nielsperetzke
/
healthchecks
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 32 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
638 Commits
2 Branches
15 MiB
Tree: 9bc0f1b82a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9bc0f1b82a'
${ noResults }
healthchecks/hc/accounts/views.py

424 lines
13 KiB
Raw Normal View History

Adding an option to send daily or hourly reminders if any check is down. Fixes #48
7 years ago
Initial commit
10 years ago
Badges
8 years ago
Initial commit
10 years ago
REGISTRATION_OPEN setting. superuser accounts by default have team access enabled. Fixes #97 and #113
8 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Organize imports using isort.
9 years ago
logout, unified login
10 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Initial commit
10 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Team Access, test cleanup
9 years ago
Initial commit
10 years ago
Adding an option to send daily or hourly reminders if any check is down. Fixes #48
7 years ago
"Close Account" section in Settings page. Fixes #95
8 years ago
Users can update their email addresses. Fixes #105
7 years ago
Team access WIP
9 years ago
Notification Channels WIP
9 years ago
Badges
8 years ago
"Close Account" section in Settings page. Fixes #95
8 years ago
Initial commit
10 years ago
logout, unified login
10 years ago
Store the one time login token in profile so user.password can be used for regular passwords.
9 years ago
logout, unified login
10 years ago
Account creation
10 years ago
REGISTRATION_OPEN setting. superuser accounts by default have team access enabled. Fixes #97 and #113
8 years ago
Team Access, test cleanup
9 years ago
Notification Channels WIP
9 years ago
logout, unified login
10 years ago
Account creation
10 years ago
Better welcome page.
10 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Better welcome page.
10 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Only associate demo check if it doesn't have an owner already.
9 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Notification Channels WIP
9 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Notification Channels WIP
9 years ago
_associate_demo_check was crashing for returning users after cleaning up old checks.
8 years ago
Better welcome page.
10 years ago
Cleanup in hc.accounts.views
7 years ago
/admin/login/ uses the same login view as the main site.
8 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
logout, unified login
10 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
/admin/login/ uses the same login view as the main site.
8 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
REGISTRATION_OPEN setting. superuser accounts by default have team access enabled. Fixes #97 and #113
8 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
REGISTRATION_OPEN setting. superuser accounts by default have team access enabled. Fixes #97 and #113
8 years ago
Initial commit
10 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
check token redirect to login on bad token
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
/admin/login/ uses the same login view as the main site.
8 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Initial commit
10 years ago
logout, unified login
10 years ago
Initial commit
10 years ago
Users can update their email addresses. Fixes #105
7 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Login works, stubbed out canary index page
10 years ago
Django 1.10
8 years ago
redirect already logged in user
9 years ago
A work around for email servers that open our one-time login links.
8 years ago
More content in docs section
9 years ago
A work around for email servers that open our one-time login links.
8 years ago
More content in docs section
9 years ago
A work around for email servers that open our one-time login links.
8 years ago
Login works, stubbed out canary index page
10 years ago
A work around for email servers that open our one-time login links.
8 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Cleanup in hc.accounts.views
7 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Set and revoke API key in Settings page.
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Set and revoke API key in Settings page.
9 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Set and revoke API key in Settings page.
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Team access WIP
9 years ago
All plans now have team access, but different team size limits.
7 years ago
Access rights checks for team access stuff in profile page.
9 years ago
Team access WIP
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Team access WIP
9 years ago
Tests for team access.
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Team Access, test cleanup
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Split "Account Settings" page into subpages.
8 years ago
Cleanup in hc.accounts.views
7 years ago
Split "Account Settings" page into subpages.
8 years ago
Nicer "your settings have been updated" message.
7 years ago
Split "Account Settings" page into subpages.
8 years ago
Adding an option to send daily or hourly reminders if any check is down. Fixes #48
7 years ago
Split "Account Settings" page into subpages.
8 years ago
Nicer "your settings have been updated" message.
7 years ago
Split "Account Settings" page into subpages.
8 years ago
Cleanup in hc.accounts.views
7 years ago
Split "Account Settings" page into subpages.
8 years ago
Badges
8 years ago
Cleanup in hc.accounts.views
7 years ago
Badges can now return either SVG or JSON
7 years ago
Badges
8 years ago
Badges can now return either SVG or JSON
7 years ago
Badges
8 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Material icons.
8 years ago
Adding "Overall status" badge.
7 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Split "Account Settings" page into subpages.
8 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Cleanup in hc.accounts.views
7 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Cleanup in hc.accounts.views
7 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Support for "Add to Slack" button
8 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
First stab at API, POST /api/v1/checks
9 years ago
Users can add passwords to their accounts. Fixes #6
9 years ago
Users can update their email addresses. Fixes #105
7 years ago
Cleanup in hc.accounts.views
7 years ago
Users can update their email addresses. Fixes #105
7 years ago
Cleanup in hc.accounts.views
7 years ago
Users can update their email addresses. Fixes #105
7 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
More secure unsubscribe links for monthly reports.
7 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Cleanup in hc.accounts.views
7 years ago
Clear out `Profile.next_report_date` and `Profile.next_nag_date` when unsubscribing from reports.
7 years ago
Adding an option to send daily or hourly reminders if any check is down. Fixes #48
7 years ago
Clear out `Profile.next_report_date` and `Profile.next_nag_date` when unsubscribing from reports.
7 years ago
Cleanup in hc.accounts.views
7 years ago
Code to send monthly reports (but no management command yet to actually send them)
9 years ago
Team Access, test cleanup
9 years ago
/switch_team/ requires login and a valid target username
8 years ago
Team Access, test cleanup
9 years ago
/switch_team/ requires login and a valid target username
8 years ago
Email reports list checks from all teams the user has access to.
7 years ago
/switch_team/ requires login and a valid target username
8 years ago
Team Access, test cleanup
9 years ago
Fix bug in /accounts/switch_team/, updated messaging.
9 years ago
Team Access, test cleanup
9 years ago
Fix bug in /accounts/switch_team/, updated messaging.
9 years ago
Split "Account Settings" page into subpages.
8 years ago
Email reports list checks from all teams the user has access to.
7 years ago
Fix bug in /accounts/switch_team/, updated messaging.
9 years ago
Split "Account Settings" page into subpages.
8 years ago
Fix bug in /accounts/switch_team/, updated messaging.
9 years ago
Email reports list checks from all teams the user has access to.
7 years ago
Fix bug in /accounts/switch_team/, updated messaging.
9 years ago
Team Access, test cleanup
9 years ago
Email reports list checks from all teams the user has access to.
7 years ago
Cleanup in hc.accounts.views
7 years ago
Team Access, test cleanup
9 years ago
"Close Account" section in Settings page. Fixes #95
8 years ago
Adding on_delete keywords, more to come.
8 years ago
"Close Account" section in Settings page. Fixes #95
8 years ago
 
