nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1819 Commits
2 Branches
15 MiB
Tree: 148894bd9e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '148894bd9e'
${ noResults }
healthchecks/hc/accounts/forms.py

179 lines
5.3 KiB
Raw Normal View History

Add error handling on the client side, use Django form API
4 years ago
Add Base64Field field (base64-encoded binary data)
4 years ago
Adding an option to send daily or hourly reminders if any check is down. Fixes #48
7 years ago
Add error handling on the client side, use Django form API
4 years ago
Initial commit
10 years ago
Add Base64Field field (base64-encoded binary data)
4 years ago
Improved layout & style, fixed hamburger menu in login page.
6 years ago
Users can update their email addresses. Fixes #105
7 years ago
feat: add manager role
3 years ago
Rate limit login-with-password attempts.
6 years ago
Add mitigation for bad tz values
4 years ago
Initial commit
10 years ago
Account creation
10 years ago
Add Base64Field field (base64-encoded binary data)
4 years ago
Update the signup form to collect browser's timezone
4 years ago
Login form: rename the email box to "identity" to avoid some auto-signup bots
6 years ago
Source formatted with Black
6 years ago
Update the signup form to collect browser's timezone
4 years ago
Improved layout & style, fixed hamburger menu in login page.
6 years ago
Login form: rename the email box to "identity" to avoid some auto-signup bots
6 years ago
Handle excessively long email addresses in the signup form.
4 years ago
Separate sign up and login forms.
6 years ago
Source formatted with Black
6 years ago
Separate sign up and login forms.
6 years ago
Update the signup form to collect browser's timezone
4 years ago
Improved layout & style, fixed hamburger menu in login page.
6 years ago
Rate limit login-with-password attempts.
6 years ago
Separate sign up and login forms.
6 years ago
Rate limit login-with-password attempts.
6 years ago
Separate sign up and login forms.
6 years ago
Improve the handling of unknown email addresses in the Sign In form
4 years ago
Improved layout & style, fixed hamburger menu in login page.
6 years ago
Rate limit login-with-password attempts.
6 years ago
Improved layout & style, fixed hamburger menu in login page.
6 years ago
Source formatted with Black
6 years ago
Improved layout & style, fixed hamburger menu in login page.
6 years ago
Rate limit login-with-password attempts.
6 years ago
Improved layout & style, fixed hamburger menu in login page.
6 years ago
Rate limit login-with-password attempts.
6 years ago
Improved layout & style, fixed hamburger menu in login page.
6 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Add Profile.reports field This is in preparation of adding an option for weekly reports (#407)
4 years ago
Adding an option to send daily or hourly reminders if any check is down. Fixes #48
7 years ago
Add mitigation for bad tz values
4 years ago
Adding an option to send daily or hourly reminders if any check is down. Fixes #48
7 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Add mitigation for bad tz values
4 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Password strength meter and length check in the "Set Password" form
6 years ago
Team access WIP
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Change "[email protected] is not available" message to "[email protected] is already registed".
6 years ago
Users can update their email addresses. Fixes #105
7 years ago
Team access WIP
9 years ago
Handle excessively long email addresses in the team member invite form.
4 years ago
feat: add manager role
3 years ago
Team access WIP
9 years ago
Team Access, test cleanup
9 years ago
Move project-specific settings to a new "Project Settings" page
6 years ago
Add Base64Field field (base64-encoded binary data)
4 years ago
New feature: Project Settings > Transfer Ownership (WIP, missing tests)
5 years ago
Add error handling on the client side, use Django form API
4 years ago
Add support for 2FA using TOTP Fixes: #354
3 years ago
Implement a "Remove Security Key" feature
4 years ago
Add Base64Field field (base64-encoded binary data)
4 years ago
Add a two-factor authentication form (WIP)
4 years ago
Fix capitalization, Webauthn -> WebAuthn
4 years ago
Add Base64Field field (base64-encoded binary data)
4 years ago
Add support for 2FA using TOTP Fixes: #354
3 years ago
Add protection against TOTP code reuse
3 years ago
 
  1. import base64
  2. import binascii
  3. from datetime import timedelta as td
  4. 

  5. from django import forms
  6. from django.core.exceptions import ValidationError
  7. from django.contrib.auth import authenticate
  8. from django.contrib.auth.models import User
  9. from hc.accounts.models import REPORT_CHOICES, Member
  10. from hc.api.models import TokenBucket
  11. import pytz
  12. 

  13. 

  14. class LowercaseEmailField(forms.EmailField):
  15.     def clean(self, value):
  16.         value = super(LowercaseEmailField, self).clean(value)
  17.         return value.lower()
  18. 

  19. 

  20. class Base64Field(forms.CharField):
  21.     def to_python(self, value):
  22.         if value is None:
  23.             return None
  24. 

  25.         try:
  26.             return base64.b64decode(value.encode())
  27.         except binascii.Error:
  28.             raise ValidationError(message="Cannot decode base64")
  29. 

  30. 

  31. class SignupForm(forms.Form):
  32.     # Call it "identity" instead of "email"
  33.     # to avoid some of the dumber bots
  34.     identity = LowercaseEmailField(
  35.         error_messages={"required": "Please enter your email address."}
  36.     )
  37.     tz = forms.CharField(required=False)
  38. 

