我们从Python开源项目中,提取了以下14个代码示例,用于说明如何使用django.core.signing.SignatureExpired()。
def change_email(request, token): try: data = signing.loads(token, max_age=TOKEN_MAX_AGE) except signing.SignatureExpired: return TemplateResponse(request, 'registration/token_expired.html') except signing.BadSignature: return TemplateResponse(request, 'registration/token_invalid.html') if request.user.username != data.get('username'): return TemplateResponse(request, 'registration/token_invalid.html') email = data.get('email') try: validate_email(email) except ValidationError: return TemplateResponse(request, 'registration/token_invalid.html') request.user.email = email request.user.save() messages.success(request, _('Your email address has been changed.')) return redirect('registration_account')
def clean(self): cleaned_data = super(ConfirmEmailForm, self).clean() if self.errors: return cleaned_data user_id = cleaned_data['user'] code = cleaned_data['code'] for_subscription = cleaned_data['subscribe'] user = User.objects.filter(id=user_id).first() if not user: raise forms.ValidationError('Invalid Link') self.cleaned_data['user'] = user try: user_service.validate_key(key=code, user=user, for_subscription=for_subscription) except BadSignature: raise forms.ValidationError('Invalid Link') except SignatureExpired: raise forms.ValidationError('Link expired, please regenerate') return cleaned_data
def do_password_reset(request, token=None): try: email, timestamp = _password_reset_token_factory.parse_token(token) except (signing.BadSignature, signing.SignatureExpired): return render(request, 'users/password_reset/reset_token_invalid.html', {}) try: user = get_user(email) except User.DoesNotExist: raise Http404() profile = user.profile timestamp = datetime.utcfromtimestamp(timestamp).replace(tzinfo=timezone.utc) if profile.last_password_change and profile.last_password_change > timestamp: return render(request, 'users/password_reset/token_already_used.html', {}) form = SetPasswordForm(user, request.POST or None) if form.is_valid(): form.save() profile.last_password_change = timezone.now() profile.save() return render(request, 'users/password_reset/reset_complete.html', {}) return render(request, 'users/password_reset/reset_form.html', { 'user': user, 'form': form, })
def validate_key(self, activation_key): try: username = signing.loads( activation_key, salt=settings.REGISTRATION_SALT, max_age=settings.ACCOUNT_ACTIVATION_DAYS * 86400 ) return username # SignatureExpired is a subclass of BadSignature, so this will # catch either one. except signing.SignatureExpired: self.template_name = "accounts/activation_error.html" self.error_reason = "Your code has expired" return None except signing.BadSignature: self.template_name = "accounts/activation_error.html" self.error_reason = "Bad activation key" return None
def activate(request, token=None): try: data = _registration_token_factory.parse_token(token) except (signing.BadSignature, signing.SignatureExpired): return render(request, 'users/registration/registration_token_invalid.html', {}) try: existing_user = get_user(data['email']) return render(request, 'users/registration/already_activated.html', { 'existing_user': existing_user, }) except User.DoesNotExist: pass form = ActivationForm(request.POST or None) if form.is_valid(): user = create_user(data['email'], first_name=data['first_name'], last_name=data['last_name']) user.set_password(form.cleaned_data['password']) user.save() # the userprofile is auto-created, we only have to update some fields. profile = user.profile profile.gender = data['gender'] profile.forward_messages_after_minutes = 5 profile.save() return render(request, 'users/registration/activation_complete.html', { 'activated_user': user, }) return render(request, 'users/registration/activation_form.html', { 'form': form, 'data': data, })
def from_key(cls, key): try: max_age = ( 60 * 60 * 24 * app_settings.EMAIL_CONFIRMATION_EXPIRE_DAYS) pk = signing.loads( key, max_age=max_age, salt=app_settings.SALT) ret = EmailConfirmationHMAC(EmailAddress.objects.get(pk=pk)) except (signing.SignatureExpired, signing.BadSignature, EmailAddress.DoesNotExist): ret = None return ret
def validate_sign(self, value): try: self.signed_data = signing.loads(value, max_age=PASSWORD_RESET_SIGNING_EXPIRATION) except signing.SignatureExpired: raise serializers.ValidationError('Signature expired.') except signing.BadSignature: raise serializers.ValidationError('Bad signature.') try: self.user = User.objects.get(pk=self.signed_data.get('user_id', None)) except User.DoesNotExist: raise serializers.ValidationError('User does not exist.') return value
def validate(self, key, life=None): """Validate key value.""" if not life and settings.LIFETIME: life = settings.LIFETIME try: clear = self.signer.unsign(key, max_age=life) except SignatureExpired as e: raise KeyValidityExpired("{}".format(e)) if self.clear == clear: return True else: raise KeyValueMismatchError(keyval=clear, refval=self.clear)
def check_token(user_id, token): try: key = '%s:%s' % (user_id, token) TimestampSigner().unsign(key, max_age=60 * 60 * 48) # Valid for 2 days except (BadSignature, SignatureExpired): return False return True
def validate_key(key, user): signer = TimestampSigner(settings.SECRET_KEY) try: value = signer.unsign(key, max_age=settings.EMAIL_LINK_EXPIRY_DAYS) return str(user.id) == value except (BadSignature, SignatureExpired): return False
