Skip to content
Snippets Groups Projects
Select Git revision
  • 9acaf450792eaaf16dd58f07a92397fafebee180
  • develop default protected
  • ical-export
  • feature/audit_log
  • fix/index
  • badge-redeem-404
  • 720-schedule_source
  • room-docu
  • chore/event-views
  • 511-schedule-foo-fixed
  • 607-schedule-versions
  • deploy/curl-verbose
  • fix/public-badge-access-rights
  • 445-schedule-redirects
  • 623-wiki-im-baustellenmodus-sollte-mal-als-wiki-admin-trotzdem-seiten-anlegen-bearbeiten-konnen
  • fix/registration_mail_subject
  • feature/conference-query-set
  • feature/568-habitatmanagement
  • feat/unit-integration-tests
  • camp23-prod
  • production
  • prod-2024-12-27_20-15
  • prod-2024-12-27_16-37
  • prod-2024-12-27_16-01
  • prod-2024-12-27_13-29
  • prod-2024-12-27_00-34
  • prod-2024-12-26_21-45
  • prod-2024-12-26_13-12
  • prod-2024-12-26_00-21
  • prod-2024-12-25_21-04
  • prod-2024-12-25_15-54
  • prod-2024-12-25_01-29
  • prod-2024-12-24_14-48
  • prod-2024-12-23_23-39
  • prod-2024-12-22_21-12
  • prod-2024-12-22_17-25
  • prod-2024-12-22_01-34
  • prod-2024-12-22_00-55
  • prod-2024-12-21_13-42
  • prod-2024-12-21_10-44
  • prod-2024-12-20_12-25
41 results

auth.py

Blame
    • Forked from hub / hub
    4056 commits behind the upstream repository.
    Helge Jung's avatar
    backoffice: add debug-auth view
    HeJ authored 
    This is intended for troubleshooting authentication issues - primarily
in the backoffice but might be used for other parts of the system as
well.
    9acaf450
    History
    Helge Jung's avatar 9acaf450
    History
    auth.py 5.26 KiB
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    41
    42
    43
    44
    45
    46
    47
    48
    49
    50
    51
    52
    53
    54
    55
    56
    57
    58
    59
    60
    61
    62
    63
    64
    65
    66
    67
    68
    69
    70
    71
    72
    73
    74
    75
    76
    77
    78
    79
    80
    81
    82
    83
    84
    85
    86
    87
    88
    89
    90
    91
    92
    93
    94
    95
    96
    97
    98
    99
    100
    101
    102
    103
    104
    105
    106
    107
    108
    109
    110
    111
    112
    113
    114
    115
    116
    117
    118
    119
    120
    121
    122
    123
    124
    125
    126
    127
    128
    129
    130
    131
    132
    133
    134
    135
    136
    137
    138
    139
    140
    141
    142
    143
    144
    145 
    

    

    

    import logging

from django.conf import settings
from django.contrib import messages
from django.contrib.auth import views as auth_views
from django.contrib.auth.mixins import LoginRequiredMixin
from django.contrib.sites.shortcuts import get_current_site
from django.core.mail import EmailMessage
from django.http import JsonResponse
from django.shortcuts import redirect
from django.template.loader import render_to_string
from django.views.generic import FormView, TemplateView, View
from django.urls import reverse, reverse_lazy
from django.utils.encoding import force_bytes, force_text
from django.utils.http import urlsafe_base64_decode, urlsafe_base64_encode

from core.models import PlatformUser, UserCommunicationChannel

from ..forms import SignUpForm
from ..tokens import channel_activation_token
from .mixins import ConferenceMixin


logger = logging.getLogger(__name__)


class LoginView(auth_views.LoginView):
    template_name = 'backoffice/login.html'

    def get_success_url(self):
        return reverse('backoffice:index')


class LogoutView(auth_views.LogoutView):
    next_page = reverse_lazy('backoffice:index')


class SignupView(FormView):
    form_class = SignUpForm
    template_name = 'registration/signup.html'

    def form_valid(self, form):
        user = form.save(commit=False)
        user.is_active = False
        user.save()

        channel = user.communication_channels.create(
            channel=UserCommunicationChannel.Channel.MAIL,
            address=form.cleaned_data['email'],
        )
        channel.save()

        try:
            subject = 'Activate Your RC3 Platform Account'
            body = render_to_string('registration/account_activation_email.txt', {
                'user': user,
                'domain': get_current_site(self.request).domain,
                'uid': urlsafe_base64_encode(force_bytes(user.pk)),
                'cid': channel.id,
                'token': channel_activation_token.make_token(channel),
            })
            message = EmailMessage(
                to=[user.email],
                subject=subject,
                body=body,
                reply_to=settings.MAIL_REPLY_TO,
            )
            result = message.send()
            logger.info('Sent account activation mail to "' + user.email + '" for ' + user.username + ' = ' + str(result))
            return redirect('backoffice:account_activation_sent')

        except Exception as err:
            print('MIMIMI', err)
            logger.exception('sending account activation mail failed')
            user.delete()
            messages.error(self.request, 'Could not send mail, please try again :(')
            return self.get(self.request)


class SignupDoneView(ConferenceMixin, TemplateView):
    template_name = 'registration/signup_done.html'


def signup_activate(request, uidb64, channel_id, token):
    try:
        uid = force_text(urlsafe_base64_decode(uidb64))
        user = PlatformUser.objects.get(pk=uid)
        channel = user.communication_channels.get(id=channel_id)
    except Exception as err:
        messages.warning(request, 'Invalid activation code.')
        logger.warning(f'Account activation failed (user={user}, uidb64={uidb64}, channel={channel_id}, token={token}): {err}')
        return redirect('backoffice:signup')

    if not channel_activation_token.check_token(channel, token):
        messages.warning(request, 'Invalid activation code.')
        logger.warning(f'Account activation failed (user={user}, uidb64={uidb64}, channel={channel_id}, token={token}) due to invalid token.')
        return redirect('backoffice:signup')

    if channel.channel != UserCommunicationChannel.Channel.MAIL or user.email is None or user.email != channel.address:
        messages.warning(request, 'Not an account registration.')
        logger.warning(f'Account activation failed for non-registration-channel (user={user}, uidb64={uidb64}, channel={channel_id}, token={token})')
        return redirect('backoffice:signup')

    # first time registration: user.email was still set to the mail communication channel's address
    user.is_active = True
    user.email = ''
    channel.is_verified = True
    user.save()
    channel.save()

    messages.success(request, 'Activation code OK')
    logger.info(f'Account activated successfully: {user.username}')

    return redirect('backoffice:index')


class AuthDebugView(LoginRequiredMixin, ConferenceMixin, View):
    def get(self, *args, **kwargs):
        u = self.request.user

        result = {}
        result['conference'] = self.conference.slug
        result['global'] = {
            'username': u.username,
            'active': u.is_active,
            'flags': [],
            'groups': list(u.groups.values_list('name', flat=True)),
        }
        if u.is_superuser:
            result['global']['flags'].append('superuser')
        if u.is_staff:
            result['global']['flags'].append('staff')

        if (member := self.conferencemember) is not None:
            result['member'] = {
                'staff': member.is_staff,
                'active_angel': member.active_angel,
                'pages': member.static_page_groups,
                'groups': list(member.permission_groups.values_list('name', flat=True)),
            }
        else:
            result['member'] = False

        return JsonResponse(result)

    Impressum - Datenschutzerklärung