IdHub/idhub/views.py

import base64
import json
import uuid
import logging
import zlib

import pyroaring
from django.conf import settings
from django.core.cache import cache
from django.urls import reverse_lazy
from django.views.generic.base import TemplateView
from django.contrib.auth import views as auth_views
from django.contrib.auth import login as auth_login
from django.utils.translation import gettext_lazy as _
from django.shortcuts import get_object_or_404, redirect
from django.contrib.auth.mixins import LoginRequiredMixin
from django.http import HttpResponseRedirect, HttpResponse, Http404

from idhub.models import DID, VerificableCredential
from idhub.email.views import NotifyActivateUserByEmail
from trustchain_idhub import settings


logger = logging.getLogger(__name__)


class LoginView(auth_views.LoginView):
    template_name = 'auth/login.html'
    extra_context = {
        'title': _('Login'),
        'success_url': reverse_lazy('idhub:user_dashboard'),
    }

    def get(self, request, *args, **kwargs):
        self.extra_context['success_url'] = request.GET.get(
            'next',
            reverse_lazy('idhub:user_dashboard')
        )
        if not self.request.user.is_anonymous:
            if self.request.user.is_admin:
                return redirect(reverse_lazy('idhub:admin_dashboard'))
            else:
                return redirect(reverse_lazy('idhub:user_dashboard'))
            
        return super().get(request, *args, **kwargs)

    def form_valid(self, form):
        user = form.get_user()
        password = form.cleaned_data.get("password")
        auth_login(self.request, user)

        sensitive_data_encryption_key = user.decrypt_sensitive_data(password)

        if not user.is_anonymous and user.is_admin:
            admin_dashboard = reverse_lazy('idhub:admin_dashboard')
            self.extra_context['success_url'] = admin_dashboard
            # encryption_key = user.encrypt_data(
            #     sensitive_data_encryption_key,
            #     settings.SECRET_KEY
            # )
            # cache.set("KEY_DIDS", encryption_key, None)
            cache.set("KEY_DIDS", sensitive_data_encryption_key, None)
            if settings.ENABLE_2FACTOR_AUTH:
                self.request.session["2fauth"] = str(uuid.uuid4())
                return redirect(reverse_lazy('idhub:confirm_send_2f'))

        self.request.session["key_did"] = user.encrypt_data(
            sensitive_data_encryption_key,
            user.password+self.request.session._session_key
        )

        return HttpResponseRedirect(self.extra_context['success_url'])


class PasswordResetConfirmView(auth_views.PasswordResetConfirmView):
    template_name = 'auth/password_reset_confirm.html'
    success_url = reverse_lazy('idhub:password_reset_complete')

    def form_valid(self, form):
        password = form.cleaned_data.get("new_password1")
        user = form.user
        user.set_password(password)
        user.set_encrypted_sensitive_data(password)
        user.save()
        return HttpResponseRedirect(self.success_url)


class PasswordResetView(auth_views.PasswordResetView):
    template_name = 'auth/password_reset.html'
    email_template_name = 'auth/password_reset_email.txt'
    html_email_template_name = 'auth/password_reset_email.html'
    subject_template_name = 'auth/password_reset_subject.txt'
    success_url = reverse_lazy('idhub:password_reset_done')

    def form_valid(self, form):
        try:
            return super().form_valid(form)
        except Exception as err:
            logger.error(err)
        # url_error = reverse_lazy('idhub:password_reset_error')
        # return HttpResponseRedirect(url_error)
        return HttpResponseRedirect(self.success_url)