  1. from datetime import timedelta as td
  2. import uuid
  3. import re
  4. 

  5. from django.conf import settings
  6. from django.contrib import messages
  7. from django.contrib.auth import login as auth_login
  8. from django.contrib.auth import logout as auth_logout
  9. from django.contrib.auth import authenticate
  10. from django.contrib.auth.decorators import login_required
  11. from django.contrib.auth.models import User
  12. from django.core import signing
  13. from django.http import HttpResponseForbidden, HttpResponseBadRequest
  14. from django.shortcuts import redirect, render
  15. from django.utils.timezone import now
  16. from django.views.decorators.http import require_POST
  17. from hc.accounts.forms import (ChangeEmailForm, EmailPasswordForm,
  18.                                InviteTeamMemberForm, RemoveTeamMemberForm,
  19.                                ReportSettingsForm, SetPasswordForm,
  20.                                TeamNameForm)
  21. from hc.accounts.models import Profile, Member
  22. from hc.api.models import Channel, Check
  23. from hc.lib.badges import get_badge_url
  24. from hc.payments.models import Subscription
  25. 

  26. 

  27. def _make_user(email):
  28.     username = str(uuid.uuid4())[:30]
  29.     user = User(username=username, email=email)
  30.     user.set_unusable_password()
  31.     user.save()
  32. 

  33.     # Ensure a profile gets created
  34.     Profile.objects.for_user(user)
  35. 

  36.     channel = Channel()
  37.     channel.user = user
  38.     channel.kind = "email"
  39.     channel.value = email
  40.     channel.email_verified = True
  41.     channel.save()
  42. 

  43.     return user
  44. 

  45. 

