nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
435 Commits
2 Branches
15 MiB
Tree: 1e05de14be
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1e05de14be'
${ noResults }
healthchecks/hc/accounts/views.py

299 lines
9.4 KiB
Raw Normal View History

Initial commit
10 years ago
Badges
8 years ago
Initial commit
10 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Organize imports using isort.
9 years ago
logout, unified login
10 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Team Access, test cleanup
9 years ago
Initial commit
10 years ago
Team access WIP
9 years ago
Team Access, test cleanup
9 years ago
Team access WIP
9 years ago
Notification Channels WIP
9 years ago
Badges
8 years ago
Initial commit
10 years ago
logout, unified login
10 years ago
Store the one time login token in profile so user.password can be used for regular passwords.
9 years ago
logout, unified login
10 years ago
Account creation
10 years ago
Team Access, test cleanup
9 years ago
Notification Channels WIP
9 years ago
logout, unified login
10 years ago
Account creation
10 years ago
Better welcome page.
10 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Better welcome page.
10 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Only associate demo check if it doesn't have an owner already.
9 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Notification Channels WIP
9 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Notification Channels WIP
9 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Better welcome page.
10 years ago
/admin/login/ uses the same login view as the main site.
8 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
logout, unified login
10 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
/admin/login/ uses the same login view as the main site.
8 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Team Access, test cleanup
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
check token redirect to login on bad token
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
/admin/login/ uses the same login view as the main site.
8 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
logout, unified login
10 years ago
Initial commit
10 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Login works, stubbed out canary index page
10 years ago
Django 1.10
8 years ago
redirect already logged in user
9 years ago
A work around for email servers that open our one-time login links.
8 years ago
More content in docs section
9 years ago
A work around for email servers that open our one-time login links.
8 years ago
More content in docs section
9 years ago
A work around for email servers that open our one-time login links.
8 years ago
Login works, stubbed out canary index page
10 years ago
A work around for email servers that open our one-time login links.
8 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Team Access, test cleanup
9 years ago
Team Access refinements.
9 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Set and revoke API key in Settings page.
9 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Set and revoke API key in Settings page.
9 years ago
Support for "Add to Slack" button
8 years ago
Set and revoke API key in Settings page.
9 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Set and revoke API key in Settings page.
9 years ago
Support for "Add to Slack" button
8 years ago
Team access WIP
9 years ago
Access rights checks for team access stuff in profile page.
9 years ago
Team access WIP
9 years ago
Support for "Add to Slack" button
8 years ago
Team access WIP
9 years ago
Tests for team access.
9 years ago
Team access WIP
9 years ago
Team Access, test cleanup
9 years ago
Access rights checks for team access stuff in profile page.
9 years ago
Team Access, test cleanup
9 years ago
Support for "Add to Slack" button
8 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Badges
8 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Material icons.
8 years ago
Badges
8 years ago
Set and revoke API key in Settings page.
9 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Team Access, test cleanup
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Support for "Add to Slack" button
8 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
First stab at API, POST /api/v1/checks
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Team Access, test cleanup
9 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Team Access, test cleanup
9 years ago
/switch_team/ requires login and a valid target username
8 years ago
Team Access, test cleanup
9 years ago
/switch_team/ requires login and a valid target username
8 years ago
Team Access, test cleanup
9 years ago
Fix bug in /accounts/switch_team/, updated messaging.
9 years ago
Team Access, test cleanup
9 years ago
Fix bug in /accounts/switch_team/, updated messaging.
9 years ago
Team Access, test cleanup
9 years ago
 
  1. import uuid
  2. import re
  3. 

  4. from django.contrib import messages
  5. from django.contrib.auth import login as auth_login
  6. from django.contrib.auth import logout as auth_logout
  7. from django.contrib.auth import authenticate
  8. from django.contrib.auth.decorators import login_required
  9. from django.contrib.auth.hashers import check_password
  10. from django.contrib.auth.models import User
  11. from django.core import signing
  12. from django.http import HttpResponseForbidden, HttpResponseBadRequest
  13. from django.shortcuts import redirect, render
  14. from hc.accounts.forms import (EmailPasswordForm, InviteTeamMemberForm,
  15.                                RemoveTeamMemberForm, ReportSettingsForm,
  16.                                SetPasswordForm, TeamNameForm)
  17. from hc.accounts.models import Profile, Member
  18. from hc.api.models import Channel, Check
  19. from hc.lib.badges import get_badge_url
  20. 

  21. 

  22. def _make_user(email):
  23.     username = str(uuid.uuid4())[:30]
  24.     user = User(username=username, email=email)
  25.     user.set_unusable_password()
  26.     user.save()
  27. 

