jfinn
/
edan_f0
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
5370 Commits
1 Branch
Tree: a4a211bd2c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a4a211bd2c'
${ noResults }
edan_f0/oscar/apps/customer/auth_backends.py

auth_backends.py 2.2KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556 
  1. from django.contrib.auth.backends import ModelBackend

  2. from django.core.exceptions import ImproperlyConfigured

  3. from oscar.apps.customer.utils import normalise_email

  4. 

  5. from oscar.core.compat import get_user_model

  6. 

  7. User = get_user_model()

  8. 

  9. if hasattr(User, 'REQUIRED_FIELDS'):

  10.     if not (User.USERNAME_FIELD == 'email' or 'email' in User.REQUIRED_FIELDS):

  11.         raise ImproperlyConfigured(

  12.             "EmailBackend: Your User model must have an email"

  13.             " field with blank=False")

  14. 

  15. 

  16. class EmailBackend(ModelBackend):

  17.     """

  18.     Custom auth backend that uses an email address and password

  19. 

  20.     For this to work, the User model must have an 'email' field

  21.     """

  22. 

  23.     def authenticate(self, email=None, password=None, *args, **kwargs):

  24.         if email is None:

  25.             if 'username' not in kwargs or kwargs['username'] is None:

  26.                 return None

  27.             clean_email = normalise_email(kwargs['username'])

  28.         else:

  29.             clean_email = normalise_email(email)

  30. 

  31.         # Check if we're dealing with an email address

  32.         if '@' not in clean_email:

  33.             return None

  34. 

  35.         # Since Django doesn't enforce emails to be unique, we look for all

  36.         # matching users and try to authenticate them all. Note that we

  37.         # intentionally allow multiple users with the same email address

  38.         # (has been a requirement in larger system deployments),

  39.         # we just enforce that they don't share the same password.

  40.         matching_users = User.objects.filter(email=clean_email)

  41.         authenticated_users = [

  42.             user for user in matching_users if user.check_password(password)]

  43.         if len(authenticated_users) == 1:

  44.             # Happy path

  45.             return authenticated_users[0]

  46.         elif len(authenticated_users) > 1:

  47.             # This is the problem scenario where we have multiple users with

  48.             # the same email address AND password. We can't safely authenticate

  49.             # either.

  50.             raise User.MultipleObjectsReturned(

  51.                 "There are multiple users with the given email address and "

  52.                 "password")

  53.         return None

  54. 

  55. # Deprecated in Oscar 0.8: Spelling

  56. Emailbackend = EmailBackend