Adapt user login (based on django.contrib.auth)

This commit is contained in:
Santiago L 2023-11-21 13:56:09 +01:00
parent 3486ce9ff5
commit f6b1cf56e3
5 changed files with 46 additions and 48 deletions

View file

@ -220,8 +220,22 @@ EMAIL_BACKEND = 'orchestra.contrib.mailer.backends.EmailBackend'
DATA_UPLOAD_MAX_NUMBER_FIELDS = None
############################
## MUSICIAN CONFIGURATION ##
############################
# Direcction than go when you login
LOGIN_REDIRECT_URL = 'musician:dashboard'
# Where requests are redirected for login
LOGIN_URL = 'musician:login'
# The URL or named URL pattern where requests are redirected after logout
LOGOUT_REDIRECT_URL = 'musician:login'
#################################
## 3RD PARTY APPS CONIGURATION ##
## 3RD PARTY APPS CONFIGURATION ##
#################################
# Admin Tools

View file

@ -1,12 +1,13 @@
import urllib.parse
import requests
from django.conf import settings
from django.contrib.auth import authenticate, login
from django.http import Http404
from django.urls.exceptions import NoReverseMatch
from django.utils.translation import gettext_lazy as _
from .models import Address, DatabaseService, Domain, Mailbox, SaasService, UserAccount, WebSite
from .models import (Address, DatabaseService, Domain, Mailbox, SaasService,
UserAccount, WebSite)
DOMAINS_PATH = 'domains/'
TOKEN_PATH = '/api-token-auth/'
@ -37,14 +38,10 @@ API_PATHS = {
class Orchestra(object):
def __init__(self, *args, username=None, password=None, **kwargs):
self.base_url = kwargs.pop('base_url', settings.API_BASE_URL)
def __init__(self, request, username=None, password=None, **kwargs):
self.request = request
self.username = username
self.session = requests.Session()
self.auth_token = kwargs.pop("auth_token", None)
if self.auth_token is None:
self.auth_token = self.authenticate(self.username, password)
self.user = self.authenticate(self.username, password)
def build_absolute_uri(self, path_name):
path = API_PATHS.get(path_name, None)
@ -55,13 +52,14 @@ class Orchestra(object):
return urllib.parse.urljoin(self.base_url, path)
def authenticate(self, username, password):
url = self.build_absolute_uri('token-auth')
response = self.session.post(
url,
data={"username": username, "password": password},
)
user = authenticate(self.request, username=username, password=password)
return response.json().get("token", None)
if user is not None:
login(self.request, user)
return user
# Return an 'invalid login' error message.
return None
def request(self, verb, resource=None, url=None, data=None, render_as="json", querystring=None, raise_exception=True):
assert verb in ["HEAD", "GET", "POST", "PATCH", "PUT", "DELETE"]

View file

@ -6,6 +6,7 @@ from django.utils.translation import gettext_lazy as _
from . import api
class LoginForm(AuthenticationForm):
def clean(self):
@ -13,14 +14,13 @@ class LoginForm(AuthenticationForm):
password = self.cleaned_data.get('password')
if username is not None and password:
orchestra = api.Orchestra(username=username, password=password)
orchestra = api.Orchestra(self.request, username=username, password=password)
if orchestra.auth_token is None:
if orchestra.user is None:
raise self.get_invalid_login_error()
else:
self.username = username
self.token = orchestra.auth_token
self.user = orchestra.retrieve_profile()
self.user = orchestra.user
return self.cleaned_data

View file

@ -1,9 +1,10 @@
from django.contrib.auth.mixins import UserPassesTestMixin
from django.conf import settings
from django.contrib.auth.mixins import LoginRequiredMixin, UserPassesTestMixin
from django.utils.translation import gettext_lazy as _
from django.views.generic.base import ContextMixin
from django.conf import settings
from orchestra import get_version
from . import api
from .auth import SESSION_KEY_TOKEN
@ -49,30 +50,13 @@ class ExtendedPaginationMixin:
return paginate_by
class UserTokenRequiredMixin(UserPassesTestMixin):
"""
Checks that the request has a token that authenticates him/her.
If the user is logged adds context variable 'profile' with its information.
"""
def test_func(self):
"""Check that the user has an authorized token."""
token = self.request.session.get(SESSION_KEY_TOKEN, None)
if token is None:
return False
# initialize orchestra api orm
self.orchestra = api.Orchestra(auth_token=token)
# verify if the token is valid
if self.orchestra.verify_credentials() is None:
return False
return True
class UserTokenRequiredMixin(LoginRequiredMixin):
# TODO XXX adapt this code
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context.update({
'profile': self.orchestra.retrieve_profile(),
# TODO XXX
# 'profile': self.orchestra.retrieve_profile(),
})
return context

View file

@ -1,12 +1,13 @@
import datetime
import logging
import smtplib
import datetime
from django.conf import settings
from django.contrib import messages
from django.core.exceptions import ImproperlyConfigured
from django.core.mail import mail_managers
from django.http import HttpResponse, HttpResponseNotFound, HttpResponseRedirect
from django.http import (HttpResponse, HttpResponseNotFound,
HttpResponseRedirect)
from django.urls import reverse_lazy
from django.utils import translation
from django.utils.html import format_html
@ -20,9 +21,11 @@ from django.views.generic.list import ListView
from requests.exceptions import HTTPError
from orchestra import get_version
from .auth import login as auth_login
# from .auth import login as auth_login
from .auth import logout as auth_logout
from .forms import LoginForm, MailboxChangePasswordForm, MailboxCreateForm, MailboxUpdateForm, MailForm
from .forms import (LoginForm, MailboxChangePasswordForm, MailboxCreateForm,
MailboxUpdateForm, MailForm)
from .mixins import (CustomContextMixin, ExtendedPaginationMixin,
UserTokenRequiredMixin)
from .models import (Address, Bill, DatabaseService, Mailbox,
@ -553,7 +556,6 @@ class LoginView(FormView):
def form_valid(self, form):
"""Security check complete. Log the user in."""
auth_login(self.request, form.username, form.token)
# set user language as active language
user_language = form.user.language