voter_email = voter['email'], election = election)
existing_voter.generate_password()
new_voters.append(existing_voter)
existing_voter.save()
if election.use_voter_aliases:
voter_alias_integers = range(last_alias_num+1, last_alias_num+1+num_voters)
random.shuffle(voter_alias_integers)
for i, voter in enumerate(new_voters):
voter.alias = 'V%s' % voter_alias_integers[i]
voter.save()
self.num_voters = num_voters
self.processing_finished_at = datetime.datetime.utcnow()
self.save()
return num_voters
def get_user(pk):
user = User.get_by_type_and_id('password', pk)
if (user):
return user
else:
raise_exception(404,'User not found.')
def get_user_session(username):
user = User.get_by_type_and_id('password', username)
if (user):
return user
raise_exception(404, 'User not found.')
def get_user_info_after_auth(request):
from helios_auth.models import User
user = User.get_by_type_and_id('password', request.session['password_user_id'])
del request.session['password_user_id']
return {'type': 'password', 'user_id' : user.user_id, 'name': user.name, 'info': user.info, 'token': None}
