import base64
|
|
import binascii
|
|
from datetime import timedelta as td
|
|
|
|
from django import forms
|
|
from django.core.exceptions import ValidationError
|
|
from django.contrib.auth import authenticate
|
|
from django.contrib.auth.models import User
|
|
from hc.api.models import TokenBucket
|
|
|
|
|
|
class LowercaseEmailField(forms.EmailField):
|
|
def clean(self, value):
|
|
value = super(LowercaseEmailField, self).clean(value)
|
|
return value.lower()
|
|
|
|
|
|
class Base64Field(forms.CharField):
|
|
def to_python(self, value):
|
|
if value is None:
|
|
return None
|
|
|
|
try:
|
|
return base64.b64decode(value.encode())
|
|
except binascii.Error:
|
|
raise ValidationError(message="Cannot decode base64")
|
|
|
|
|
|
class AvailableEmailForm(forms.Form):
|
|
# Call it "identity" instead of "email"
|
|
# to avoid some of the dumber bots
|
|
identity = LowercaseEmailField(
|
|
error_messages={"required": "Please enter your email address."}
|
|
)
|
|
|
|
def clean_identity(self):
|
|
v = self.cleaned_data["identity"]
|
|
if len(v) > 254:
|
|
raise forms.ValidationError("Address is too long.")
|
|
|
|
if User.objects.filter(email=v).exists():
|
|
raise forms.ValidationError(
|
|
"An account with this email address already exists."
|
|
)
|
|
|
|
return v
|
|
|
|
|
|
class EmailLoginForm(forms.Form):
|
|
# Call it "identity" instead of "email"
|
|
# to avoid some of the dumber bots
|
|
identity = LowercaseEmailField()
|
|
|
|
def clean_identity(self):
|
|
v = self.cleaned_data["identity"]
|
|
if not TokenBucket.authorize_login_email(v):
|
|
raise forms.ValidationError("Too many attempts, please try later.")
|
|
|
|
try:
|
|
self.user = User.objects.get(email=v)
|
|
except User.DoesNotExist:
|
|
raise forms.ValidationError("Incorrect email address.")
|
|
|
|
return v
|
|
|
|
|
|
class PasswordLoginForm(forms.Form):
|
|
email = LowercaseEmailField()
|
|
password = forms.CharField()
|
|
|
|
def clean(self):
|
|
username = self.cleaned_data.get("email")
|
|
password = self.cleaned_data.get("password")
|
|
|
|
if username and password:
|
|
if not TokenBucket.authorize_login_password(username):
|
|
raise forms.ValidationError("Too many attempts, please try later.")
|
|
|
|
self.user = authenticate(username=username, password=password)
|
|
if self.user is None or not self.user.is_active:
|
|
raise forms.ValidationError("Incorrect email or password.")
|
|
|
|
return self.cleaned_data
|
|
|
|
|
|
class ReportSettingsForm(forms.Form):
|
|
reports_allowed = forms.BooleanField(required=False)
|
|
nag_period = forms.IntegerField(min_value=0, max_value=86400)
|
|
|
|
def clean_nag_period(self):
|
|
seconds = self.cleaned_data["nag_period"]
|
|
|
|
if seconds not in (0, 3600, 86400):
|
|
raise forms.ValidationError("Bad nag_period: %d" % seconds)
|
|
|
|
return td(seconds=seconds)
|
|
|
|
|
|
class SetPasswordForm(forms.Form):
|
|
password = forms.CharField(min_length=8)
|
|
|
|
|
|
class ChangeEmailForm(forms.Form):
|
|
error_css_class = "has-error"
|
|
email = LowercaseEmailField()
|
|
|
|
def clean_email(self):
|
|
v = self.cleaned_data["email"]
|
|
if User.objects.filter(email=v).exists():
|
|
raise forms.ValidationError("%s is already registered" % v)
|
|
|
|
return v
|
|
|
|
|
|
class InviteTeamMemberForm(forms.Form):
|
|
email = LowercaseEmailField(max_length=254)
|
|
rw = forms.BooleanField(required=False)
|
|
|
|
|
|
class RemoveTeamMemberForm(forms.Form):
|
|
email = LowercaseEmailField()
|
|
|
|
|
|
class ProjectNameForm(forms.Form):
|
|
name = forms.CharField(max_length=60)
|
|
|
|
|
|
class TransferForm(forms.Form):
|
|
email = LowercaseEmailField()
|
|
|
|
|
|
class AddCredentialForm(forms.Form):
|
|
name = forms.CharField(max_length=100)
|
|
client_data_json = Base64Field()
|
|
attestation_object = Base64Field()
|
|
|
|
|
|
class LoginTfaForm(forms.Form):
|
|
credential_id = Base64Field()
|
|
client_data_json = Base64Field()
|
|
authenticator_data = Base64Field()
|
|
signature = Base64Field()
|