def serve_did(request, did_id):
    import urllib.parse
    domain = urllib.parse.urlencode({"domain": settings.DOMAIN})[7:]
    id_did = f'did:web:{domain}:did-registry:{did_id}'
    did = get_object_or_404(DID, did=id_did)
    # Deserialize the base DID from JSON storage
    document = json.loads(did.didweb_document)
    # Has this DID issued any Verifiable Credentials? If so, we need to add a Revocation List "service"
    #  entry to the DID document.
    revoked_credentials = did.vcredentials.filter(status=VerificableCredential.Status.REVOKED)
    revoked_credential_indexes = []
    for credential in revoked_credentials:
        revoked_credential_indexes.append(credential.id)
        # revoked_credential_indexes.append(credential.revocationBitmapIndex)
    # TODO: Conditionally add "service" to DID document only if the DID has issued any VC
    revocation_bitmap = pyroaring.BitMap(revoked_credential_indexes)
    encoded_revocation_bitmap = base64.b64encode(
        zlib.compress(
            revocation_bitmap.serialize()
        )
    ).decode('utf-8')
    revocation_service = [{  # This is an object within a list.
        "id": f"{id_did}#revocation",
        "type": "RevocationBitmap2022",
        "serviceEndpoint": f"data:application/octet-stream;base64,{encoded_revocation_bitmap}"
    }]
    document["service"] = revocation_service
    # Serialize the DID + Revocation list in preparation for sending
    document = json.dumps(document)
    retval = HttpResponse(document)
    retval.headers["Content-Type"] = "application/json"
    return retval


class DobleFactorSendView(LoginRequiredMixin, NotifyActivateUserByEmail, TemplateView):
    template_name = 'auth/2fadmin.html'
    subject_template_name = 'auth/2fadmin_email_subject.txt'
    email_template_name = 'auth/2fadmin_email.txt'
    html_email_template_name = 'auth/2fadmin_email.html'

    def get(self, request, *args, **kwargs):
        if not request.user.is_admin:
            raise Http404

        f2auth = self.request.session.get("2fauth")
        if not f2auth:
            raise Http404

        self.send_email(self.request.user, token=f2auth)
        return super().get(request, *args, **kwargs)
Soporte para revocación Falta de alguna manera especificar cuando se crean los did:web, que son prerequisito para revocar credenciales 2024-02-01 20:19:07 +00:00			`import base64`
Initial support for revocation of Verifiable Credentials 2024-01-31 09:54:40 +00:00			`import json`
admin2fauth 2024-01-19 09:59:35 +00:00			`import uuid`
fix reset password 2024-02-02 14:40:52 +00:00			`import logging`
Soporte para revocación Falta de alguna manera especificar cuando se crean los did:web, que son prerequisito para revocar credenciales 2024-02-01 20:19:07 +00:00			`import zlib`
view for doble factore sending email 2024-01-19 19:37:17 +00:00
Soporte para revocación Falta de alguna manera especificar cuando se crean los did:web, que son prerequisito para revocar credenciales 2024-02-01 20:19:07 +00:00			`import pyroaring`
encrypt admin dids with secret_key 2024-01-17 11:40:54 +00:00			`from django.conf import settings`
change settings for cache 2024-01-03 18:53:11 +00:00			`from django.core.cache import cache`
view for doble factore sending email 2024-01-19 19:37:17 +00:00			`from django.urls import reverse_lazy`
			`from django.views.generic.base import TemplateView`
add login 2023-10-09 08:49:56 +00:00			`from django.contrib.auth import views as auth_views`
fix login admin 2023-11-21 14:20:15 +00:00			`from django.contrib.auth import login as auth_login`
view for doble factore sending email 2024-01-19 19:37:17 +00:00			`from django.utils.translation import gettext_lazy as _`
			`from django.shortcuts import get_object_or_404, redirect`
			`from django.contrib.auth.mixins import LoginRequiredMixin`
			`from django.http import HttpResponseRedirect, HttpResponse, Http404`
Infraestructura para usar didweb 2024-01-15 09:34:42 +00:00
Initial support for revocation of Verifiable Credentials 2024-01-31 09:54:40 +00:00			`from idhub.models import DID, VerificableCredential`
view for doble factore sending email 2024-01-19 19:37:17 +00:00			`from idhub.email.views import NotifyActivateUserByEmail`
Infraestructura para usar didweb 2024-01-15 09:34:42 +00:00			`from trustchain_idhub import settings`
temporal push to share progress 2023-09-28 09:01:14 +00:00

fix reset password 2024-02-02 14:40:52 +00:00			`logger = logging.getLogger(__name__)`


