Skip to content

Commit

Permalink
Merge pull request #136 from fsinfuhh/staging
Browse files Browse the repository at this point in the history
Merge staging
  • Loading branch information
timonegk authored Oct 8, 2023
2 parents ede394f + d45b0bd commit 8b74c10
Show file tree
Hide file tree
Showing 7 changed files with 858 additions and 723 deletions.
24 changes: 12 additions & 12 deletions Pipfile
Original file line number Diff line number Diff line change
Expand Up @@ -4,34 +4,34 @@ verify_ssl = true
name = "pypi"

[packages]
Django = "==4.1.9" # can be upgraded once we have postgres >11 deployed
Pillow = "~=9.3"
Django = "~=4.1.12" # can be upgraded once we have postgres >11 deployed
Pillow = "~=10.0"
PyPDF2 = "~=1.27"
bleach = {extras = ["css"], version = "~=6.0"}
bleach = {extras = ["css"], version = "~=6.1"}
django-auth-ldap = "~=4.1"
django-cors-headers = "~=3.13"
django-cors-headers = "~=4.1"
django-ldapdb = "~=1.5"
django-oauth-toolkit = "~=2.2"
django-widget-tweaks = "~=1.4"
django-oauth-toolkit = "~=2.3"
django-widget-tweaks = "~=1.5"
environs = { version = "~=9.5", extras = ["django"] }
etherpad_lite = "~=0.5"
fuzzywuzzy = "~=0.18"
nameparser = "~=1.1"
networkx = "~=2.8"
networkx = "~=3.1"
oauthlib = "~=3.2"
psycopg2-binary = "~=2.9"
pygpgme = "~=0.3"
pygraphviz = "~=1.10"
python-Levenshtein = "~=0.20"
pygraphviz = "~=1.11"
python-Levenshtein = "~=0.22"
python-creole = "~=1.4"
python-ldap = "~=3.4"
python-magic = "~=0.4"
raven = "~=6.10"
requests = "~=2.28"
simple-openid-connect = { version = "~=0.3.0", extras = ["django"] }
requests = "~=2.31"
simple-openid-connect = { version = "~=0.4.0", extras = ["django"] }

[dev-packages]
responses = "~=0.22"
responses = "~=0.23"
pytest = "==7.1.3"
pytest-django = "*"
pytest-env = "*"
Expand Down
1,485 changes: 779 additions & 706 deletions Pipfile.lock

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion mafiasi/base/templates/base.html
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@
{% if REGISTER_ENABLED %}
<a class="btn btn-default navbar-btn" href="{% url 'registration_request_account' %}">{% trans "Register" %}</a>
{% endif %}
<a class="btn btn-primary navbar-btn" href="{% url 'simple_openid_connect:login' %}">{% trans "Login" %}</a>
<a class="btn btn-primary navbar-btn" href="{% url 'simple_openid_connect:login' %}?next={{ request.path }}">{% trans "Login" %}</a>
</div>
{% endif %}
</div>
Expand Down
17 changes: 17 additions & 0 deletions mafiasi/registration/templates/registration/email_exists.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{% extends "base_email.html" %}{% load i18n %}
{% block content_de %}Hallo,
du hast versucht, einen Account zu erstellen, den es schon gibt. Falls du dein Passwort vergessen hast, kannst du es hier zurücksetzen:
{{ password_reset_url|safe }}
Dein Nutzername ist {{ username }}.

Viele Grüße,
Deine Server-AG
{% endblock %}
{% block content_en %}Hello,
you tried to create an account that already exists. If you forgot your password, you can reset it here:
{{ password_reset_url|safe }}
Your username is {{ username }}.

Best regards,
Your Server-AG
{% endblock %}
1 change: 1 addition & 0 deletions mafiasi/registration/urls.py
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
path("change_email/<token>", change_email, name="registration_change_email"),
path("request_successful", request_successful, name="registration_request_successful"),
path("account", account_settings, name="registration_account"),
path("password_reset", password_reset, name="registration_password_reset"),
]

if settings.REGISTER_ENABLED:
Expand Down
47 changes: 44 additions & 3 deletions mafiasi/registration/views.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
from smtplib import SMTPRecipientsRefused
from urllib.parse import urlencode

