Skip to content

Commit

Permalink
user activation
Browse files Browse the repository at this point in the history
  • Loading branch information
@BenediktMKuehne
BenediktMKuehne committed Oct 24, 2024
1 parent 2c6ccd8 commit 6509735
Show file tree
Hide file tree
Showing 10 changed files with 113 additions and 35 deletions.
7 changes: 3 additions & 4 deletions embark/embark/settings/deploy.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,17 +23,16 @@
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/3.2/howto/deployment/checklist/

# HASHID_FIELD_SALT = os.environ.get('HASHID_SALT')
# HASHID_FIELD_MIN_LENGTH = os.environ.get('HASHID_FIELD_MIN_LENGTH', 7)
# HASHID_FIELD_ENABLE_HASHID_OBJECT = os.environ.get('HASHID_FIELD_ENABLE_HASHID_OBJECT', False)
# HASHID_FIELD_ENABLE_DESCRIPTOR = os.environ.get('HASHID_FIELD_ENABLE_DESCRIPTOR', False)
SECRET_KEY = os.environ.get('SECRET_KEY')

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False

ALLOWED_HOSTS = ['*']

DOMAIN = "embark.local"
EMAIL_ACTIVE = False

# EMBA stuff
# EMBA location
EMBA_ROOT = os.path.join(BASE_DIR.parent, 'emba')
Expand Down
3 changes: 3 additions & 0 deletions embark/embark/settings/dev.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@
EMBA_LOG_URL = 'emba_logs/'

DEBUG = True
DOMAIN = "embark.local"
EMAIL_ACTIVE = False


INSTALLED_APPS = [
'django.contrib.admin',
Expand Down
4 changes: 2 additions & 2 deletions embark/embark/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,12 +17,12 @@
__author__ = 'm-1-k-3, RaviChandra, Garima Chauhan, Maximilian Wagner, diegiesskanne'
__license__ = 'MIT'

# from django.contrib import admin
from django.contrib import admin
from django.urls import path, include
from django.contrib.staticfiles.urls import staticfiles_urlpatterns

urlpatterns = [
# path('admin/', admin.site.urls),
path('admin/', admin.site.urls),
path('', include('updater.urls')),
path('', include('uploader.urls')),
path('', include('users.urls')),
Expand Down
5 changes: 5 additions & 0 deletions embark/templates/user/activate.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{% csrf_token %}
{% for field in form %}
<label >{{ field.label_tag }}</label>
{{ field }}
{% endfor %}
8 changes: 8 additions & 0 deletions embark/templates/user/email_template.html
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
{% autoescape off %}
Dear {{ username }},

Please follow the link to confirm your registration,
http://{{ domain }}{% url 'activate' user_id=uid activation_token=token %}

OR manually input the following token: {{ token }}
{% endautoescape %}
14 changes: 14 additions & 0 deletions embark/users/forms.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
from django import forms
from django.contrib.auth.forms import UserCreationForm
from users.models import User


class SignupForm(UserCreationForm):
class Meta:
model = User
fields = ('username', 'email', 'password1', 'password2')


class ActivationForm(forms.Form):

token = forms.CharField(max_length=256, min_length=256)
7 changes: 2 additions & 5 deletions embark/users/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
import enum

from django.db import models
from django.contrib.auth.models import AbstractUser
from django.contrib.auth.models import User as DjangoUser
from django.conf import settings

from lib.choice_enum import ChoiceIntEnum
Expand All @@ -26,10 +26,7 @@ class Team(models.Model):
modified = models.DateTimeField(auto_now=True, help_text='Date time when this entry was modified')


class User(AbstractUser):
is_active = models.BooleanField(default=True, help_text='User active or not')
created = models.DateTimeField(auto_now_add=True, help_text='Date time when this entry was created')
modified = models.DateTimeField(auto_now=True, help_text='Date time when this entry was modified')
class User(DjangoUser):
timezone = models.CharField(max_length=32, choices=settings.TIMEZONES, default='UTC')


