Главная Обзор Помощь
Вход
SMusatov
/
GlitchTip
зеркало из https://gitlab.com/glitchtip/glitchtip-backend.git
1
0
Ответвить 0
Файлы
Дерево: ce615f2064
Ветки Метки
GlitchTip
/
organizations_ext
/
invitation_backend.py

invitation_backend.py 2.2 KB
История Исходник

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071 
  1. from django.conf import settings
    2. 

  2. from django.contrib.auth.tokens import PasswordResetTokenGenerator
    3. 

  3. from django.urls import re_path
    4. 

  4. from django.utils.http import base36_to_int
    5. 

  5. from django.utils.crypto import constant_time_compare
    6. 

  6. from organizations.backends.defaults import InvitationBackend as BaseInvitationBackend
    7. 

  7. from .models import Organization
    8. 

  8. from .tasks import send_email_invite
    9. 

  9. 

  10. 

  11. REGISTRATION_TIMEOUT_DAYS = getattr(settings, "REGISTRATION_TIMEOUT_DAYS", 15)
    12. 

  12. 

  13. 

  14. class InvitationTokenGenerator(PasswordResetTokenGenerator):
    15. 

  15.     def _make_hash_value(self, user, timestamp):
    16. 

  16.         return str(user.pk) + str(timestamp)
    17. 

  17. 

  18.     def check_token(self, user, token):
    19. 

  19.         """
    20. 

  20.         Check that a password reset token is correct for a given user.
    21. 

  21.         """
    22. 

  22.         # Parse the token
    23. 

  23.         try:
    24. 

  24.             ts_b36, hash = token.split("-")
    25. 

  25.         except ValueError:
    26. 

  26.             return False
    27. 

  27. 

  28.         try:
    29. 

  29.             ts = base36_to_int(ts_b36)
    30. 

  30.         except ValueError:
    31. 

  31.             return False
    32. 

  32. 

  33.         # Check that the timestamp/uid has not been tampered with
    34. 

  34.         if not constant_time_compare(self._make_token_with_timestamp(user, ts), token):
    35. 

  35.             return False
    36. 

  36. 

  37.         # Check the timestamp is within limit
    38. 

  38.         if (self._num_seconds(self._now()) - ts) > REGISTRATION_TIMEOUT_DAYS * 86400:
    39. 

  39.             return False
    40. 

  40. 

  41.         return True
    42. 

  42. 

  43. 

  44. class InvitationBackend(BaseInvitationBackend):
    45. 

  45.     """
    46. 

  46.     Based on django-organizations InvitationBackend but for org user instead of user
    47. 

  47.     """
    48. 

  48. 

  49.     def __init__(self, org_model=None, namespace=None):
    50. 

  50.         self.user_model = None
    51. 

  51.         self.org_model = Organization
    52. 

  52.         self.namespace = namespace
    53. 

  53. 

  54.     def get_urls(self):
    55. 

  55.         return [
    56. 

  56.             re_path(
    57. 

  57.                 r"^(?P<user_id>[\d]+)/(?P<token>[0-9A-Za-z]{1,90}-[0-9A-Za-z]{1,90})/$",
    58. 

  58.                 view=self.activate_view,
    59. 

  59.                 name="invitations_register",
    60. 

  60.             ),
    61. 

  61.         ]
    62. 

  62. 

  63.     def get_token(self, org_user, **kwargs):
    64. 

  64.         return InvitationTokenGenerator().make_token(org_user)
    65. 

  65. 

  66.     def send_invitation(self, user, sender=None, **kwargs):
    67. 

  67.         kwargs.update(
    68. 

  68.             {"token": self.get_token(user), "organization": user.organization,}
    69. 

  69.         )
    70. 

  70.         send_email_invite.delay(user.pk, kwargs["token"])
    71. 

  71.         return True
    72.