1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
|
import json
from django import forms
from django.conf import settings
from django.http import HttpResponseRedirect
from django.shortcuts import render
from django.core.exceptions import ValidationError
from django.contrib.auth.models import User
from django.contrib.auth.forms import PasswordResetForm
from troggle.core.models.troggle import DataIssue, Person
from troggle.parsers.users import register_user, get_encryptor, ENCRYPTED_DIR, USERS_FILE
from troggle.parsers.people import troggle_slugify
from troggle.core.utils import (
add_commit,
)
"""
This is the new individual user login registration, instead of everyone signing
in as "expo". This will be useful for the kanban expo organisation tool.
"""
todo = """
- Make all this work with New people who have never been on expo before
- login automatically, and redirect to control panel ?
"""
class ExpoPasswordResetForm(PasswordResetForm):
"""Because we are using the Django-standard django.contrib.auth mechanisms, the way Django wants us to
modify them is to subclass their stuff and insert our extras in teh subclasses. This is completely
unlike how the rest of troggle works because we avoid Class-based views.
We avoid them because they are very hard to debug for newcomer programmers who don't know Django:
the logic is spread out up a tree of preceding ancestor classes.
This is where we would override the template so make the form look visually like the rest of troggle
"""
def clean_email(self):
email = self.cleaned_data.get('email')
# Add custom validation logic etc.
print(f" * ExpoPasswordResetForm PASSWORD reset email posted '{email=}'")
# method_list = [attribute for attribute in dir(PasswordResetForm) if callable(getattr(PasswordResetForm, attribute)) and attribute.startswith('__') is False]
# print(method_list)
return email
def reset_done(request):
"""This page is called when a password reset has successively occured
Unfortunately by this point, we do not know the name of the user who initiated the
password reset, so when we do the git commit of the encrypted users file
we do not have a name to put to the responsible person. To do that,
we would have to intercept at the previous step, the url:
"reset/<uidb64>/<token>/",
views.PasswordResetConfirmView.as_view(),
and this class-based view is a lot more complicated to replace or sub-class.
Currently we are doing the git commit anonymously.. though I guess we could attempt to
read the cookie... if it is set.
"""
current_user = request.user
save_users(request, current_user)
if current_user.is_anonymous:
# What we expect, for a completely new user
return HttpResponseRedirect("/accounts/login/?next=/handbook/troggle/training/trogbegin.html")
else:
# This would be for someone already looged in "expo" for example
return HttpResponseRedirect("/handbook/troggle/training/trogbegin.html")
def newregister(request, username=None):
"""To register a COMPLETELY new user on the troggle system,
WITHOUT any previous expo attendance.
"""
current_user = request.user # if not logged in, this is 'AnonymousUser'
warning = ""
if request.method == "POST":
form = newregister_form(request.POST)
if form.is_valid():
fullname = form.cleaned_data["fullname"]
email = form.cleaned_data["email"]
nameslug = troggle_slugify(fullname)
print(f"NEW user slug {nameslug}")
expoers = User.objects.filter(username=nameslug)
if len(expoers) != 0:
# Disallow a name which already exists, use the other form.
return HttpResponseRedirect(f"/accounts/register/{nameslug}")
# create User in the system and refresh stored encrypted user list and git commit it:
updated_user = register_user(nameslug, email, password=None, pwhash=None, fullname=fullname)
save_users(request, updated_user, email)
return HttpResponseRedirect("/accounts/password_reset/")
else: # GET
form = newregister_form(initial={"visible": "True"})
return render(request, "login/register.html", {"form": form, "warning": warning, "newuser": True})
def register(request, username=None):
"""To register a new user on the troggle system, similar to the "expo" user
(with cavey:beery password) but specific to an individual
"""
current_user = request.user # if not logged in, this is 'AnonymousUser'
warning = ""
if request.method == "POST":
form = register_form(request.POST)
if form.is_valid():
un = form.cleaned_data["username"]
pw= form.cleaned_data["password1"]
email = form.cleaned_data["email"]
expoers = User.objects.filter(username=un)
if len(expoers) != 0:
# this is a password re-set, not a new registration. So we need to check it is the same person.
form_user = expoers[0]
if current_user != form_user:
print(f"## UNAUTHORIZED Password reset ## {current_user} {form_user}")
# return render(request, "login/register.html", {"form": form, "unauthorized": True})
# create User in the system and refresh stored encrypted user list and git commit it:
updated_user = register_user(un, email, password=pw, pwhash=None)
save_users(request, updated_user, email)