add login 2023-10-09 08:49:56 +00:00			`class LoginView(auth_views.LoginView):`
my skeleton 2023-09-29 16:06:17 +00:00			`template_name = 'auth/login.html'`
			`extra_context = {`
			`'title': _('Login'),`
add login 2023-10-09 08:49:56 +00:00			`'success_url': reverse_lazy('idhub:user_dashboard'),`
my skeleton 2023-09-29 16:06:17 +00:00			`}`
temporal push to share progress 2023-09-28 09:01:14 +00:00
add registar of membership 2023-10-16 17:08:18 +00:00			`def get(self, request, args, *kwargs):`
fix problems with login 2024-01-12 16:22:28 +00:00			`self.extra_context['success_url'] = request.GET.get(`
			`'next',`
			`reverse_lazy('idhub:user_dashboard')`
			`)`
fix bug about session without logout 2024-01-30 18:35:29 +00:00			`if not self.request.user.is_anonymous:`
			`if self.request.user.is_admin:`
			`return redirect(reverse_lazy('idhub:admin_dashboard'))`
			`else:`
			`return redirect(reverse_lazy('idhub:user_dashboard'))`

add registar of membership 2023-10-16 17:08:18 +00:00			`return super().get(request, args, *kwargs)`
fix login admin 2023-11-21 14:20:15 +00:00
			`def form_valid(self, form):`
			`user = form.get_user()`
fix perpetual key in cache 2024-01-03 19:14:04 +00:00			`password = form.cleaned_data.get("password")`
fix issue dids and credentials 2024-01-06 18:18:59 +00:00			`auth_login(self.request, user)`

encripted in reset password 2024-01-04 11:43:24 +00:00			`sensitive_data_encryption_key = user.decrypt_sensitive_data(password)`
fix issue dids and credentials 2024-01-06 18:18:59 +00:00
fix login admin 2023-11-21 14:20:15 +00:00			`if not user.is_anonymous and user.is_admin:`
			`admin_dashboard = reverse_lazy('idhub:admin_dashboard')`
fix problems with login 2024-01-12 16:22:28 +00:00			`self.extra_context['success_url'] = admin_dashboard`
fix 2024-01-17 12:43:40 +00:00			`# encryption_key = user.encrypt_data(`
			`# sensitive_data_encryption_key,`
			`# settings.SECRET_KEY`
			`# )`
			`# cache.set("KEY_DIDS", encryption_key, None)`
			`cache.set("KEY_DIDS", sensitive_data_encryption_key, None)`
change AUTH2FACTOR -> ENABLE_2FACTOR_AUTH 2024-02-06 17:25:50 +00:00			`if settings.ENABLE_2FACTOR_AUTH:`
view for doble factore sending email 2024-01-19 19:37:17 +00:00			`self.request.session["2fauth"] = str(uuid.uuid4())`
			`return redirect(reverse_lazy('idhub:confirm_send_2f'))`
fix perpetual key in cache 2024-01-03 19:14:04 +00:00
fix issue dids and credentials 2024-01-06 18:18:59 +00:00			`self.request.session["key_did"] = user.encrypt_data(`
			`sensitive_data_encryption_key,`
			`user.password+self.request.session._session_key`
			`)`
encription from a env key and password admin 2024-01-03 16:52:46 +00:00
fix login admin 2023-11-21 14:20:15 +00:00			`return HttpResponseRedirect(self.extra_context['success_url'])`
Infraestructura para usar didweb 2024-01-15 09:34:42 +00:00

encripted in reset password 2024-01-04 11:43:24 +00:00			`class PasswordResetConfirmView(auth_views.PasswordResetConfirmView):`
			`template_name = 'auth/password_reset_confirm.html'`
			`success_url = reverse_lazy('idhub:password_reset_complete')`

			`def form_valid(self, form):`
fix reset password 2024-02-02 14:40:52 +00:00			`password = form.cleaned_data.get("new_password1")`
			`user = form.user`
			`user.set_password(password)`
encripted in reset password 2024-01-04 11:43:24 +00:00			`user.set_encrypted_sensitive_data(password)`
			`user.save()`
			`return HttpResponseRedirect(self.success_url)`
resolve merge conflicts 2024-01-17 13:11:47 +00:00

fix reset password 2024-02-02 14:40:52 +00:00			`class PasswordResetView(auth_views.PasswordResetView):`
			`template_name = 'auth/password_reset.html'`
			`email_template_name = 'auth/password_reset_email.txt'`
			`html_email_template_name = 'auth/password_reset_email.html'`
			`subject_template_name = 'auth/password_reset_subject.txt'`
			`success_url = reverse_lazy('idhub:password_reset_done')`