  39.     def clean_identity(self):
  40.         v = self.cleaned_data["identity"]
  41.         if len(v) > 254:
  42.             raise forms.ValidationError("Address is too long.")
  43. 

  44.         if User.objects.filter(email=v).exists():
  45.             raise forms.ValidationError(
  46.                 "An account with this email address already exists."
  47.             )
  48. 

  49.         return v
  50. 

  51.     def clean_tz(self):
  52.         # Declare tz as "clean" only if we can find it in pytz.all_timezones
  53.         if self.cleaned_data["tz"] in pytz.all_timezones:
  54.             return self.cleaned_data["tz"]
  55. 

  56.         # Otherwise, return None, and *don't* throw a validation exception:
  57.         # If user's browser reports a timezone we don't recognize, we
  58.         # should ignore the timezone but still save the rest of the form.
  59. 

  60. 

  61. class EmailLoginForm(forms.Form):
  62.     # Call it "identity" instead of "email"
  63.     # to avoid some of the dumber bots
  64.     identity = LowercaseEmailField()
  65. 

  66.     def clean_identity(self):
  67.         v = self.cleaned_data["identity"]
  68.         if not TokenBucket.authorize_login_email(v):
  69.             raise forms.ValidationError("Too many attempts, please try later.")
  70. 

  71.         try:
  72.             self.user = User.objects.get(email=v)
  73.         except User.DoesNotExist:
  74.             raise forms.ValidationError("Unknown email address.")
  75. 

  76.         return v
  77. 

  78. 

  79. class PasswordLoginForm(forms.Form):
  80.     email = LowercaseEmailField()
  81.     password = forms.CharField()
  82. 

  83.     def clean(self):
  84.         username = self.cleaned_data.get("email")
  85.         password = self.cleaned_data.get("password")
  86. 

  87.         if username and password:
  88.             if not TokenBucket.authorize_login_password(username):
  89.                 raise forms.ValidationError("Too many attempts, please try later.")
  90. 

  91.             self.user = authenticate(username=username, password=password)
  92.             if self.user is None or not self.user.is_active:
  93.                 raise forms.ValidationError("Incorrect email or password.")
  94. 

  95.         return self.cleaned_data
  96. 

  97. 

  98. class ReportSettingsForm(forms.Form):
  99.     reports = forms.ChoiceField(choices=REPORT_CHOICES)
  100.     nag_period = forms.IntegerField(min_value=0, max_value=86400)
  101.     tz = forms.CharField()
  102. 

  103.     def clean_nag_period(self):
  104.         seconds = self.cleaned_data["nag_period"]
  105. 

  106.         if seconds not in (0, 3600, 86400):
  107.             raise forms.ValidationError("Bad nag_period: %d" % seconds)
  108. 

  109.         return td(seconds=seconds)
  110. 

  111.     def clean_tz(self):
  112.         # Declare tz as "clean" only if we can find it in pytz.all_timezones
  113.         if self.cleaned_data["tz"] in pytz.all_timezones:
  114.             return self.cleaned_data["tz"]
  115. 

  116.         # Otherwise, return None, and *don't* throw a validation exception:
  117.         # If user's browser reports a timezone we don't recognize, we
  118.         # should ignore the timezone but still save the rest of the form.
  119. 

  120. 

  121. class SetPasswordForm(forms.Form):
  122.     password = forms.CharField(min_length=8)
  123. 

  124. 

  125. class ChangeEmailForm(forms.Form):
  126.     error_css_class = "has-error"
  127.     email = LowercaseEmailField()
  128. 

  129.     def clean_email(self):
  130.         v = self.cleaned_data["email"]
  131.         if User.objects.filter(email=v).exists():
  132.             raise forms.ValidationError("%s is already registered" % v)
  133. 

  134.         return v
  135. 

  136. 

  137. class InviteTeamMemberForm(forms.Form):
  138.     email = LowercaseEmailField(max_length=254)
  139.     role = forms.ChoiceField(choices=Member.Role.choices)
  140. 

  141. 

  142. class RemoveTeamMemberForm(forms.Form):
  143.     email = LowercaseEmailField()
  144. 

  145. 

  146. class ProjectNameForm(forms.Form):
  147.     name = forms.CharField(max_length=60)
  148. 

  149. 

  150. class TransferForm(forms.Form):
  151.     email = LowercaseEmailField()
  152. 

  153. 

  154. class AddWebAuthnForm(forms.Form):
  155.     name = forms.CharField(max_length=100)
  156.     client_data_json = Base64Field()
  157.     attestation_object = Base64Field()
  158. 

  159. 

  160. class WebAuthnForm(forms.Form):
  161.     credential_id = Base64Field()
  162.     client_data_json = Base64Field()
  163.     authenticator_data = Base64Field()
  164.     signature = Base64Field()
  165. 

  166. 

  167. class TotpForm(forms.Form):
  168.     error_css_class = "has-error"
  169.     code = forms.RegexField(regex=r"^\d{6}$")
  170. 

  171.     def __init__(self, totp, post=None, files=None):
  172.         self.totp = totp
  173.         super(TotpForm, self).__init__(post, files)
  174. 

  175.     def clean_code(self):
  176.         if not self.totp.verify(self.cleaned_data["code"], valid_window=1):
  177.             raise forms.ValidationError("The code you entered was incorrect.")
  178. 

  179.         return self.cleaned_data["code"]