  46. def _associate_demo_check(request, user):
  47.     if "welcome_code" not in request.session:
  48.         return
  49. 

  50.     try:
  51.         check = Check.objects.get(code=request.session["welcome_code"])
  52.     except Check.DoesNotExist:
  53.         return
  54. 

  55.     # Only associate demo check if it doesn't have an owner already.
  56.     if check.user:
  57.         return
  58. 

  59.     check.user = user
  60.     check.save()
  61. 

  62.     check.assign_all_channels()
  63. 

  64.     del request.session["welcome_code"]
  65. 

  66. 

  67. def _ensure_own_team(request):
  68.     """ Make sure user is switched to their own team. """
  69. 

  70.     if request.team != request.profile:
  71.         request.team = request.profile
  72.         request.profile.current_team = request.profile
  73.         request.profile.save()
  74. 

  75. 

  76. def login(request, show_password=False):
  77.     bad_credentials = False
  78.     if request.method == 'POST':
  79.         form = EmailPasswordForm(request.POST)
  80.         if form.is_valid():
  81.             email = form.cleaned_data["email"]
  82.             password = form.cleaned_data["password"]
  83.             if len(password):
  84.                 user = authenticate(username=email, password=password)
  85.                 if user is not None and user.is_active:
  86.                     auth_login(request, user)
  87.                     return redirect("hc-checks")
  88.                 bad_credentials = True
  89.                 show_password = True
  90.             else:
  91.                 user = None
  92.                 try:
  93.                     user = User.objects.get(email=email)
  94.                 except User.DoesNotExist:
  95.                     if settings.REGISTRATION_OPEN:
  96.                         user = _make_user(email)
  97.                         _associate_demo_check(request, user)
  98.                     else:
  99.                         bad_credentials = True
  100. 

  101.                 if user:
  102.                     profile = Profile.objects.for_user(user)
  103.                     profile.send_instant_login_link()
  104.                     return redirect("hc-login-link-sent")
  105. 

  106.     else:
  107.         form = EmailPasswordForm()
  108. 

  109.     bad_link = request.session.pop("bad_link", None)
  110.     ctx = {
  111.         "form": form,
  112.         "bad_credentials": bad_credentials,
  113.         "bad_link": bad_link,
  114.         "show_password": show_password
  115.     }
  116.     return render(request, "accounts/login.html", ctx)
  117. 

  118. 

  119. def logout(request):
  120.     auth_logout(request)
  121.     return redirect("hc-index")
  122. 

  123. 

  124. def login_link_sent(request):
  125.     return render(request, "accounts/login_link_sent.html")
  126. 

  127. 

  128. def link_sent(request):
  129.     return render(request, "accounts/link_sent.html")
  130. 

  131. 

  132. def check_token(request, username, token):
  133.     if request.user.is_authenticated and request.user.username == username:
  134.         # User is already logged in
  135.         return redirect("hc-checks")
  136. 

  137.     # Some email servers open links in emails to check for malicious content.
  138.     # To work around this, we sign user in if the method is POST.
  139.     #
  140.     # If the method is GET, we instead serve a HTML form and a piece
  141.     # of Javascript to automatically submit it.
  142. 

  143.     if request.method == "POST":
  144.         user = authenticate(username=username, token=token)
  145.         if user is not None and user.is_active:
  146.             # This should get rid of "welcome_code" in session
  147.             request.session.flush()
  148. 

  149.             user.profile.token = ""
  150.             user.profile.save()
  151.             auth_login(request, user)
  152. 

  153.             return redirect("hc-checks")
  154. 

  155.         request.session["bad_link"] = True
  156.         return redirect("hc-login")
  157. 

  158.     return render(request, "accounts/check_token_submit.html")
  159. 

  160. 

  161. @login_required
  162. def profile(request):
  163.     _ensure_own_team(request)
  164.     profile = request.profile
  165. 

  166.     ctx = {
  167.         "page": "profile",
  168.         "profile": profile,
  169.         "show_api_key": False,
  170.         "api_status": "default",
  171.         "team_status": "default"
  172.     }
  173. 

