Adapt user login (based on django.contrib.auth)
This commit is contained in:
parent
471e137673
commit
ea632ca17f
|
@ -220,8 +220,22 @@ EMAIL_BACKEND = 'orchestra.contrib.mailer.backends.EmailBackend'
|
||||||
DATA_UPLOAD_MAX_NUMBER_FIELDS = None
|
DATA_UPLOAD_MAX_NUMBER_FIELDS = None
|
||||||
|
|
||||||
|
|
||||||
|
############################
|
||||||
|
## MUSICIAN CONFIGURATION ##
|
||||||
|
############################
|
||||||
|
|
||||||
|
# Direcction than go when you login
|
||||||
|
LOGIN_REDIRECT_URL = 'musician:dashboard'
|
||||||
|
|
||||||
|
# Where requests are redirected for login
|
||||||
|
LOGIN_URL = 'musician:login'
|
||||||
|
|
||||||
|
# The URL or named URL pattern where requests are redirected after logout
|
||||||
|
LOGOUT_REDIRECT_URL = 'musician:login'
|
||||||
|
|
||||||
|
|
||||||
#################################
|
#################################
|
||||||
## 3RD PARTY APPS CONIGURATION ##
|
## 3RD PARTY APPS CONFIGURATION ##
|
||||||
#################################
|
#################################
|
||||||
|
|
||||||
# Admin Tools
|
# Admin Tools
|
||||||
|
|
|
@ -1,12 +1,13 @@
|
||||||
import urllib.parse
|
import urllib.parse
|
||||||
|
|
||||||
import requests
|
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
|
from django.contrib.auth import authenticate, login
|
||||||
from django.http import Http404
|
from django.http import Http404
|
||||||
from django.urls.exceptions import NoReverseMatch
|
from django.urls.exceptions import NoReverseMatch
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
|
|
||||||
from .models import Address, DatabaseService, Domain, Mailbox, SaasService, UserAccount, WebSite
|
from .models import (Address, DatabaseService, Domain, Mailbox, SaasService,
|
||||||
|
UserAccount, WebSite)
|
||||||
|
|
||||||
DOMAINS_PATH = 'domains/'
|
DOMAINS_PATH = 'domains/'
|
||||||
TOKEN_PATH = '/api-token-auth/'
|
TOKEN_PATH = '/api-token-auth/'
|
||||||
|
@ -37,14 +38,10 @@ API_PATHS = {
|
||||||
|
|
||||||
|
|
||||||
class Orchestra(object):
|
class Orchestra(object):
|
||||||
def __init__(self, *args, username=None, password=None, **kwargs):
|
def __init__(self, request, username=None, password=None, **kwargs):
|
||||||
self.base_url = kwargs.pop('base_url', settings.API_BASE_URL)
|
self.request = request
|
||||||
self.username = username
|
self.username = username
|
||||||
self.session = requests.Session()
|
self.user = self.authenticate(self.username, password)
|
||||||
self.auth_token = kwargs.pop("auth_token", None)
|
|
||||||
|
|
||||||
if self.auth_token is None:
|
|
||||||
self.auth_token = self.authenticate(self.username, password)
|
|
||||||
|
|
||||||
def build_absolute_uri(self, path_name):
|
def build_absolute_uri(self, path_name):
|
||||||
path = API_PATHS.get(path_name, None)
|
path = API_PATHS.get(path_name, None)
|
||||||
|
@ -55,13 +52,14 @@ class Orchestra(object):
|
||||||
return urllib.parse.urljoin(self.base_url, path)
|
return urllib.parse.urljoin(self.base_url, path)
|
||||||
|
|
||||||
def authenticate(self, username, password):
|
def authenticate(self, username, password):
|
||||||
url = self.build_absolute_uri('token-auth')
|
user = authenticate(self.request, username=username, password=password)
|
||||||
response = self.session.post(
|
|
||||||
url,
|
|
||||||
data={"username": username, "password": password},
|
|
||||||
)
|
|
||||||
|
|
||||||
return response.json().get("token", None)
|
if user is not None:
|
||||||
|
login(self.request, user)
