B f-@sddlZddlZddlZddlZddlZddlmZddlmZddl Tddl m Z ddl m Z ddlmZGdd d ejje ZdS) N)abort)rollback_all_ds)*)normalize_email_address) ResponseMixin)urlparsec@seZdZdZejjddZddZddZ ejjdd Z ejjd d Z ejjd d Z ejjddZ ejjddZdS) SigninViewz /auth/signincCstjj}|dS)Nz signin.html)gZglobal_settingsZservicedesk_allow_auth_guestsZrender)selfZshow_register_buttonr %./modules/servicedesk/views/signin.pygetszSigninView.getc Cstjs dStjd|s dStjjjd|tjdd}|jddt tjy | Wn"t k r}zWdd}~XYnXdS)Nzauth:user_login_failed:zauth:user_login_failed_lock:)ZtimeoutT)Zblocking) configAUTH_FREEZE_AFTER_LOGIN_FAILAPPREDIS_DBexistsZredislockacquiretimeZsleeprelease Exception)r loginrer r r _auth_freezes   zSigninView._auth_freezec Cstjs dStjd|s dStjdd}d|}tj|}dt j t j dd}tj |||stjjddd|d d d d d ||d td|}|r||krtjjddd|dd dd d ||d tddS)Nzauth:user_login_failed:captchazauth:user_login_captcha:)kZ auth_failedCmfAuthzRequire captcha)rreasonZfailT) operatecmf_model_nameparent audit_data result_statuscurrent_transactionsecurity_level parent_name parent_codeiauthz Bad captcha)rAUTH_CHECK_CAPTCHArrrrequestvaluesr joinrandomchoicesstringdigitssetmodelsCmfAudit audit_eventrdecode)r rrZdb_keyZ db_captchaZ new_captchar r r _auth_check_captcha)s,         zSigninView._auth_check_captchacCsxtjs dSttjd}tjd|s.dSddlm }ddl m }tj d| }|}||}||ddS)Nrzauth:user_login_captcha:r)Response) ImageCaptchaz image/png)Zmimetype)rr-rr.r/rrrflaskr;Z captcha.imager<r r9Zgenerate)r rr;r<rZimagedatar r r captcha_imgHs   zSigninView.captcha_imgc Cshddl}|jtjd}d|kr*t|}tjd}||||t  t j ||}t j j |stjs~tjrtjjd|dddtd |jrJt|jkrJtjd d}tjd d}|r|st jjd d dd|iddd||d td||||jr d|_t jjdd dd|iddd||d |td}|||SQRXdS)Nrr@challenge_respzservicedesk:user_login_failed:r"i)exiZnew_password_hashZnew_password_saltZpassword_expiredr password_expires_must_changeT) r#r$r%r&r'r(r)r*r+iZpassword_changedrzSigned in successfully)urllibparseZunquoter.r/rrr:ZcmfutilZ disable_aclr6r Zget_by_challenge_respZdpZcommitrrr-rrr5rrCrr r7r8Z set_pass_hashZsaveZ make_responseZ_ok)r rDrrAr,hashsaltZresponser r r postZsB            zSigninView.postcCs4ttjd}tjj|dddgd}|s,dS|S)NrZ token_lengthrGZ auth_options)rZfieldsr)rr.r/r6r r Zgen_server_challenge)r rr,r r r get_server_challenges zSigninView.get_server_challengecCshttjd}tjd}||tj||}|s`tjs@tj rXt j j d|dddt d|S)u> Ручка для авторизации rpasswordzauth:user_login_failed:r"i)rBi)rr.r/rr6r Zfrom_login_passwordrrr-rrr5rZrsa_sign_pack_jwt)r rrJr,r r r signin_with_login_passwords   z%SigninView.signin_with_login_passwordcCsDtjstdtdStjjj}tjj |d}|ss