  174.     if request.method == "POST":
  175.         if "change_email" in request.POST:
  176.             profile.send_change_email_link()
  177.             return redirect("hc-link-sent")
  178.         elif "set_password" in request.POST:
  179.             profile.send_set_password_link()
  180.             return redirect("hc-link-sent")
  181.         elif "create_api_key" in request.POST:
  182.             profile.set_api_key()
  183.             ctx["show_api_key"] = True
  184.             ctx["api_key_created"] = True
  185.             ctx["api_status"] = "success"
  186.         elif "revoke_api_key" in request.POST:
  187.             profile.api_key = ""
  188.             profile.save()
  189.             ctx["api_key_revoked"] = True
  190.             ctx["api_status"] = "info"
  191.         elif "show_api_key" in request.POST:
  192.             ctx["show_api_key"] = True
  193.         elif "invite_team_member" in request.POST:
  194.             if not profile.can_invite():
  195.                 return HttpResponseForbidden()
  196. 

  197.             form = InviteTeamMemberForm(request.POST)
  198.             if form.is_valid():
  199. 

  200.                 email = form.cleaned_data["email"]
  201.                 try:
  202.                     user = User.objects.get(email=email)
  203.                 except User.DoesNotExist:
  204.                     user = _make_user(email)
  205. 

  206.                 profile.invite(user)
  207.                 ctx["team_member_invited"] = email
  208.                 ctx["team_status"] = "success"
  209. 

  210.         elif "remove_team_member" in request.POST:
  211.             form = RemoveTeamMemberForm(request.POST)
  212.             if form.is_valid():
  213. 

  214.                 email = form.cleaned_data["email"]
  215.                 farewell_user = User.objects.get(email=email)
  216.                 farewell_user.profile.current_team = None
  217.                 farewell_user.profile.save()
  218. 

  219.                 Member.objects.filter(team=profile,
  220.                                       user=farewell_user).delete()
  221. 

  222.                 ctx["team_member_removed"] = email
  223.                 ctx["team_status"] = "info"
  224.         elif "set_team_name" in request.POST:
  225.             form = TeamNameForm(request.POST)
  226.             if form.is_valid():
  227.                 profile.team_name = form.cleaned_data["team_name"]
  228.                 profile.save()
  229.                 ctx["team_name_updated"] = True
  230.                 ctx["team_status"] = "success"
  231. 

  232.     return render(request, "accounts/profile.html", ctx)
  233. 

  234. 

  235. @login_required
  236. def notifications(request):
  237.     _ensure_own_team(request)
  238.     profile = request.profile
  239. 

  240.     ctx = {
  241.         "status": "default",
  242.         "page": "profile",
  243.         "profile": profile
  244.     }
  245. 

  246.     if request.method == "POST":
  247.         form = ReportSettingsForm(request.POST)
  248.         if form.is_valid():
  249.             if profile.reports_allowed != form.cleaned_data["reports_allowed"]:
  250.                 profile.reports_allowed = form.cleaned_data["reports_allowed"]
  251.                 if profile.reports_allowed:
  252.                     profile.next_report_date = now() + td(days=30)
  253.                 else:
  254.                     profile.next_report_date = None
  255. 

  256.             if profile.nag_period != form.cleaned_data["nag_period"]:
  257.                 # Set the new nag period
  258.                 profile.nag_period = form.cleaned_data["nag_period"]
  259.                 # and schedule next_nag_date:
  260.                 if profile.nag_period:
  261.                     profile.next_nag_date = now() + profile.nag_period
  262.                 else:
  263.                     profile.next_nag_date = None
  264. 

  265.             profile.save()
  266.             ctx["status"] = "info"
  267. 

  268.     return render(request, "accounts/notifications.html", ctx)
  269. 

  270. 

  271. @login_required
  272. def badges(request):
  273.     _ensure_own_team(request)
  274. 

  275.     tags = set()
  276.     for check in Check.objects.filter(user=request.team.user):
  277.         tags.update(check.tags_list())
  278. 

  279.     username = request.user.username
  280.     urls = []
  281.     for tag in sorted(tags, key=lambda s: s.lower()):
  282.         if not re.match("^[\w-]+$", tag):
  283.             continue
  284. 

  285.         urls.append({
  286.             "svg": get_badge_url(username, tag),
  287.             "json": get_badge_url(username, tag, format="json"),
  288.         })
  289. 

  290.     ctx = {
  291.         "page": "profile",
  292.         "urls": urls,
  293.         "master": {
  294.             "svg": get_badge_url(username, "*"),
  295.             "json": get_badge_url(username, "*", format="json")
  296.         }
  297.     }
  298. 

