o aeh@sdZddlmZmZmZddlmZmZmZddl m Z ddl m Z ddl mZddlmZddlmZdd lmZdd lmZdd lmZmZmZmZmZdd lmZm Z m!Z!m"Z"dd l#m$Z$m%Z%ddl&m'Z'ddl(m)Z)ddlm*Z*ddl+m,Z,m-Z-ddl.m/Z/ddl0m1Z1ddl2m3Z3ddl4m5Z5ddl6m7Z7m8Z8m9Z9ddl:m;Z;ddlZ>ddl?m@Z@mAZAddlBmCZCddlDmEZEddlFmGZGddlHmIZIddlJmKZKddlLZLddlMZMd d!lNmOZOmPZPmQZQmRZRd d"lSmTZTmUZUmVZVmWZWe*ZXeMYeZZ[Gd#d$d$eZ\Gd%d&d&eZ]Gd'd(d(eZ^Gd)d*d*eZ_Gd+d,d,eZ`Gd-d.d.eZaGd/d0d0eZbe d1d2Zce e3d3gd4d5ZdGd6d7d7eIZee=d3ge>e@gd8d9Zfe=d:ge>e@gd;d<ZgGd=d>d>eZhGd?d@d@eZidS)Az Authentication Views Module This module contains views for handling authentication and authorization including login, logout, registration, password reset, email verification, and session management. Author: Senior Django Developer Date: 2024 )renderredirectget_object_or_404) authenticateloginlogout)login_required)LoginRequiredMixin)messages) send_mail)settings) gettext_lazy)timezone)View TemplateViewFormViewListView DetailView) JsonResponse HttpResponseHttpResponseRedirectHttp404) reverse_lazyreverse)render_to_string) strip_tags)get_user_model)QCount) Paginator) csrf_exempt)require_http_methods)method_decorator)AuthenticationFormPasswordResetFormSetPasswordFormstatus)api_viewpermission_classes)IsAuthenticatedAllowAny)Response)APIView)Token)ObtainAuthToken) timedeltaN) LoginAttemptPasswordResetTokenEmailVerificationToken UserSession) get_client_ipget_user_agent_infoget_location_from_ip is_safe_urlcTeZdZdZdZeZedZfddZ fddZ fdd Z fd d Z Z S) CustomLoginViewz Custom login view with enhanced security features. Features: - Login attempt tracking - Account lockout protection - IP-based suspicious activity detection - Session management - Device tracking zauth/login.htmlcore:dashboardcs.|jjr t|Stj|g|Ri|S)a$ Check if user is already authenticated. Args: request: HTTP request object *args: Variable length argument list **kwargs: Arbitrary keyword arguments Returns: HttpResponse: Response object N)useris_authenticatedrget_success_urlsuperdispatchselfrequestargskwargs __class__MC:\Users\vibe-look\OneDrive\Desktop\Adtlas_V\src\apps\authentication\views.pyrAgs zCustomLoginView.dispatchc .tjdi|}td|d<td|d<|S) Add additional context data to the template. Args: **kwargs: Arbitrary keyword arguments Returns: dict: Context data for template ZLogintitlezSign in to your accountpage_descriptionNrIr@get_context_data_rCrFcontextrGrIrJrPx  z CustomLoginView.get_context_datac s8|jd}|jd}t|j}|jjdd}t|}t|}tj|dd}|dkrOtj j |||dd |d d|d dd t |jt d ||St|rwtj j |||dd|d d|d dd t |jt d||St|j||d} | dura| jstj j | |||dd|d d|d ddt |jt d||S| jstj j | |||dd|d d|d ddt |jt dtd| jdSt|j| tj j | |||d|d d|d dd|jjj} | r%tj j| | |||dd|dd|dddttdd|d d|d dd d!t| _| jd"gd#t |jt d$| p>| j!d%|jj"d&} | r[t#| |j$r[t| St%&|Sz t'j j|d'} Wn t'j(ywd} Ynwtj j | |||dd(|d d|d ddt |jt d)||S)*z Handle valid form submission. Args: form: Valid authentication form Returns: HttpResponse: Response object usernamepasswordHTTP_USER_AGENTr1) since_hoursFZaccount_lockedcountrycity)attempted_email ip_address user_agent is_successfulfailure_reasonr[r\zYAccount