Expand Down
1 change: 1 addition & 0 deletions embark/users/urls.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
path(settings.LOGIN_URL, views.embark_login, name='embark-login'),
path('user/', views.user_main, name='embark-user-main'),
path('register/', views.register, name='embark-register'),
path('register/activate/<uuid:user_id>/', views.register, name='embark-activate-user'),
path('logout/', views.embark_logout, name='embark-logout'),
path('user/password_change/', views.password_change, name='embark-password-change'),
path('user/acc_delete/', views.acc_delete, name='embark-acc-delete'),
Expand Down
93 changes: 72 additions & 21 deletions embark/users/views.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,20 @@
import logging

from django.contrib.auth.decorators import login_required
from django.contrib.auth import authenticate, login, logout, get_user
from django.contrib.auth.tokens import default_token_generator
from django.contrib.sites.shortcuts import get_current_site
from django.contrib import messages
from django.shortcuts import render, redirect
from django.views.decorators.csrf import csrf_exempt
from django.views.decorators.http import require_http_methods

from django.contrib.auth import authenticate, login, logout, get_user
from django.contrib import messages
from django.template.loader import render_to_string
from django.conf import settings
from django.utils import timezone
from django.urls import reverse
from django.core.mail import send_mail

from users.forms import ActivationForm, SignupForm
from users.models import User

logger = logging.getLogger(__name__)
Expand All @@ -32,29 +37,38 @@ def user_main(request):
def register(request):
if request.method == "POST":
logger.debug(request.POST)
data = {k: v[0] for k, v in dict(request.POST).items()}
logger.debug(data)
try:
body = {k: v[0] for k, v in dict(request.POST).items()}
try:
username = body['username']
password = body['password']
confirm_password = body['confirm_password']
if password != confirm_password:
logger.debug('Passwords do not match')
messages.success(request, 'Passwords do not match.')
return render(request, 'user/register.html')
user = get_user(request)
signup_form = SignupForm(request.POST)
if signup_form.is_valid():
username = signup_form.cleaned_data.get('username')
password = signup_form.cleaned_data.get('password')
email = signup_form.cleaned_data.get('email')
logger.debug('Passwords match. Creating user')
user = User.objects.create(username=username)
user = User.objects.create(username=username, email=email)
user.set_password(password)
user.is_active = False
user.save()
logger.debug('User created')
messages.success(request, 'Registration successful.')
return redirect('../../')
except KeyError:
logger.exception('Missing keys from data- Username, password, password_confirm')
messages.error(request, 'User data is missing/invalid.')
return render(request, 'user/register.html')
# TODO create email + token
token = default_token_generator.make_token(user)
current_site = get_current_site(request)
mail_subject = 'Activate your EMBArk account.'
message = render_to_string('email_template.html', context={
'user': user,
'username': user.username,
'domain': current_site.domain,
'uid': user.id,
'token': token,
})

if settings.EMAIL_ACTIVE:
send_mail(mail_subject, message, 'system@' + settings.DOMAIN, [email])
messages.success(request, 'Registration successful. Please check your email to activate')
return redirect(reverse('embark-login'))
else:
logger.debug("Registered, redirecting to login")
activate_user(user.id, token)
except builtins.Exception as error:
logger.exception('Wide exception in Signup: %s', error)
messages.error(request, 'Something went wrong when signing up the user.')
Expand Down Expand Up @@ -230,3 +244,40 @@ def set_timezone(request):
else:
messages.error(request, 'Timezone could not be set')
return redirect("..")


def activate_user(user, token):
"""
activates user with token
"""
if default_token_generator.check_token(user, token):
user.is_active = True
user.save()
return True
return False


@require_http_methods(["GET", "POST"])
@login_required(login_url='/' + settings.LOGIN_URL)
def activate(request):
"""
activation page + form request
activates user through the usage of token
"""
if request.method == "POST":
logger.debug(request.POST)
try:
user = get_user(request)
activation_form = ActivationForm(request.POST)
if activation_form.is_valid():
token = activation_form.cleand_data["token"]
if activate_user(user, token):
messages.success(request, str(user.username) + 'activated')
else:
messages.error(request, "Token invalid - maybe it expired?")
except ValueError as val_error:
logger.error(f"{val_error} in token {token}")
return redirect(reverse('embark-login'))
else:
activation_form = ActivationForm()
render(request, 'activate.html', {'activation-form': activation_form})
6 changes: 3 additions & 3 deletions installer.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,9 +81,9 @@ save_old_env(){
}

write_env(){
local SUPER_PW="embark"
local SUPER_EMAIL="[email protected]"
local SUPER_USER="superuser"
local SUPER_PW="$(openssl rand -base64 8)"
local SUPER_EMAIL="[email protected]"
local SUPER_USER="admin"
local RANDOM_PW=""
local DJANGO_SECRET_KEY=""
local ENV_FILES=()
Expand Down

0 comments on commit 6509735

Please sign in to comment.