  299.     return render(request, "accounts/badges.html", ctx)
  300. 

  301. 

  302. @login_required
  303. def set_password(request, token):
  304.     if not request.profile.check_token(token, "set-password"):
  305.         return HttpResponseBadRequest()
  306. 

  307.     if request.method == "POST":
  308.         form = SetPasswordForm(request.POST)
  309.         if form.is_valid():
  310.             password = form.cleaned_data["password"]
  311.             request.user.set_password(password)
  312.             request.user.save()
  313. 

  314.             request.profile.token = ""
  315.             request.profile.save()
  316. 

  317.             # Setting a password logs the user out, so here we
  318.             # log them back in.
  319.             u = authenticate(username=request.user.email, password=password)
  320.             auth_login(request, u)
  321. 

  322.             messages.success(request, "Your password has been set!")
  323.             return redirect("hc-profile")
  324. 

  325.     return render(request, "accounts/set_password.html", {})
  326. 

  327. 

  328. @login_required
  329. def change_email(request, token):
  330.     if not request.profile.check_token(token, "change-email"):
  331.         return HttpResponseBadRequest()
  332. 

  333.     if request.method == "POST":
  334.         form = ChangeEmailForm(request.POST)
  335.         if form.is_valid():
  336.             request.user.email = form.cleaned_data["email"]
  337.             request.user.set_unusable_password()
  338.             request.user.save()
  339. 

  340.             request.profile.token = ""
  341.             request.profile.save()
  342. 

  343.             return redirect("hc-change-email-done")
  344.     else:
  345.         form = ChangeEmailForm()
  346. 

  347.     return render(request, "accounts/change_email.html", {"form": form})
  348. 

  349. 

  350. def change_email_done(request):
  351.     return render(request, "accounts/change_email_done.html")
  352. 

  353. 

  354. def unsubscribe_reports(request, username):
  355.     if ":" in username:
  356.         signer = signing.TimestampSigner(salt="reports")
  357.         try:
  358.             username = signer.unsign(username)
  359.         except signing.BadSignature:
  360.             return render(request, "bad_link.html")
  361.     else:
  362.         # Username is not signed but there should be a ?token=... parameter
  363.         # This is here for backwards compatibility and will be removed
  364.         # at some point.
  365.         try:
  366.             signing.Signer().unsign(request.GET.get("token"))
  367.         except signing.BadSignature:
  368.             return render(request, "bad_link.html")
  369. 

  370.     user = User.objects.get(username=username)
  371.     profile = Profile.objects.for_user(user)
  372.     profile.reports_allowed = False
  373.     profile.next_report_date = None
  374.     profile.nag_period = td()
  375.     profile.next_nag_date = None
  376.     profile.save()
  377. 

  378.     return render(request, "accounts/unsubscribed.html")
  379. 

  380. 

  381. @login_required
  382. def switch_team(request, target_username):
  383.     try:
  384.         target_team = Profile.objects.get(user__username=target_username)
  385.     except Profile.DoesNotExist:
  386.         return HttpResponseForbidden()
  387. 

  388.     # The rules:
  389.     # Superuser can switch to any team.
  390.     access_ok = request.user.is_superuser
  391. 

  392.     # Users can switch to their own teams.
  393.     if not access_ok and target_team == request.profile:
  394.         access_ok = True
  395. 

  396.     # Users can switch to teams they are members of.
  397.     if not access_ok:
  398.         access_ok = request.user.memberships.filter(team=target_team).exists()
  399. 

  400.     if not access_ok:
  401.         return HttpResponseForbidden()
  402. 

  403.     request.profile.current_team = target_team
  404.     request.profile.save()
  405. 

  406.     return redirect("hc-checks")
  407. 

  408. 

  409. @require_POST
  410. @login_required
  411. def close(request):
  412.     user = request.user
  413. 

  414.     # Subscription needs to be canceled before it is deleted:
  415.     sub = Subscription.objects.filter(user=user).first()
  416.     if sub:
  417.         sub.cancel()
  418. 

  419.     user.delete()
  420. 

  421.     # Deleting user also deletes its profile, checks, channels etc.
  422. 

  423.     request.session.flush()
  424.     return redirect("hc-index")