jfinn
/
edan_f0
Volgen 1
Ster 0
Vork 0
Code Kwesties 0 Pull-aanvragen 0 Publicaties 0 Wiki Activiteit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3647 Commits
1 Branch
Tree: e462f04fd2
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van 'e462f04fd2'
${ noResults }
edan_f0/oscar/apps/customer/auth_backends.py

auth_backends.py 2.2KB
Geschiedenis Ruw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 
  1. from django.contrib.auth.backends import ModelBackend

  2. from django.core.mail import mail_admins

  3. from django.core.exceptions import ImproperlyConfigured

  4. from oscar.apps.customer.utils import normalise_email

  5. 

  6. from oscar.core.compat import get_user_model

  7. 

  8. User = get_user_model()

  9. 

  10. if hasattr(User, 'REQUIRED_FIELDS'):

  11.     if not (User.USERNAME_FIELD == 'email' or 'email' in User.REQUIRED_FIELDS):

  12.         raise ImproperlyConfigured(

  13.             "Emailbackend: Your User model must have an email"

  14.             " field with blank=False")

  15. 

  16. 

  17. class Emailbackend(ModelBackend):

  18.     """

  19.     Custom auth backend that users an email address

  20. 

  21.     For this to work, the User model must have an 'email' field

  22.     """

  23. 

  24.     def authenticate(self, email=None, password=None, *args, **kwargs):

  25.         if email is None:

  26.             if not 'username' in kwargs or kwargs['username'] is None:

  27.                 return None

  28.             clean_email = normalise_email(kwargs['username'])

  29. 

  30.         # Check if we're dealing with an email address

  31.         if '@' not in clean_email:

  32.             return None

  33. 

  34.         # Since Django doesn't enforce emails to be unique, we look for all

  35.         # matching users and try to authenticate them all.  If we get more than

  36.         # one success, then we mail admins as this is a problem.

  37.         authenticated_users = []

  38.         for user in User.objects.filter(email=clean_email):

  39.             if user.check_password(password):

  40.                 authenticated_users.append(user)

  41.         if len(authenticated_users) == 1:

  42.             # Happy path

  43.             return authenticated_users[0]

  44.         elif len(authenticated_users) > 1:

  45.             # This is the problem scenario where we have multiple users with

  46.             # the same email address AND password.  We can't safely authentiate

  47.             # either.  This situation requires intervention by an admin and so

  48.             # we mail them to let them know!

  49.             mail_admins(

  50.                 "There are multiple users with email address: %s" % clean_email,

  51.                 ("There are %s users with email %s and the same password "

  52.                  "which means none of them are able to authenticate") % (len(authenticated_users),

  53.                                                 clean_email))

  54.         return None