def email_confirm(request, template_name='registration/confirmed.html'): user = request.user email_confirm_value = request.GET.get('email_confirm_value', '-') email_confirm_value = user.email + ":" + email_confirm_value.replace(".", ":") success_url = request.GET.get('success_url', None) signer = TimestampSigner(salt=settings.EMAIL_CONFIRM_SALT) try: signer.unsign(email_confirm_value, max_age=timedelta(seconds=300)) registration, created = Registration.objects.get_or_create(user_id=user.id) # If this is a new registration make sure we at least save the email/username. if created: registration.email = user.username registration.email_confirmed = True registration.save() # Set a message. messages.success(request, 'Email has been confirmed.', extra_tags='success', fail_silently=True) except SignatureExpired: messages.error(request, 'This email confirmation code has expired, please try again.', extra_tags='danger', fail_silently=True) except BadSignature: messages.error(request, 'This email confirmation code is invalid, please try again.', extra_tags='danger', fail_silently=True) # Continue on to the next page, if passed. Otherwise render a default page. if success_url: return redirect(success_url) else: return render(request, template_name)
def create_account(request, info_token): if request.user.is_authenticated(): return redirect('home') try: info = signing.loads(info_token, max_age=TOKEN_MAX_AGE) except signing.SignatureExpired: return TemplateResponse(request, 'registration/token_expired.html') except signing.BadSignature: return TemplateResponse(request, 'registration/token_invalid.html') username = info['username'] if BitpollUser.objects.filter(username=username).exists(): messages.warning(request,_("This User already exists")) return redirect('login') if request.method == 'POST': form = PasswordForm(request.POST) if form.is_valid(): first_name = info.get('first_name') last_name = info.get('last_name') if not (first_name and last_name): return TemplateResponse(request, 'registration/token_invalid.html') email = info['email'] user = BitpollUser(username=username, email=email, first_name=first_name, last_name=last_name, email_invitation=info['email_invitation'], #TODO: weitere felder?? ) user.set_password(form.cleaned_data['password1']) user.save() user.backend='django.contrib.auth.backends.ModelBackend' login(request, user) return redirect('home') else: form = PasswordForm() return TemplateResponse(request, 'registration/create_account.html', { 'form': form, 'username': username })
def setup_totp(request): if twofa.models.TOTPDevice.objects.active_for_user(request.user).exists(): messages.error(request, _('You may not have multiple Google Authenticators attached to your account.')) return redirect('twofa:list') setup_signer = TimestampSigner('twofa.views.setup_totp:{}'.format(request.user.pk)) if request.method == 'POST' and 'secret' in request.POST: try: b32_secret = setup_signer.unsign(request.POST['secret'], max_age=600) except SignatureExpired: messages.error(request, _('That took too long and your challenge expired. Here\'s a new one.')) return redirect('twofa:setup-totp') except BadSignature: messages.error(request, _('Whoops - something went wrong. Please try again.')) return redirect('twofa:setup-totp') else: b32_secret = base64.b32encode(secrets.token_bytes(10)) signed_secret = setup_signer.sign(b32_secret) url = 'otpauth://totp/Sponge:{}?{}'.format( urlquote(request.user.username), urlencode({ 'secret': b32_secret, 'issuer': 'Sponge'})) img = qrcode.make(url, image_factory=qrcode.image.svg.SvgPathFillImage) img_buf = io.BytesIO() img.save(img_buf) device = twofa.models.TOTPDevice(base32_secret=b32_secret, owner=request.user) device.activated_at = timezone.now() # this won't be saved unless the form is valid form = device.verify_form(secret=signed_secret) if request.method == 'POST': form = device.verify_form(request.POST, secret=signed_secret) if form.is_valid(): # relying on verify_form to save the new device request.user.twofa_enabled = True request.user.save() messages.success(request, _('Your authenticator has been added to your account.')) return _generate_paper_codes_if_needed(request.user, reverse('twofa:list')) return render(request, 'twofa/setup/totp.html', { 'form': form, 'qr_code_svg': img_buf.getvalue(), 'b32_secret': b32_secret})
def decode(code, *, max_age): """ Decodes the code from the registration link and returns a tuple consisting of the verified email address and the associated user instance or ``None`` if no user was passed to ``send_registration_mail`` Pass the maximum age in seconds of the link as ``max_age``. This method raises ``ValidationError`` exceptions containing an translated message what went wrong suitable for presenting directly to the user. """ try: data = get_signer().unsign(code, max_age=max_age) except signing.SignatureExpired: raise ValidationError(_( 'The link is expired. Please request another registration link.' ), code='email_registration_expired') except signing.BadSignature: raise ValidationError(_( 'Unable to verify the signature. Please request a new' ' registration link.' ), code='email_registration_signature') parts = data.split(':') if len(parts) != 3: raise ValidationError(_( 'Something went wrong while decoding the' ' registration request. Please try again.' ), code='email_registration_broken') email, uid, timestamp = parts if uid and timestamp: try: user = User.objects.get(pk=uid) except (User.DoesNotExist, TypeError, ValueError): raise ValidationError(_( 'Something went wrong while decoding the' ' registration request. Please try again.' ), code='email_registration_invalid_uid') if timestamp != int_to_base36(get_last_login_timestamp(user)): raise ValidationError(_( 'The link has already been used.' ), code='email_registration_used') else: user = None return email, user
