authentik/passbook/recovery/views.py

"""recovery views"""
from django.contrib import messages
from django.contrib.auth import login
from django.http import Http404, HttpRequest, HttpResponse
from django.shortcuts import redirect
from django.utils.translation import gettext as _
from django.views import View

from passbook.core.models import Token, TokenIntents


class UseTokenView(View):
    """Use token to login"""

    def get(self, request: HttpRequest, key: str) -> HttpResponse:
        """Check if token exists, log user in and delete token."""
        tokens = Token.filter_not_expired(key=key, intent=TokenIntents.INTENT_RECOVERY)
        if not tokens.exists():
            raise Http404
        token = tokens.first()
        login(request, token.user, backend="django.contrib.auth.backends.ModelBackend")
        token.delete()
        messages.warning(request, _("Used recovery-link to authenticate."))
        return redirect("passbook_core:shell")
recovery(new): add recovery app to create recovery links 2019-10-10 12:05:16 +00:00			`"""recovery views"""`
			`from django.contrib import messages`
			`from django.contrib.auth import login`
			`from django.http import Http404, HttpRequest, HttpResponse`
core: add key field to token for easier rotation 2020-10-18 12:34:22 +00:00			`from django.shortcuts import redirect`
recovery(new): add recovery app to create recovery links 2019-10-10 12:05:16 +00:00			`from django.utils.translation import gettext as _`
			`from django.views import View`

core: add key field to token for easier rotation 2020-10-18 12:34:22 +00:00			`from passbook.core.models import Token, TokenIntents`
recovery(new): add recovery app to create recovery links 2019-10-10 12:05:16 +00:00

core: rename nonce to token 2020-05-16 14:11:53 +00:00			`class UseTokenView(View):`
			`"""Use token to login"""`
recovery(new): add recovery app to create recovery links 2019-10-10 12:05:16 +00:00
core: add key field to token for easier rotation 2020-10-18 12:34:22 +00:00			`def get(self, request: HttpRequest, key: str) -> HttpResponse:`
core: rename nonce to token 2020-05-16 14:11:53 +00:00			`"""Check if token exists, log user in and delete token."""`
core: add key field to token for easier rotation 2020-10-18 12:34:22 +00:00			`tokens = Token.filter_not_expired(key=key, intent=TokenIntents.INTENT_RECOVERY)`
			`if not tokens.exists():`
recovery(new): add recovery app to create recovery links 2019-10-10 12:05:16 +00:00			`raise Http404`
core: add key field to token for easier rotation 2020-10-18 12:34:22 +00:00			`token = tokens.first()`
core: rename nonce to token 2020-05-16 14:11:53 +00:00			`login(request, token.user, backend="django.contrib.auth.backends.ModelBackend")`
			`token.delete()`
recovery(new): add recovery app to create recovery links 2019-10-10 12:05:16 +00:00			`messages.warning(request, _("Used recovery-link to authenticate."))`
*: fix remaining redirects to overview 2020-11-22 22:44:21 +00:00			`return redirect("passbook_core:shell")`