B f@@sddlZddlZddlZddlZddlZddlmZddlmZddl Tddl m Z ddl m Z ddlmZGdd d ejje ZdS) N)abort)rollback_all_ds)*)normalize_email_address) ResponseMixin)urlparsec@sxeZdZdZejjddZddZejjddZ ejjdd Z ejjd d Z ejjd d Z ejjddZ dS) SigninViewz /auth/signincCstjj}|dS)Nz signin.html)gglobal_settingsZservicedesk_allow_auth_guestsZrender)selfZshow_register_buttonr %./modules/servicedesk/views/signin.pygetszSigninView.getc Cstjjs dStjdd}d|}tj|}dt j t j dd}tj |||stjjddd|dd d d d ||d td|}|r||krtjjddd|dd dd d ||d tddS)Ncaptchazauth:user_login_captcha:)kZ auth_failedCmfAuthzRequire captcha)loginreasonZfailT) operatecmf_model_nameparent audit_data result_statuscurrent_transactionsecurity_level parent_name parent_codeiauthz Bad captcha)r r auth_check_captcharequestvaluesrAPPREDIS_DBjoinrandomchoicesstringdigitssetmodelsCmfAudit audit_eventrdecode)r rrZdb_keyZ db_captchaZ new_captchar r r _auth_check_captchas(         zSigninView._auth_check_captchacCsztjjs dSttjd}tjd|s0dSddl m }ddl m }tj d|}|}||}||ddS)Nrzauth:user_login_captcha:r)Response) ImageCaptchaz image/png)Zmimetype)r r r!rr"r#r$r%existsflaskr1Z captcha.imager2rr/Zgenerate)r rr1r2rZimagedatar r r captcha_img5s   zSigninView.captcha_imgc CsRddl}|jtjd}d|kr*t|}tjd}||tt j ||}t j j |si}tjrtjd|d<td||jr4t|jkr4tjdd}tjd d}|r|st jjd d dd|id d d||d td||||jr d|_t jjdd dd|idd d||d |td}|||SQRXdS)Nrr@challenge_respmessageiZnew_password_hashZnew_password_saltZpassword_expiredrpassword_expires_must_changeTr) rrrrrrrrriZpassword_changedzSigned in successfully)urllibparseZunquoter"r#rr0ZcmfutilZ disable_aclr,rget_by_challenge_respdpcommitr alertrr;timerr-r.Z set_pass_hashZsaveZ make_responseZ_ok) r r=rr8r abort_kwargshashsaltZresponser r r postGsB          zSigninView.postcCs4ttjd}tjj|dddgd}|s,dS|S)NrZ token_lengthrFZ auth_options)rZfieldsr)rr"r#r,rrZgen_server_challenge)r rr r r r get_server_challengevs zSigninView.get_server_challengecCs`ttjd}tjd}tj||}tjj|sXi}tj rNtj d|d<t d|| S)u> Ручка для авторизации rpasswordr9r:i) rr"r#r,rr?r@rAr rBrZrsa_sign_pack_jwt)r rrIr rDr r r signin_with_login_password~s   z%SigninView.signin_with_login_passwordcCsDtjstdtdStjjj}tjj |d}|ss