  28.     profile = Profile(user=user)
  29.     profile.save()
  30. 

  31.     channel = Channel()
  32.     channel.user = user
  33.     channel.kind = "email"
  34.     channel.value = email
  35.     channel.email_verified = True
  36.     channel.save()
  37. 

  38.     return user
  39. 

  40. 

  41. def _associate_demo_check(request, user):
  42.     if "welcome_code" not in request.session:
  43.         return
  44. 

  45.     try:
  46.         check = Check.objects.get(code=request.session["welcome_code"])
  47.     except Check.DoesNotExist:
  48.         return
  49. 

  50.     # Only associate demo check if it doesn't have an owner already.
  51.     if check.user:
  52.         return
  53. 

  54.     check.user = user
  55.     check.save()
  56. 

  57.     check.assign_all_channels()
  58. 

  59.     del request.session["welcome_code"]
  60. 

  61. 

  62. def login(request, show_password=False):
  63.     bad_credentials = False
  64.     if request.method == 'POST':
  65.         form = EmailPasswordForm(request.POST)
  66.         if form.is_valid():
  67.             email = form.cleaned_data["email"]
  68.             password = form.cleaned_data["password"]
  69.             if len(password):
  70.                 user = authenticate(username=email, password=password)
  71.                 if user is not None and user.is_active:
  72.                     auth_login(request, user)
  73.                     return redirect("hc-checks")
  74.                 bad_credentials = True
  75.                 show_password = True
  76.             else:
  77.                 try:
  78.                     user = User.objects.get(email=email)
  79.                 except User.DoesNotExist:
  80.                     user = _make_user(email)
  81.                     _associate_demo_check(request, user)
  82. 

  83.                 user.profile.send_instant_login_link()
  84.                 return redirect("hc-login-link-sent")
  85. 

  86.     else:
  87.         form = EmailPasswordForm()
  88. 

  89.     bad_link = request.session.pop("bad_link", None)
  90.     ctx = {
  91.         "form": form,
  92.         "bad_credentials": bad_credentials,
  93.         "bad_link": bad_link,
  94.         "show_password": show_password
  95.     }
  96.     return render(request, "accounts/login.html", ctx)
  97. 

  98. 

  99. def logout(request):
  100.     auth_logout(request)
  101.     return redirect("hc-index")
  102. 

  103. 

  104. def login_link_sent(request):
  105.     return render(request, "accounts/login_link_sent.html")
  106. 

  107. 

  108. def set_password_link_sent(request):
  109.     return render(request, "accounts/set_password_link_sent.html")
  110. 

  111. 

  112. def check_token(request, username, token):
  113.     if request.user.is_authenticated and request.user.username == username:
  114.         # User is already logged in
  115.         return redirect("hc-checks")
  116. 

  117.     # Some email servers open links in emails to check for malicious content.
  118.     # To work around this, we sign user in if the method is POST.
  119.     #
  120.     # If the method is GET, we instead serve a HTML form and a piece
  121.     # of Javascript to automatically submit it.
  122. 

  123.     if request.method == "POST":
  124.         user = authenticate(username=username, token=token)
  125.         if user is not None and user.is_active:
  126.             # This should get rid of "welcome_code" in session
  127.             request.session.flush()
  128. 

  129.             user.profile.token = ""
  130.             user.profile.save()
  131.             auth_login(request, user)
  132. 

  133.             return redirect("hc-checks")
  134. 

  135.         request.session["bad_link"] = True
  136.         return redirect("hc-login")
  137. 

  138.     return render(request, "accounts/check_token_submit.html")
  139. 

  140. 

  141. @login_required
  142. def profile(request):
  143.     profile = request.user.profile
  144.     # Switch user back to its default team
  145.     if profile.current_team_id != profile.id:
  146.         request.team = profile
  147.         profile.current_team_id = profile.id
  148.         profile.save()
  149. 

  150.     show_api_key = False
  151.     if request.method == "POST":
  152.         if "set_password" in request.POST:
  153.             profile.send_set_password_link()
  154.             return redirect("hc-set-password-link-sent")
  155.         elif "create_api_key" in request.POST:
  156.             profile.set_api_key()
  157.             show_api_key = True
  158.             messages.success(request, "The API key has been created!")
  159.         elif "revoke_api_key" in request.POST:
  160.             profile.api_key = ""
  161.             profile.save()
  162.             messages.info(request, "The API key has been revoked!")
  163.         elif "show_api_key" in request.POST:
  164.             show_api_key = True
  165.         elif "update_reports_allowed" in request.POST:
  166.             form = ReportSettingsForm(request.POST)
  167.             if form.is_valid():
  168.                 profile.reports_allowed = form.cleaned_data["reports_allowed"]
  169.                 profile.save()
  170.                 messages.success(request, "Your settings have been updated!")
  171.         elif "invite_team_member" in request.POST:
  172.             if not profile.team_access_allowed:
  173.                 return HttpResponseForbidden()
  174. 

