Revert "*: providers and sources -> channels, PolicyModel to PolicyBindingModel that uses custom M2M through"
This reverts commit 7ed3ceb960.
This commit is contained in:
Jens Langhammer
@ -8,14 +8,14 @@ from django.utils.timezone import now
|
||||
from django.utils.translation import gettext as _
|
||||
from structlog import get_logger
|
||||
|
||||
from passbook.core.models import Token, User
|
||||
from passbook.core.models import Nonce, User
|
||||
from passbook.lib.config import CONFIG
|
||||
|
||||
LOGGER = get_logger()
|
||||
|
||||
|
||||
class Command(BaseCommand):
|
||||
"""Create Token used to recover access"""
|
||||
"""Create Nonce used to recover access"""
|
||||
|
||||
help = _("Create a Key which can be used to restore access to passbook.")
|
||||
|
||||
@ -30,22 +30,22 @@ class Command(BaseCommand):
|
||||
"user", action="store", help="Which user the Token gives access to."
|
||||
)
|
||||
|
||||
def get_url(self, token: Token) -> str:
|
||||
def get_url(self, nonce: Nonce) -> str:
|
||||
"""Get full recovery link"""
|
||||
path = reverse("passbook_recovery:use-token", kwargs={"uuid": str(token.uuid)})
|
||||
path = reverse("passbook_recovery:use-nonce", kwargs={"uuid": str(nonce.uuid)})
|
||||
return f"https://{CONFIG.y('domain')}{path}"
|
||||
|
||||
def handle(self, *args, **options):
|
||||
"""Create Token used to recover access"""
|
||||
"""Create Nonce used to recover access"""
|
||||
duration = int(options.get("duration", 1))
|
||||
delta = timedelta(days=duration * 365.2425)
|
||||
_now = now()
|
||||
expiry = _now + delta
|
||||
user = User.objects.get(username=options.get("user"))
|
||||
token = Token.objects.create(
|
||||
nonce = Nonce.objects.create(
|
||||
expires=expiry,
|
||||
user=user,
|
||||
description=f"Recovery Token generated by {getuser()} on {_now}",
|
||||
description=f"Recovery Nonce generated by {getuser()} on {_now}",
|
||||
)
|
||||
self.stdout.write(
|
||||
(
|
||||
@ -53,4 +53,4 @@ class Command(BaseCommand):
|
||||
f" anyone to access passbook as {user}."
|
||||
)
|
||||
)
|
||||
self.stdout.write(self.get_url(token))
|
||||
self.stdout.write(self.get_url(nonce))
|
||||
|
||||
@ -5,7 +5,7 @@ from django.core.management import call_command
|
||||
from django.shortcuts import reverse
|
||||
from django.test import TestCase
|
||||
|
||||
from passbook.core.models import Token, User
|
||||
from passbook.core.models import Nonce, User
|
||||
from passbook.lib.config import CONFIG
|
||||
|
||||
|
||||
@ -19,17 +19,17 @@ class TestRecovery(TestCase):
|
||||
"""Test creation of a new key"""
|
||||
CONFIG.update_from_dict({"domain": "testserver"})
|
||||
out = StringIO()
|
||||
self.assertEqual(len(Token.objects.all()), 0)
|
||||
self.assertEqual(len(Nonce.objects.all()), 0)
|
||||
call_command("create_recovery_key", "1", self.user.username, stdout=out)
|
||||
self.assertIn("https://testserver/recovery/use-token/", out.getvalue())
|
||||
self.assertEqual(len(Token.objects.all()), 1)
|
||||
self.assertIn("https://testserver/recovery/use-nonce/", out.getvalue())
|
||||
self.assertEqual(len(Nonce.objects.all()), 1)
|
||||
|
||||
def test_recovery_view(self):
|
||||
"""Test recovery view"""
|
||||
out = StringIO()
|
||||
call_command("create_recovery_key", "1", self.user.username, stdout=out)
|
||||
token = Token.objects.first()
|
||||
nonce = Nonce.objects.first()
|
||||
self.client.get(
|
||||
reverse("passbook_recovery:use-token", kwargs={"uuid": str(token.uuid)})
|
||||
reverse("passbook_recovery:use-nonce", kwargs={"uuid": str(nonce.uuid)})
|
||||
)
|
||||
self.assertEqual(int(self.client.session["_auth_user_id"]), token.user.pk)
|
||||
self.assertEqual(int(self.client.session["_auth_user_id"]), nonce.user.pk)
|
||||
|
||||
@ -2,8 +2,8 @@
|
||||
|
||||
from django.urls import path
|
||||
|
||||
from passbook.recovery.views import UseTokenView
|
||||
from passbook.recovery.views import UseNonceView
|
||||
|
||||
urlpatterns = [
|
||||
path("use-token/<uuid:uuid>/", UseTokenView.as_view(), name="use-token"),
|
||||
path("use-nonce/<uuid:uuid>/", UseNonceView.as_view(), name="use-nonce"),
|
||||
]
|
||||
|
||||
@ -6,19 +6,19 @@ from django.shortcuts import get_object_or_404, redirect
|
||||
from django.utils.translation import gettext as _
|
||||
from django.views import View
|
||||
|
||||
from passbook.core.models import Token
|
||||
from passbook.core.models import Nonce
|
||||
|
||||
|
||||
class UseTokenView(View):
|
||||
"""Use token to login"""
|
||||
class UseNonceView(View):
|
||||
"""Use nonce to login"""
|
||||
|
||||
def get(self, request: HttpRequest, uuid: str) -> HttpResponse:
|
||||
"""Check if token exists, log user in and delete token."""
|
||||
token: Token = get_object_or_404(Token, pk=uuid)
|
||||
if token.is_expired:
|
||||
token.delete()
|
||||
"""Check if nonce exists, log user in and delete nonce."""
|
||||
nonce: Nonce = get_object_or_404(Nonce, pk=uuid)
|
||||
if nonce.is_expired:
|
||||
nonce.delete()
|
||||
raise Http404
|
||||
login(request, token.user, backend="django.contrib.auth.backends.ModelBackend")
|
||||
token.delete()
|
||||
login(request, nonce.user, backend="django.contrib.auth.backends.ModelBackend")
|
||||
nonce.delete()
|
||||
messages.warning(request, _("Used recovery-link to authenticate."))
|
||||
return redirect("passbook_core:overview")
|
||||
|
||||
Reference in New Issue
Block a user