view for doble factore sending email

This commit is contained in:
Cayo Puigdefabregas 2024-01-19 20:37:17 +01:00
parent b9d596301d
commit 596b8eecd7
4 changed files with 54 additions and 28 deletions

View File

@ -9,7 +9,7 @@ from django_tables2 import SingleTableView
from django.conf import settings
from django.utils.translation import gettext_lazy as _
from django.views.generic.base import TemplateView
from django.views.generic.base import TemplateView, View
from django.views.generic.edit import (
CreateView,
DeleteView,
@ -48,23 +48,19 @@ from idhub.models import (
)
class DobleFactorAuthView(AdminView):
class DobleFactorAuthView(AdminView, View):
url = reverse_lazy('idhub:admin_dashboard')
def get(self, request, *args, **kwargs):
import pdb; pdb.set_trace()
if not self.request.session.get("2fauth"):
return redirect(self.url)
if self.request.session.get("2fauth") == '0c9116a7-c6e5-41d7-bbf0-e8492cdfca23'
if not request.user.is_admin:
return redirect(url)
if self.request.session.get("2fauth") == str(kwargs.get("admin2fauth")):
self.request.session.pop("2fauth", None)
return redirect(self.url)
if self.request.session.get("2fauth"):
return redirect(reverse_lazy("idhub:login"))
return super().get(request, *args, **kwargs)
class DashboardView(AdminView, SingleTableView):
template_name = "idhub/admin/dashboard.html"

View File

@ -13,7 +13,11 @@ logger = logging.getLogger(__name__)
class NotifyActivateUserByEmail:
def get_email_context(self, user):
subject_template_name = 'idhub/admin/registration/activate_user_subject.txt'
email_template_name = 'idhub/admin/registration/activate_user_email.txt'
html_email_template_name = 'idhub/admin/registration/activate_user_email.html'
def get_email_context(self, user, token):
"""
Define a new context with a token for put in a email
when send a email for add a new password
@ -22,35 +26,35 @@ class NotifyActivateUserByEmail:
current_site = get_current_site(self.request)
site_name = current_site.name
domain = current_site.domain
if not token:
token = default_token_generator.make_token(user)
context = {
'email': user.email,
'domain': domain,
'site_name': site_name,
'uid': urlsafe_base64_encode(force_bytes(user.pk)),
'user': user,
'token': default_token_generator.make_token(user),
'token': token,
'protocol': protocol,
}
return context
def send_email(self, user):
def send_email(self, user, token=None):
"""
Send a email when a user is activated.
"""
context = self.get_email_context(user)
subject_template_name = 'idhub/admin/registration/activate_user_subject.txt'
email_template_name = 'idhub/admin/registration/activate_user_email.txt'
html_email_template_name = 'idhub/admin/registration/activate_user_email.html'
subject = loader.render_to_string(subject_template_name, context)
context = self.get_email_context(user, token)
subject = loader.render_to_string(self.subject_template_name, context)
# Email subject *must not* contain newlines
subject = ''.join(subject.splitlines())
body = loader.render_to_string(email_template_name, context)
body = loader.render_to_string(self.email_template_name, context)
from_email = settings.DEFAULT_FROM_EMAIL
to_email = user.email
email_message = EmailMultiAlternatives(
subject, body, from_email, [to_email])
html_email = loader.render_to_string(html_email_template_name, context)
html_email = loader.render_to_string(self.html_email_template_name, context)
email_message.attach_alternative(html_email, 'text/html')
try:
if settings.DEVELOPMENT:

View File

@ -17,7 +17,7 @@ Including another URLconf
from django.contrib.auth import views as auth_views
from django.views.generic import RedirectView
from django.urls import path, reverse_lazy
from .views import LoginView, PasswordResetConfirmView, serve_did
from .views import LoginView, PasswordResetConfirmView, serve_did, DobleFactorSendView
from .admin import views as views_admin
from .user import views as views_user
# from .verification_portal import views as views_verification_portal
@ -175,8 +175,9 @@ urlpatterns = [
name='admin_import'),
path('admin/import/new', views_admin.ImportAddView.as_view(),
name='admin_import_add'),
path('admin/auth/<uuid:2fauth>', views_admin.DobleFactorAuthView.as_view(),
path('admin/auth/<uuid:admin2fauth>', views_admin.DobleFactorAuthView.as_view(),
name='admin_2fauth'),
path('admin/auth/2f/', DobleFactorSendView.as_view(), name='confirm_send_2f'),
path('did-registry/<str:did_id>/did.json', serve_did)

View File

@ -1,14 +1,18 @@
import uuid
from django.shortcuts import get_object_or_404
from django.urls import reverse_lazy
from django.conf import settings
from django.core.cache import cache
from django.utils.translation import gettext_lazy as _
from django.urls import reverse_lazy
from django.views.generic.base import TemplateView
from django.contrib.auth import views as auth_views
from django.contrib.auth import login as auth_login
from django.http import HttpResponseRedirect, HttpResponse
from django.utils.translation import gettext_lazy as _
from django.shortcuts import get_object_or_404, redirect
from django.contrib.auth.mixins import LoginRequiredMixin
from django.http import HttpResponseRedirect, HttpResponse, Http404
from idhub.models import DID
from idhub.email.views import NotifyActivateUserByEmail
from trustchain_idhub import settings
@ -42,8 +46,9 @@ class LoginView(auth_views.LoginView):
# )
# cache.set("KEY_DIDS", encryption_key, None)
cache.set("KEY_DIDS", sensitive_data_encryption_key, None)
# self.request.session["2fauth"] = uuid.uuid4()
self.request.session["2fauth"] = '0c9116a7-c6e5-41d7-bbf0-e8492cdfca23'
if not settings.DEVELOPMENT:
self.request.session["2fauth"] = str(uuid.uuid4())
return redirect(reverse_lazy('idhub:confirm_send_2f'))
self.request.session["key_did"] = user.encrypt_data(
sensitive_data_encryption_key,
@ -72,3 +77,23 @@ def serve_did(request, did_id):
retval = HttpResponse(document)
retval.headers["Content-Type"] = "application/json"
return retval
class DobleFactorSendView(LoginRequiredMixin, NotifyActivateUserByEmail, TemplateView):
template_name = 'auth/2fadmin.html'
subject_template_name = 'auth/2fadmin_email_subject.txt'
email_template_name = 'auth/2fadmin_email.txt'
html_email_template_name = 'auth/2fadmin_email.html'
def get(self, request, *args, **kwargs):
if not request.user.is_admin:
raise Http404
f2auth = self.request.session.get("2fauth")
if not f2auth:
raise Http404
self.send_email(self.request.user, token=f2auth)
return super().get(request, *args, **kwargs)