|
||||||
|
return user
|
||||||
|
|
||||||
|
# Return an 'invalid login' error message.
|
||||||
|
return None
|
||||||
|
|
||||||
def request(self, verb, resource=None, url=None, data=None, render_as="json", querystring=None, raise_exception=True):
|
def request(self, verb, resource=None, url=None, data=None, render_as="json", querystring=None, raise_exception=True):
|
||||||
assert verb in ["HEAD", "GET", "POST", "PATCH", "PUT", "DELETE"]
|
assert verb in ["HEAD", "GET", "POST", "PATCH", "PUT", "DELETE"]
|
||||||
|
|
|
@ -6,6 +6,7 @@ from django.utils.translation import gettext_lazy as _
|
||||||
|
|
||||||
from . import api
|
from . import api
|
||||||
|
|
||||||
|
|
||||||
class LoginForm(AuthenticationForm):
|
class LoginForm(AuthenticationForm):
|
||||||
|
|
||||||
def clean(self):
|
def clean(self):
|
||||||
|
@ -13,14 +14,13 @@ class LoginForm(AuthenticationForm):
|
||||||
password = self.cleaned_data.get('password')
|
password = self.cleaned_data.get('password')
|
||||||
|
|
||||||
if username is not None and password:
|
if username is not None and password:
|
||||||
orchestra = api.Orchestra(username=username, password=password)
|
orchestra = api.Orchestra(self.request, username=username, password=password)
|
||||||
|
|
||||||
if orchestra.auth_token is None:
|
if orchestra.user is None:
|
||||||
raise self.get_invalid_login_error()
|
raise self.get_invalid_login_error()
|
||||||
else:
|
else:
|
||||||
self.username = username
|
self.username = username
|
||||||
self.token = orchestra.auth_token
|
self.user = orchestra.user
|
||||||
self.user = orchestra.retrieve_profile()
|
|
||||||
|
|
||||||
return self.cleaned_data
|
return self.cleaned_data
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
from django.contrib.auth.mixins import UserPassesTestMixin
|
from django.conf import settings
|
||||||
|
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
|
||||||
from django.utils.translation import gettext_lazy as _
|
from django.utils.translation import gettext_lazy as _
|
||||||
from django.views.generic.base import ContextMixin
|
from django.views.generic.base import ContextMixin
|
||||||
from django.conf import settings
|
|
||||||
|
|
||||||
from orchestra import get_version
|
from orchestra import get_version
|
||||||
|
|
||||||
from . import api
|
from . import api
|
||||||
from .auth import SESSION_KEY_TOKEN
|
from .auth import SESSION_KEY_TOKEN
|
||||||
|
|
||||||
|
@ -49,30 +50,13 @@ class ExtendedPaginationMixin:
|
||||||
return paginate_by
|
return paginate_by
|
||||||
|
|
||||||
|
|
||||||
class UserTokenRequiredMixin(UserPassesTestMixin):
|
class UserTokenRequiredMixin(LoginRequiredMixin):
|
||||||
"""
|
|
||||||
Checks that the request has a token that authenticates him/her.
|
|
||||||
If the user is logged adds context variable 'profile' with its information.
|
|
||||||
"""
|
|
||||||
|
|
||||||
def test_func(self):
|
|
||||||
"""Check that the user has an authorized token."""
|
|
||||||
token = self.request.session.get(SESSION_KEY_TOKEN, None)
|
|
||||||
if token is None:
|
|
||||||
return False
|
|
||||||
|
|
||||||
# initialize orchestra api orm
|
|
||||||
self.orchestra = api.Orchestra(auth_token=token)
|
|
||||||
|
|
||||||
# verify if the token is valid
|
|
||||||
if self.orchestra.verify_credentials() is None:
|
|
||||||
return False
|
|
||||||
|
|
||||||
return True
|
|
||||||
|
|
||||||
|
# TODO XXX adapt this code
|
||||||
def get_context_data(self, **kwargs):
|
def get_context_data(self, **kwargs):
|
||||||
context = super().get_context_data(**kwargs)
|
context = super().get_context_data(**kwargs)
|
||||||
context.update({
|
context.update({
|
||||||
'profile': self.orchestra.retrieve_profile(),
|
# TODO XXX
|
||||||
|
# 'profile': self.orchestra.retrieve_profile(),
|
||||||
})
|
})
|
||||||
return context
|
return context
|
||||||
|
|
|
@ -1,12 +1,13 @@
|
||||||
|
import datetime
|
||||||
import logging
|
import logging
|
||||||
import smtplib
|
import smtplib
|
||||||
import datetime
|
|
||||||
|
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.contrib import messages
|
from django.contrib import messages
|
||||||
from django.core.exceptions import ImproperlyConfigured
|
from django.core.exceptions import ImproperlyConfigured
|
||||||
from django.core.mail import mail_managers
|
from django.core.mail import mail_managers
|
||||||
from django.http import HttpResponse, HttpResponseNotFound, HttpResponseRedirect
|
from django.http import (HttpResponse, HttpResponseNotFound,
|
||||||
|
HttpResponseRedirect)
|
||||||
from django.urls import reverse_lazy
|
from django.urls import reverse_lazy
|
||||||
from django.utils import translation
|
from django.utils import translation
|
||||||
from django.utils.html import format_html
|
from django.utils.html import format_html
|
||||||
|
@ -20,9 +21,11 @@ from django.views.generic.list import ListView
|
||||||
from requests.exceptions import HTTPError
|
from requests.exceptions import HTTPError
|
||||||
|
|
||||||
from orchestra import get_version
|
from orchestra import get_version
|
||||||
from .auth import login as auth_login
|
|
||||||
|
# from .auth import login as auth_login
|
||||||
from .auth import logout as auth_logout
|
from .auth import logout as auth_logout
|
||||||
from .forms import LoginForm, MailboxChangePasswordForm, MailboxCreateForm, MailboxUpdateForm, MailForm
|
from .forms import (LoginForm, MailboxChangePasswordForm, MailboxCreateForm,
|
||||||
|
MailboxUpdateForm, MailForm)
|
||||||
from .mixins import (CustomContextMixin, ExtendedPaginationMixin,
|
from .mixins import (CustomContextMixin, ExtendedPaginationMixin,
|
||||||
UserTokenRequiredMixin)
|
UserTokenRequiredMixin)
|
||||||
from .models import (Address, Bill, DatabaseService, Mailbox,
|
from .models import (Address, Bill, DatabaseService, Mailbox,
|
||||||
|
@ -553,7 +556,6 @@ class LoginView(FormView):
|
||||||
|
|
||||||
def form_valid(self, form):
|
def form_valid(self, form):
|
||||||
"""Security check complete. Log the user in."""
|
"""Security check complete. Log the user in."""
|
||||||
auth_login(self.request, form.username, form.token)
|
|
||||||
|
|
||||||
# set user language as active language
|
# set user language as active language
|
||||||
user_language = form.user.language
|
user_language = form.user.language
|
||||||
|
|
Loading…
Reference in New Issue