def clean_password(self): password1 = self.cleaned_data.get('password', '') user = User(email=self.cleaned_data.get('email')) if validate_password(password1, user=user) is not None: raise forms.ValidationError(_(password_validators_help_texts()), code='pw_invalid') return password1
def form_authenticate(self, request, form_data): from pretix.base.models import User password = form_data['password'] template_data = { p: escape_filter_chars(form_data[p]) for p in self.placeholders } filter = self.search_filter_template.format_map(template_data) if not self.connection.search( self.search_base, filter, attributes=[self.email_attr]): # user not found return None res = self.connection.response if len(res) != 1: # could not uniquely identify user logger.warn( "Could not uniquely identify user. Check your search_filter") return None dn = res[0]['dn'] emails = res[0]['attributes'][self.email_attr] # handle email being a single-valued attribute if isinstance(emails, str): emails = [emails] if len(emails) != 1: # could not uniquely identify user email logger.warn("Could not uniquely identify user email") return None email = emails[0] try: success = self.connection.rebind(user=dn, password=password) except: # noqa success = False self.connection.rebind(self.config.get('ldap', 'bind_dn'), self.config.get('ldap', 'bind_password')) if not success: # wrong password return None try: user = User.objects.get(email=email) if user.auth_backend == self.identifier: return user else: # user already registered with different backend return None except User.DoesNotExist: # user does not exist yet -> create new user = User(email=email) user.auth_backend = self.identifier user.save() return user