From 6ec42edd60000fe202b4426f05d3e7b0ac337cc7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Delobelle?= Date: Sat, 20 Aug 2016 19:35:45 +0200 Subject: [PATCH] =?UTF-8?q?Authentification=20utilisateur=20standard=20?= =?UTF-8?q?=C3=A9quipe?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Un utilisateur ayant la perm `kfet.is_team` peut se déconnecter et connecter à la place un utilisateur `kfet_genericteam` ne disposant que de la permission `kfet.is_team` - Backend et vue associée à cette connexion créés --- kfet/backends.py | 20 +++++++++++++++++++- kfet/migrations/0029_genericteamtoken.py | 21 +++++++++++++++++++++ kfet/models.py | 3 +++ kfet/templates/kfet/base_nav.html | 6 ++++++ kfet/templates/kfet/login_genericteam.html | 7 +++++++ kfet/urls.py | 2 ++ kfet/views.py | 12 +++++++++++- 7 files changed, 69 insertions(+), 2 deletions(-) create mode 100644 kfet/migrations/0029_genericteamtoken.py create mode 100644 kfet/templates/kfet/login_genericteam.html diff --git a/kfet/backends.py b/kfet/backends.py index b9f8c374..6ba9063a 100644 --- a/kfet/backends.py +++ b/kfet/backends.py @@ -1,6 +1,8 @@ import hashlib -from kfet.models import Account +from django.contrib.auth.models import User, Permission +from gestioncof.models import CofProfile +from kfet.models import Account, GenericTeamToken class KFetBackend(object): def authenticate(self, request): @@ -16,3 +18,19 @@ class KFetBackend(object): return None return user + +class GenericTeamBackend(object): + def authenticate(self, username=None, token=None): + valid_token = GenericTeamToken.objects.get(token=token) + if username == 'kfet_genericteam' and valid_token: + user, created = User.objects.get_or_create(username='kfet_genericteam') + perm_is_team = Permission.objects.get(codename='is_team') + user.user_permissions.add(perm_is_team) + return user + return None + + def get_user(self, user_id): + try: + return User.objects.get(pk=user_id) + except User.DoesNotExist: + return None diff --git a/kfet/migrations/0029_genericteamtoken.py b/kfet/migrations/0029_genericteamtoken.py new file mode 100644 index 00000000..ba13674c --- /dev/null +++ b/kfet/migrations/0029_genericteamtoken.py @@ -0,0 +1,21 @@ +# -*- coding: utf-8 -*- +from __future__ import unicode_literals + +from django.db import models, migrations + + +class Migration(migrations.Migration): + + dependencies = [ + ('kfet', '0028_auto_20160820_0146'), + ] + + operations = [ + migrations.CreateModel( + name='GenericTeamToken', + fields=[ + ('id', models.AutoField(serialize=False, primary_key=True, auto_created=True, verbose_name='ID')), + ('token', models.CharField(unique=True, max_length=50)), + ], + ), + ] diff --git a/kfet/models.py b/kfet/models.py index 0aefaad6..cbac30f2 100644 --- a/kfet/models.py +++ b/kfet/models.py @@ -551,3 +551,6 @@ class Settings(models.Model): return Settings.setting_inst("CANCEL_DURATION").value_duration except Settings.DoesNotExist: return timedelta() + +class GenericTeamToken(models.Model): + token = models.CharField(max_length = 50, unique = True) diff --git a/kfet/templates/kfet/base_nav.html b/kfet/templates/kfet/base_nav.html index fc4ef1ec..ecc8cf5d 100644 --- a/kfet/templates/kfet/base_nav.html +++ b/kfet/templates/kfet/base_nav.html @@ -18,6 +18,9 @@
  • Home
    • {% endif %} diff --git a/kfet/templates/kfet/login_genericteam.html b/kfet/templates/kfet/login_genericteam.html new file mode 100644 index 00000000..f5f8c863 --- /dev/null +++ b/kfet/templates/kfet/login_genericteam.html @@ -0,0 +1,7 @@ +{% extends 'kfet/base.html' %} + +{% block content %} + +Connexion utilisateur K-Fêt générique réussie + +{% endblock %} diff --git a/kfet/urls.py b/kfet/urls.py index b61c51ef..944ebcaa 100644 --- a/kfet/urls.py +++ b/kfet/urls.py @@ -6,6 +6,8 @@ from kfet import autocomplete urlpatterns = [ url(r'^$', views.home, name = 'kfet.home'), + url(r'^login/genericteam$', views.login_genericteam, + name = 'kfet.login.genericteam'), # ----- # Account urls diff --git a/kfet/views.py b/kfet/views.py index c8dd8472..d6e6d060 100644 --- a/kfet/views.py +++ b/kfet/views.py @@ -5,6 +5,7 @@ from django.views.generic.edit import CreateView, UpdateView, DeleteView from django.core.urlresolvers import reverse_lazy from django.contrib import messages from django.contrib.messages.views import SuccessMessageMixin +from django.contrib.auth import authenticate, login from django.contrib.auth.decorators import login_required, permission_required from django.contrib.auth.models import User, Permission from django.http import HttpResponse, JsonResponse, Http404 @@ -12,9 +13,10 @@ from django.forms import modelformset_factory from django.db import IntegrityError, transaction from django.db.models import F from django.utils import timezone +from django.utils.crypto import get_random_string from gestioncof.models import CofProfile, Clipper from kfet.models import (Account, Checkout, Article, Settings, AccountNegative, - CheckoutStatement) + CheckoutStatement, GenericTeamToken) from kfet.forms import * from collections import defaultdict from channels import Group @@ -25,6 +27,14 @@ from datetime import timedelta def home(request): return render(request, "kfet/base.html") +@permission_required('kfet.is_team') +def login_genericteam(request): + token = GenericTeamToken.objects.create(token=get_random_string(50)) + user = authenticate(username="kfet_genericteam", token=token.token) + login(request, user) + print(request.user) + return render(request, "kfet/login_genericteam.html") + def put_cleaned_data_in_dict(dict, form): for field in form.cleaned_data: dict[field] = form.cleaned_data[field]