def mail_admins_contact(request, subject, message, context, sender, to): """Send a message to the admins, as defined by the ADMINS setting.""" LOGGER.info('contact form from %s', sender) if not to and settings.ADMINS: to = [a[1] for a in settings.ADMINS] elif not settings.ADMINS: messages.error(request, _('Message could not be sent to administrator!')) LOGGER.error('ADMINS not configured, can not send message!') return mail = EmailMultiAlternatives( '{0}{1}'.format(settings.EMAIL_SUBJECT_PREFIX, subject % context), '{}\n{}'.format( message % context, TEMPLATE_FOOTER.format( address=get_ip_address(request), agent=get_user_agent(request), username=request.user.username, ), ), to=to, headers={'Reply-To': sender}, ) mail.send(fail_silently=False) messages.success(request, _('Message has been sent to administrator.'))
def test_agent_long(self): request = HttpRequest() request.META['HTTP_USER_AGENT'] = 'agent ' * 200 self.assertLess( len(get_user_agent(request)), 200 )
def mail_admins_contact(request, subject, message, context, sender, to): """Send a message to the admins, as defined by the ADMINS setting.""" LOGGER.info("contact form from %s", sender) if not to and settings.ADMINS: to = [a[1] for a in settings.ADMINS] elif not settings.ADMINS: messages.error(request, _("Could not send message to administrator.")) LOGGER.error("ADMINS not configured, cannot send message") return mail = EmailMultiAlternatives( "{}{}".format(settings.EMAIL_SUBJECT_PREFIX, subject % context), "{}\n{}".format( message % context, TEMPLATE_FOOTER.format( address=get_ip_address(request), agent=get_user_agent(request), username=request.user.username, ), ), to=to, headers={"Reply-To": sender}, ) mail.send(fail_silently=False) messages.success( request, _("Your request has been sent, you will shortly hear from us."))
def test_agent(self): request = HttpRequest() request.META['HTTP_USER_AGENT'] = 'agent' self.assertEqual( get_user_agent(request), 'Other / Other / Other' )
def make_current(self, request): if not self.is_current(): notify_account_activity( self.user, request, 'tos', date=TOS_DATE.isoformat() ) self.tos = TOS_DATE self.address = get_ip_address(request) self.user_agent = get_user_agent(request) self.save()
def make_current(self, request): if not self.is_current(): AuditLog.objects.create( self.user, request, 'tos', date=TOS_DATE.isoformat() ) self.tos = TOS_DATE self.address = get_ip_address(request) self.user_agent = get_user_agent(request) self.save()
def make_current(self, request): if not self.is_current(): notify_account_activity(self.user, request, 'tos', date=TOS_DATE.isoformat()) self.tos = TOS_DATE self.address = get_ip_address(request) self.user_agent = get_user_agent(request) self.save()
def reset_password(request): """Password reset handling.""" if request.user.is_authenticated: return redirect_profile() if "email" not in get_auth_keys(): messages.error( request, _("Cannot reset password, e-mail authentication is turned off.")) return redirect("login") captcha = None # We're already in the reset phase if "perform_reset" in request.session: return reset_password_set(request) if request.method == "POST": form = ResetForm(request.POST) if settings.REGISTRATION_CAPTCHA: captcha = CaptchaForm(request, form, request.POST) if (captcha is None or captcha.is_valid()) and form.is_valid(): if form.cleaned_data["email_user"]: audit = AuditLog.objects.create( form.cleaned_data["email_user"], request, "reset-request") if not audit.check_rate_limit(request): store_userid(request, True) return social_complete(request, "email") else: email = form.cleaned_data["email"] send_notification_email( None, [email], "reset-nonexisting", context={ "address": get_ip_address(request), "user_agent:": get_user_agent(request), "registration_hint": get_registration_hint(email), }, ) return fake_email_sent(request, True) else: form = ResetForm() if settings.REGISTRATION_CAPTCHA: captcha = CaptchaForm(request) return render( request, "accounts/reset.html", { "title": _("Password reset"), "form": form, "captcha_form": captcha, "second_stage": False, }, )
def create(self, user, request, activity, **params): address = get_ip_address(request) user_agent = get_user_agent(request) if activity == "login" and self.is_new_login(user, address, user_agent): activity = "login-new" return super().create( user=user, activity=activity, address=address, user_agent=user_agent, params=params, )
def create(self, user, request, activity, **params): address = get_ip_address(request) user_agent = get_user_agent(request) if activity == 'login' and self.is_new_login(user, address, user_agent): activity = 'login-new' return super(AuditLogManager, self).create( user=user, activity=activity, address=address, user_agent=user_agent, params=params, )
def notify_account_activity(user, request, activity, **kwargs): """Notification about important activity with account. Returns whether the activity should be rate limited.""" address = get_ip_address(request) user_agent = get_user_agent(request) if activity == 'login' and is_new_login(user, address, user_agent): activity = 'login-new' audit = AuditLog.objects.create( user, activity, address, user_agent, **kwargs ) if audit.should_notify(): # Here we do not call the get*message methods to avoid # evaluating here in request locales. We need to that later in # the template with mail locale. send_notification_email( user.profile.language, user.email, 'account_activity', context={ 'message': audit.get_message, 'extra_message': audit.get_extra_message, 'address': address, 'user_agent': user_agent, }, info='{0} from {1}'.format(activity, address), ) # Handle rate limiting if activity == 'failed-auth' and user.has_usable_password(): failures = AuditLog.objects.get_after(user, 'login', 'failed-auth') if failures.count() >= settings.AUTH_LOCK_ATTEMPTS: user.set_unusable_password() user.save(update_fields=['password']) notify_account_activity(user, request, 'locked') return True elif activity == 'reset-request': failures = AuditLog.objects.get_after(user, 'login', 'reset-request') if failures.count() >= settings.AUTH_LOCK_ATTEMPTS: return True return False
def notify_account_activity(user, request, activity, **kwargs): """Notification about important activity with account. Returns whether the activity should be rate limited.""" address = get_ip_address(request) user_agent = get_user_agent(request) if activity == 'login' and is_new_login(user, address): activity = 'login-new' audit = AuditLog.objects.create( user, activity, address, user_agent, **kwargs ) if audit.should_notify(): profile = Profile.objects.get_or_create(user=user)[0] send_notification_email( profile.language, user.email, 'account_activity', context={ 'message': audit.get_message(), 'extra_message': audit.get_extra_message(), 'address': address, 'user_agent': user_agent, }, info='{0} from {1}'.format(activity, address), ) # Handle rate limiting if activity == 'failed-auth' and user.has_usable_password(): failures = AuditLog.objects.get_after(user, 'login', 'failed-auth') if failures.count() >= settings.AUTH_LOCK_ATTEMPTS: user.set_unusable_password() user.save(update_fields=['password']) notify_account_activity(user, request, 'locked') return True elif activity == 'reset-request': failures = AuditLog.objects.get_after(user, 'login', 'reset-request') if failures.count() >= settings.AUTH_LOCK_ATTEMPTS: return True return False
def test_agent_long(self): request = HttpRequest() request.META['HTTP_USER_AGENT'] = 'agent ' * 200 self.assertLess(len(get_user_agent(request)), 200)
def test_agent(self): request = HttpRequest() request.META['HTTP_USER_AGENT'] = 'agent' self.assertEqual(get_user_agent(request), 'Other / Other / Other')
def test_agent(self): request = HttpRequest() request.META["HTTP_USER_AGENT"] = "agent" self.assertEqual(get_user_agent(request), "Other / Other / Other")