from django.conf import settings
from django.contrib import messages
Expand Down Expand Up @@ -71,6 +72,10 @@ def request_account(request):
slug="employee", defaults={"name": "Employee"}
)

username = _get_username({"account": account, "domain": domain}, yeargroup)
if Mafiasi.objects.filter(username=username).exists():
return _send_email_exists(request, username)

return _finish_account_request(
request,
{
Expand Down Expand Up @@ -130,6 +135,10 @@ def additional_info(request):
if form.is_valid():
account = form.cleaned_data["account"]
domain = form.cleaned_data["domain"]
username = _get_username({"account": account, "domain": domain}, form.cleaned_data["yeargroup"])
if Mafiasi.objects.filter(username=username).exists():
return _send_email_exists(request, username)

return _finish_account_request(
request,
{
Expand All @@ -148,7 +157,7 @@ def request_successful(request):
return TemplateResponse(request, "registration/request_successful.html")


def _create_username(info, yeargroup):
def _get_username(info, yeargroup):
if info["domain"] != settings.PRIMARY_DOMAIN:
return "{}.{}".format(info["account"], settings.REGISTER_DOMAIN_MAPPING[info["domain"]])
elif info["account"][0].isdigit():
Expand All @@ -169,10 +178,10 @@ def create_account(request, info_token):
return TemplateResponse(request, "registration/token_invalid.html")

yeargroup = Yeargroup.objects.get(pk=info["yeargroup_pk"])
username = _create_username(info, yeargroup)
username = _get_username(info, yeargroup)

if Mafiasi.objects.filter(username=username).exists():
return redirect("simple_openid_connect.login")
return redirect(reverse("simple_openid_connect:login"))

if request.method == "POST":
form = PasswordForm(request.POST)
Expand Down Expand Up @@ -306,6 +315,21 @@ def _finish_account_request(request, info):
)


def _send_email_exists(request, username):
email = Mafiasi.objects.get(username=username).real_email
password_reset_url = request.build_absolute_uri(reverse("registration_password_reset"))
email_content = render_to_string(
"registration/email_exists.txt",
{
"username": username,
"password_reset_url": password_reset_url,
},
)
return _send_mail_or_error_page(
_("Account exists at %s" % settings.PROJECT_NAME), email_content, email, request, None
)


def _send_mail_or_error_page(subject, content, address, request, email_shown):
try:
send_mail(subject, content, None, [address])
Expand Down Expand Up @@ -335,3 +359,20 @@ def _send_mail_or_error_page(subject, content, address, request, email_shown):
"email": email_shown,
},
)


def password_reset(request):
password_reset_url = settings.PASSWORD_RESET_URL
if password_reset_url is None:
password_reset_url = (
settings.OPENID_ISSUER
+ "/login-actions/reset-credentials?"
+ urlencode(
{
"response_type": "code",
"client_id": settings.OPENID_CLIENT_ID,
"redirect_uri": request.build_absolute_uri(reverse(settings.LOGIN_URL)),
}
)
)
return redirect(password_reset_url)
5 changes: 4 additions & 1 deletion mafiasi/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,9 @@
"MAFIASI_KEYCLOAK_ACCOUNT_CONSOLE_URL", default="https://identity.mafiasi.de/realms/mafiasi/account"
)

# If this is None, it is automatically generated from OPENID_ISSUER
PASSWORD_RESET_URL = env.str("MAFIASI_PASSWORD_RESET_URL", default=None)

OPENID_SYNC_SUPERUSER = env.bool("MAFIASI_OPENID_SYNC_SUPERUSER", default=True)
if OPENID_SYNC_SUPERUSER:
OPENID_SUPERUSER_GROUP = env.str("MAFIASI_OPENID_SUPERUSER_GROUP", default="Server-AG")
Expand Down Expand Up @@ -282,7 +285,7 @@
VAULT_URL = env.str("MAFIASI_VAULT_URL", default="https://vault.mafiasi.de")
VAULT_ADMIN_TOKEN = env.str("MAFIASI_VAULT_ADMIN_TOKEN")

PROJECT_NAME = "mafiasi.de"
PROJECT_NAME = env.str("MAFIASI_PROJECT_NAME", default="mafiasi.de")
PROJECT_BANNER = "Mafiasi Hub"
BANNER_IMG = ""

Expand Down

0 comments on commit 8b74c10

Please sign in to comment.