U c(@sddlZddlZddlZddlZddlZddlmZddlmZddl Tddl m Z ddl m Z ddlmZGdd d ejje ZdS) N)abort)rollback_all_ds)*)normalize_email_address) ResponseMixin)urlparsec@seZdZdZdZddZddZejj ddZ d d Z d d Z ejj d dZ ejj ddZejj ddZejj ddZejj ddZdS) SigninViewz/signincCs4tjd}|s0tjr0ttj}|r0|d}|S)N access_token)requestcookiesgetdataujsonloads)selfr json_resr+/opt/account/./modules/auth/views/signin.py_get_access_tokens     zSigninView._get_access_tokencCs|}|rtj|SdS)N)rmodelsCmfAuthZrsa_verify_unpack_jwt)rr rrr_jwt_from_requestszSigninView._jwt_from_requestc Csl|}|rZz0|dd}|dd}t|dd}d}Wn6ttttfk rttdd}d}d}d}YnXd}|sd}|rtj j |dgd }|sd}|r|j |krd}|rTt j t j |j}|dkrd tjkrTtd |d |d tjd nLd|kr"tjkrTnn.ttd tjkr@tjd nd}|||Sttj } |dS)NpayloadloginscopeexpTzjwt value errorrFrfieldsnext_urlz !!! Maybe Cycle Redirect: login=z, scope=z next_url=/z signin.html)rint ValueError TypeErrorAttributeErrorKeyErrorlogging exceptionrrr rdatetimenow fromtimestampdaysr valuesprintr prolong_days make_responseredirect_okrconfigIS_BOX_VERSIONrender) rjwtrrrZjwt_okauthZ expired_daysresponseZshow_register_buttonrrrr "sL        zSigninView.getc Cstjs dStjd|s dStjjjd|tjdd}|jddt tjz | Wn"t k r}zW5d}~XYnXdS)Nauth:user_login_failed:zauth:user_login_failed_lock:)timeoutT)blocking) r2AUTH_FREEZE_AFTER_LOGIN_FAILAPPREDIS_DBexistsredislockacquiretimesleeprelease Exception)rrrAerrr _auth_freezeXs   zSigninView._auth_freezecCstjs dStjd|s dStjdd}d|}tj|}dt j t j dd}tj |||stjjddd|d d d d d td|}|r||krtjjddd|dd d d d tddS)Nr8captchaauth:user_login_captcha:)kr6rzRequire captcha)rreasonfailT)operatecmf_model_nameparent audit_data result_statusZ celery_skipiz Bad captcha)r2AUTH_CHECK_CAPTCHAr=r>r?r r,r joinrandomchoicesstringdigitssetrCmfAudit audit_eventrdecode)rrrIZdb_keyZ db_captchaZ new_captcharrr_auth_check_captchahs4     zSigninView._auth_check_captchacCsxtjs dSttjd}tjd|s.dSddlm }ddl m }tj d| }|}||}||ddS)NrrJr)Response) ImageCaptchaz image/png)mimetype)r2rUrr r,r=r>r?flaskr`Z captcha.imagerar r^generate)rrr`rarIimagerrrr captcha_imgs   zSigninView.captcha_imgcCsttjd}tjd}||||tj||}tjj |svt j sVt j rnt jjd|dddtdtd}|||S) Nrchallenge_respr8exizSigned in successfully)rr r,rHr_rrZget_by_challenge_respdpcommitr2r<rUr=r>r[rr/r1)rrrgr6r7rrrposts     zSigninView.postcCs^ttjd}tjj|dgd}|s(dSdd|jjD}d|krZt |dkrZ| SdS) Nrz***rrKcSsg|]\}}|r|qSrr).0keyvalrrr sz3SigninView.get_server_challenge..Z allow_baserh) rr r,rrr Z auth_optionsvalueitemslenZgen_server_challenge)rrr6allowrrrget_server_challengeszSigninView.get_server_challengecCsTtjstdtdStjjj}tjj |d}|s.uO2.2. У пользователя нет scope - форма создания VM.r9ur3.2. У пользователя два scope, проверим, не системный ли один из нихz^acrm[0-9]{5,6}$rhuo3. У пользователя один единственный scope - на эту CRM и отправить.zhttps://uc4. У пользователя несколько scope - отправить на список CRM.r )gr6r&infor0emailrsrrr ris_nullr1r[ryrurematchdiscardpopr2AUTH_SESSION_COOKIE_DOMAINr3 startswith)rrr6scopesrr7rrrproceeds8           zSigninView.proceedcCshttjd}tjd}||tj||}|s`tjs@tj rXt j j d|dddt d|S)u> Ручка для авторизации rpasswordr8rhrirji)rr r,rHrrZfrom_login_passwordr2r<rUr=r>r[rrsa_sign_pack_jwt)rrrr6rrrsignin_with_login_passwords   z%SigninView.signin_with_login_passwordN)__name__ __module__ __qualname____url__r.rrcmfviewsactionr rHr_rfrnrwrrrrrrrs$ 5    %r)r(rrWrYrCrcrcmf.data_providers.baser cmf.includeZmodules.auth.models.emailrmodules.auth.views.responser urllib.parserrrBaseViewrrrrrs