  175.             form = InviteTeamMemberForm(request.POST)
  176.             if form.is_valid():
  177. 

  178.                 email = form.cleaned_data["email"]
  179.                 try:
  180.                     user = User.objects.get(email=email)
  181.                 except User.DoesNotExist:
  182.                     user = _make_user(email)
  183. 

  184.                 profile.invite(user)
  185.                 messages.success(request, "Invitation to %s sent!" % email)
  186.         elif "remove_team_member" in request.POST:
  187.             form = RemoveTeamMemberForm(request.POST)
  188.             if form.is_valid():
  189. 

  190.                 email = form.cleaned_data["email"]
  191.                 farewell_user = User.objects.get(email=email)
  192.                 farewell_user.profile.current_team = None
  193.                 farewell_user.profile.save()
  194. 

  195.                 Member.objects.filter(team=profile,
  196.                                       user=farewell_user).delete()
  197. 

  198.                 messages.info(request, "%s removed from team!" % email)
  199.         elif "set_team_name" in request.POST:
  200.             if not profile.team_access_allowed:
  201.                 return HttpResponseForbidden()
  202. 

  203.             form = TeamNameForm(request.POST)
  204.             if form.is_valid():
  205.                 profile.team_name = form.cleaned_data["team_name"]
  206.                 profile.save()
  207.                 messages.success(request, "Team Name updated!")
  208. 

  209.     tags = set()
  210.     for check in Check.objects.filter(user=request.team.user):
  211.         tags.update(check.tags_list())
  212. 

  213.     username = request.team.user.username
  214.     badge_urls = []
  215.     for tag in sorted(tags, key=lambda s: s.lower()):
  216.         if not re.match("^[\w-]+$", tag):
  217.             continue
  218. 

  219.         badge_urls.append(get_badge_url(username, tag))
  220. 

  221.     ctx = {
  222.         "page": "profile",
  223.         "badge_urls": badge_urls,
  224.         "profile": profile,
  225.         "show_api_key": show_api_key
  226.     }
  227. 

  228.     return render(request, "accounts/profile.html", ctx)
  229. 

  230. 

  231. @login_required
  232. def set_password(request, token):
  233.     profile = request.user.profile
  234.     if not check_password(token, profile.token):
  235.         return HttpResponseBadRequest()
  236. 

  237.     if request.method == "POST":
  238.         form = SetPasswordForm(request.POST)
  239.         if form.is_valid():
  240.             password = form.cleaned_data["password"]
  241.             request.user.set_password(password)
  242.             request.user.save()
  243. 

  244.             profile.token = ""
  245.             profile.save()
  246. 

  247.             # Setting a password logs the user out, so here we
  248.             # log them back in.
  249.             u = authenticate(username=request.user.email, password=password)
  250.             auth_login(request, u)
  251. 

  252.             messages.success(request, "Your password has been set!")
  253.             return redirect("hc-profile")
  254. 

  255.     return render(request, "accounts/set_password.html", {})
  256. 

  257. 

  258. def unsubscribe_reports(request, username):
  259.     try:
  260.         signing.Signer().unsign(request.GET.get("token"))
  261.     except signing.BadSignature:
  262.         return HttpResponseBadRequest()
  263. 

  264.     user = User.objects.get(username=username)
  265.     user.profile.reports_allowed = False
  266.     user.profile.save()
  267. 

  268.     return render(request, "accounts/unsubscribed.html")
  269. 

  270. 

  271. @login_required
  272. def switch_team(request, target_username):
  273.     try:
  274.         other_user = User.objects.get(username=target_username)
  275.     except User.DoesNotExist:
  276.         return HttpResponseForbidden()
  277. 

  278.     # The rules:
  279.     # Superuser can switch to any team.
  280.     access_ok = request.user.is_superuser
  281. 

  282.     # Users can switch to teams they are members of.
  283.     if not access_ok and other_user.id == request.user.id:
  284.         access_ok = True
  285. 

  286.     # Users can switch to their own teams.
  287.     if not access_ok:
  288.         for membership in request.user.member_set.all():
  289.             if membership.team.user.id == other_user.id:
  290.                 access_ok = True
  291.                 break
  292. 

  293.     if not access_ok:
  294.         return HttpResponseForbidden()
  295. 

  296.     request.user.profile.current_team = other_user.profile
  297.     request.user.profile.save()
  298. 

  299.     return redirect("hc-checks")