# to do, login automatically, and redirect to control panel ?
return HttpResponseRedirect("/accounts/login/")
else: # GET
if username: # if provided in URL
if not current_user.is_anonymous:
warning = f"WARNING - you are logged-in as someone else '{current_user}'. You must logout and login again as '{username}' "
print(f"REGISTER: {warning}")
form = register_form(initial={"visible": "True", "username": username} )
elif current_user:
form = register_form(initial={"visible": "True", "username": current_user.username})
else:
form = register_form(initial={"visible": "True"})
return render(request, "login/register.html", {"form": form, "warning": warning})
def save_users(request, updated_user, email="troggle@exposerver.expo"):
f = get_encryptor()
ru = []
print(f"\n + Saving users, encrypted emails, and password hashes")
for u in User.objects.all():
if u.username in ["expo", "expoadmin"]:
continue
e_email = f.encrypt(u.email.encode("utf8")).decode()
ru.append({"username":u.username, "email": e_email, "pwhash": u.password, "encrypted": True})
# print(u.username, e_email)
original = f.decrypt(e_email).decode()
print(f" - {u.username} - {original}")
if updated_user.is_anonymous:
git_string = f"troggle <troggle@exposerver.expo>"
else:
git_string = f"{updated_user.username} <{email}>"
encryptedfile = settings.EXPOWEB / ENCRYPTED_DIR / USERS_FILE
try:
print(f"- Rewriting the entire encrypted set of registered users to disc ")
write_users(ru, encryptedfile, git_string)
except:
message = f'! - Users encrypted data saving failed - \n!! Permissions failure ?! on attempting to save file "{encryptedfile}"'
print(message)
raise
return render(request, "errors/generic.html", {"message": message})
def write_users(registered_users, encryptedfile, git_string):
jsondict = { "registered_users": registered_users }
try:
with open(encryptedfile, 'w', encoding='utf-8') as json_f:
json.dump(jsondict, json_f, indent=1)
except Exception as e:
print(f" ! Exception dumping json <{e}>")
raise
commit_msg = f"Online (re-)registration of a troggle User"
try:
add_commit(encryptedfile, commit_msg, git_string)
except Exception as e:
print(f" ! Exception doing git add/commit <{e}>")
raise
return True
class newregister_form(forms.Form): # not a model-form, just a form-form
fullname = forms.CharField(strip=True, required=True,
label="Forename Surname",
widget=forms.TextInput(
attrs={"size": 35, "placeholder": "e.g. Anathema Device",
"style": "vertical-align: text-top;"}
))
email = forms.CharField(strip=True, required=True,
label="email",
widget=forms.TextInput(
attrs={"size": 35, "placeholder": "e.g. anathema@tackle_store.expo",
"style": "vertical-align: text-top;"}
))
def clean(self):
cleaned_data = super().clean()
un = cleaned_data.get("fullname")
# expoers = Person.objects.filter(slug=un)
# if len(expoers) == 0:
# raise ValidationError(
# "Sorry, we are not registering new people yet. Try again next week. We are still getting the bugs out of this.."
# )
# if len(expoers) != 1:
# raise ValidationError(
# "Sorry, that troggle identifier has duplicates. Contact a nerd on the Nerd email list, or (better) the Matrix website chat."
# )
class register_form(forms.Form): # not a model-form, just a form-form
username = forms.CharField(strip=True, required=True,
label="Username",
widget=forms.TextInput(
attrs={"size": 35, "placeholder": "e.g. anathema-device",
"style": "vertical-align: text-top;"}
))
email = forms.CharField(strip=True, required=True,
label="email",
widget=forms.TextInput(
attrs={"size": 35, "placeholder": "e.g. anathema@potatohut.expo",
"style": "vertical-align: text-top;"}
))
password1 = forms.CharField(strip=True, required=True,
label="Troggle password",
widget=forms.TextInput(
attrs={"size": 30, "placeholder": "your new login password",
"style": "vertical-align: text-top;"}
))
password2 = forms.CharField(strip=True, required=True,
label="Re-type your troggle password",
widget=forms.TextInput(
attrs={"size": 30, "placeholder": "same as the password above",
"style": "vertical-align: text-top;"}
) )
def clean(self):
cleaned_data = super().clean()
pw1 = cleaned_data.get("password1")
pw2 = cleaned_data.get("password2")
if pw1 != pw2:
raise ValidationError(
"Retyped password does not match initial password: please fix this."
)
un = cleaned_data.get("username")
if un in ["expo", "expoadmin"]:
raise ValidationError(
"Sorry, please do not try to be clever. This username is hard-coded and you can't edit it here. We were students once, too."
)
expoers = Person.objects.filter(slug=un)
if len(expoers) == 0:
raise ValidationError(
"Sorry, this is the form for people who have already been to expo. Use the New User registration form (link above)."
)
if len(expoers) != 1:
raise ValidationError(
"Sorry, that troggle identifier has duplicates. Contact a nerd on the Nerd email list, or (better) the Matrix website chat."
)
|