			`def form_valid(self, form):`
			`try:`
			`return super().form_valid(form)`
			`except Exception as err:`
			`logger.error(err)`
			`# url_error = reverse_lazy('idhub:password_reset_error')`
			`# return HttpResponseRedirect(url_error)`
			`return HttpResponseRedirect(self.success_url)`


Infraestructura para usar didweb 2024-01-15 09:34:42 +00:00			`def serve_did(request, did_id):`
Complete support for revocation 2024-02-05 18:44:54 +00:00			`import urllib.parse`
			`domain = urllib.parse.urlencode({"domain": settings.DOMAIN})[7:]`
			`id_did = f'did:web:{domain}:did-registry:{did_id}'`
add field type in form 2024-01-16 13:00:59 +00:00			`did = get_object_or_404(DID, did=id_did)`
Initial support for revocation of Verifiable Credentials 2024-01-31 09:54:40 +00:00			`# Deserialize the base DID from JSON storage`
			`document = json.loads(did.didweb_document)`
Soporte para revocación Falta de alguna manera especificar cuando se crean los did:web, que son prerequisito para revocar credenciales 2024-02-01 20:19:07 +00:00			`# Has this DID issued any Verifiable Credentials? If so, we need to add a Revocation List "service"`
			`# entry to the DID document.`
Complete support for revocation 2024-02-05 18:44:54 +00:00			`revoked_credentials = did.vcredentials.filter(status=VerificableCredential.Status.REVOKED)`
Initial support for revocation of Verifiable Credentials 2024-01-31 09:54:40 +00:00			`revoked_credential_indexes = []`
			`for credential in revoked_credentials:`
use id of credentials for du a index of revoke 2024-02-13 09:23:13 +00:00			`revoked_credential_indexes.append(credential.id)`
			`# revoked_credential_indexes.append(credential.revocationBitmapIndex)`
Soporte para revocación Falta de alguna manera especificar cuando se crean los did:web, que son prerequisito para revocar credenciales 2024-02-01 20:19:07 +00:00			`# TODO: Conditionally add "service" to DID document only if the DID has issued any VC`
			`revocation_bitmap = pyroaring.BitMap(revoked_credential_indexes)`
fix encode decode base64 2024-02-14 17:35:34 +00:00			`encoded_revocation_bitmap = base64.b64encode(`
			`zlib.compress(`
			`revocation_bitmap.serialize()`
			`)`
			`).decode('utf-8')`
Complete support for revocation 2024-02-05 18:44:54 +00:00			`revocation_service = [{ # This is an object within a list.`
Initial support for revocation of Verifiable Credentials 2024-01-31 09:54:40 +00:00			`"id": f"{id_did}#revocation",`
			`"type": "RevocationBitmap2022",`
			`"serviceEndpoint": f"data:application/octet-stream;base64,{encoded_revocation_bitmap}"`
			`}]`
Soporte para revocación Falta de alguna manera especificar cuando se crean los did:web, que son prerequisito para revocar credenciales 2024-02-01 20:19:07 +00:00			`document["service"] = revocation_service`
Initial support for revocation of Verifiable Credentials 2024-01-31 09:54:40 +00:00			`# Serialize the DID + Revocation list in preparation for sending`
			`document = json.dumps(document)`
Infraestructura para usar didweb 2024-01-15 09:34:42 +00:00			`retval = HttpResponse(document)`
			`retval.headers["Content-Type"] = "application/json"`
			`return retval`
view for doble factore sending email 2024-01-19 19:37:17 +00:00

			`class DobleFactorSendView(LoginRequiredMixin, NotifyActivateUserByEmail, TemplateView):`
			`template_name = 'auth/2fadmin.html'`
			`subject_template_name = 'auth/2fadmin_email_subject.txt'`
			`email_template_name = 'auth/2fadmin_email.txt'`
			`html_email_template_name = 'auth/2fadmin_email.html'`

			`def get(self, request, args, *kwargs):`
			`if not request.user.is_admin:`
			`raise Http404`

			`f2auth = self.request.session.get("2fauth")`
			`if not f2auth:`
			`raise Http404`

			`self.send_email(self.request.user, token=f2auth)`
			`return super().get(request, args, *kwargs)`