U X(i @s~ddlZddlZddlZddlZddlmZddlmZddlTddl m Z ddl m Z ddl mZGdd d ejje ZdS) N)abort)rollback_all_ds)*)normalize_email_address) ResponseMixin)urlparsec@sxeZdZdZejjddZddZejjddZ ejjdd Z ejjd d Z ejjd d Z ejjddZ dS) SigninViewz /auth/signinc Csddl}ddlm}tjj}d}tjd}tj dd}|j |}t |sTd}|rhtj|\}}|dgd}|r|stt|} || |Sg} tjjdd d gd d d ggd dgdD]} | t| j| |dqt| } |dS)Nr)get_flashed_messages session_tokennext_url/Z auth_error)Zcategory_filterZservicedesk_supportz==TZdisabledFrzplugin.*)filterfields)nameZ login_urlz signin.html)urllibflaskr gglobal_settingsZservicedesk_allow_auth_guestsrequestZcookiesgetvaluesparseunquotecmfutilis_safe_next_urlmodelsZ CmfSessionZ from_token make_responseredirect_okZCmfAuthOpenIdPluginlistappenddictrZget_redirect_urllenZrender) selfrr Zshow_register_buttonauthr r Z_sessionmessagesresponseZ sso_buttonsZpluginZsso_buttons_countr'%./modules/servicedesk/views/signin.pyrs0        zSigninView.getc Cstjjs dStjdd}d|}tj|}d t j t j dd}tj|||stjjddd|dd d d ||d td |}|r||krtjjddd|dd dd ||d td dS)Ncaptchaauth:user_login_captcha:)kZ auth_failedCmfAuthzRequire captcha)loginreasonZfailZoperateZcmf_model_nameparentZ audit_dataZ result_statusZsecurity_level parent_nameZ parent_codeir$z Bad captcha)rrauth_check_captcharrrlowerAPPREDIS_DBjoinrandomchoicesstringdigitssetrCmfAudit audit_eventrdecode)r#r/r)Zdb_keyZ db_captchaZ new_captchar'r'r(_auth_check_captcha+s8    zSigninView._auth_check_captchacCstjjs dSddl}|jtjd}d|kr6t|}t j d| sPdSddl m}ddlm}t j d| }|}||}||ddS) Nrr/@r*)Response) ImageCaptchaz image/png)Zmimetype)rrr5rrrrrrr7r8existsr6rrDZ captcha.imagerErrAZgenerate)r#rr/rDrEr)Zimagedatar'r'r( captcha_imgGs   zSigninView.captcha_imgc Cs|ddl}|jtjd}d|kr*t|}tjd}||t*t j ||}t j j |si}tjrtjd|d<td||r tjdd}tjd d}|r|st jjd d dd|id d ||dtd||||jrd|_t jjdd dd|idd||d|tjdd}|j|}t|sJd}ttd|i} || |W5QRSQRXdS)Nrr/rCchallenge_respmessageZnew_password_hashZnew_password_saltZpassword_expiredr.password_expires_must_changer1r2iZpassword_changedr r Z redirect_url)rrrrrrrBrZ disable_aclrr.get_by_challenge_respdpcommitralertrZneed_change_passwordrr?r@Z set_pass_hashrMZsaverrZjsonifyr) r#rr/rIr$ abort_kwargshashsaltr r&r'r'r(post\sZ           zSigninView.postcCs4ttjd}tjj|dddgd}|s,dS|S)Nr/Z token_lengthrUZ auth_options)r/rr+)rrrrr.rZgen_server_challenger#r/r$r'r'r(get_server_challenges zSigninView.get_server_challengecCs`ttjd}tjd}tj||}tjj|sXi}tj rNtj d|d<t d|| S)u> Ручка для авторизации r/passwordrJrKrL) rrrrr.rOrPrQrrRrZrsa_sign_pack_jwt)r#r/rYr$rSr'r'r(signin_with_login_passwords   z%SigninView.signin_with_login_passwordcCsDtjstdtdStjjj}tjj |d}|ss