jfinn
/
edan_f0
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3535 Commits
1 Branch
Tree: d4e51bb6f9
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd4e51bb6f9'
${ noResults }
edan_f0/oscar/apps/customer/auth_backends.py

auth_backends.py 2.3KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758 
  1. from django.contrib.auth.backends import ModelBackend

  2. from django.core.mail import mail_admins

  3. from django.core.exceptions import ImproperlyConfigured

  4. 

  5. from oscar.core.compat import get_user_model

  6. 

  7. User = get_user_model()

  8. 

  9. if hasattr(User, 'REQUIRED_FIELDS'):

  10.     if not (User.USERNAME_FIELD == 'email' or 'email' in User.REQUIRED_FIELDS):

  11.         raise ImproperlyConfigured(

  12.             "Emailbackend: Your User model must have an email"

  13.             " field with blank=False")

  14. 

  15. 

  16. class Emailbackend(ModelBackend):

  17.     """

  18.     Custom auth backend that users an email address

  19. 

  20.     For this to work, the User model must have an 'email' field

  21.     """

  22. 

  23.     def authenticate(self, email=None, password=None, *args, **kwargs):

  24.         if email is None:

  25.             if not 'username' in kwargs or kwargs['username'] is None:

  26.                 return None

  27.             email = kwargs['username']

  28. 

  29.         # Check if we're dealing with an email address

  30.         if '@' not in email:

  31.             return None

  32. 

  33.         # We lowercase the host part as this is what Django does when saving a

  34.         # user

  35.         local, host = email.split('@')

  36.         clean_email = local + '@' + host.lower()

  37. 

  38.         # Since Django doesn't enforce emails to be unique, we look for all

  39.         # matching users and try to authenticate them all.  If we get more than

  40.         # one success, then we mail admins as this is a problem.

  41.         authenticated_users = []

  42.         for user in User.objects.filter(email=clean_email):

  43.             if user.check_password(password):

  44.                 authenticated_users.append(user)

  45.         if len(authenticated_users) == 1:

  46.             # Happy path

  47.             return authenticated_users[0]

  48.         elif len(authenticated_users) > 1:

  49.             # This is the problem scenario where we have multiple users with

  50.             # the same email address AND password.  We can't safely authentiate

  51.             # either.  This situation requires intervention by an admin and so

  52.             # we mail them to let them know!

  53.             mail_admins(

  54.                 "There are multiple users with email address: %s" % clean_email,

  55.                 ("There are %s users with email %s and the same password "

  56.                  "which means none of them are able to authenticate") % (len(authenticated_users),

  57.                                                 clean_email))

  58.         return None