temporarily locked due to multiple failed login attempts. Please try again later.Z suspicious_ipzALogin blocked due to suspicious activity. Please contact support.)rUrVNZaccount_inactive)r=r]r^r_r`rar[r\z1Your account is inactive. Please contact support.Zemail_not_verifiedz3Please verify your email address before logging in.auth:resend_verificationuser_idT)r=r]r^r_r`r[r\ device_typebrowseros)days) r=r^r_rerfoperating_system is_active expires_atr[r\) session_keydefaults last_login) update_fieldszWelcome back, !next)emailZinvalid_credentialsz,Invalid email or password. Please try again.)) cleaned_datagetr6rDMETAr7r8r2get_failed_attempts_countobjectscreater errorrQ form_invalidis_ip_suspiciousrrk is_verifiedridrsessionrmr5update_or_creaternowr0rosavesuccess get_full_namersGETr9get_hostr@ form_validUser DoesNotExist) rCformrsrVr^r_Zuser_agent_infoZ location_infofailed_attemptsr=rmnext_urlrGrIrJrs                                  zCustomLoginView.form_validcs*t|jst|jtdt|S)z Handle invalid form submission. Args: form: Invalid authentication form Returns: HttpResponse: Response object Please correct the errors below.N)r get_messagesrDrzrQr@r{rCrrGrIrJr{=s  zCustomLoginView.form_invalid)__name__ __module__ __qualname____doc__ template_namer# form_classr success_urlrArPrr{ __classcell__rIrIrGrJr;Ws    7r;c@s eZdZdZddZddZdS)CustomLogoutViewz Custom logout view with session cleanup. Features: - Session invalidation - Security logging - Cleanup of user sessions cOs|jjr?|jj}|r$ztjj||jd}|Wn tjy#Ynwt d|jj dt |t |t|tdtdS)a Handle logout POST request. Args: request: HTTP request object *args: Variable length argument list **kwargs: Arbitrary keyword arguments Returns: HttpResponse: Response object )rmr=zUser z logged out from IP z&You have been successfully logged out. auth:loginN)r=r>rrmr5rxru invalidaterloggerinforsr6rr rrQr)rCrDrErFrmZ user_sessionrIrIrJpostZs*  zCustomLogoutView.postcOs|j|g|Ri|S)a* Handle logout GET request (redirect to POST). Args: request: HTTP request object *args: Variable length argument list **kwargs: Arbitrary keyword arguments Returns: HttpResponse: Response object N)rrBrIrIrJrus zCustomLogoutView.getN)rrrrrrurIrIrIrJrPs +rcsXeZdZdZdZedZddZfddZfdd Z fd d Z fd d Z Z S) RegisterViewz User registration view. Features: - User account creation - Email verification - Security logging - Input validation zauth/register.htmlrcs0ddlmddlm}Gfddd|}|S)z'Return the form class for registration.rforms)UserCreationFormcsTeZdZjddZjdddZjdddZGdddZd fdd Z Z S) z;RegisterView.get_form_class..CustomUserCreationFormT)requiredrh) max_lengthrc@seZdZeZdZdS)z@RegisterView.get_form_class..CustomUserCreationForm.Meta)rs first_name last_name password1 password2N)rrrrmodelfieldsrIrIrIrJMetasrcsBtjdd}|jd|_|jd|_|jd|_|r||S)NF)commitrsrr)r@rrtrsrr)rCrr=rGrIrJrs   z@RegisterView.get_form_class..CustomUserCreationForm.save)T) rrr EmailFieldrs CharFieldrrrrrrIrrGrJCustomUserCreationForms  rN)djangordjango.contrib.auth.formsr)rCrrrIrrJget_form_classs  zRegisterView.get_form_classcs*|jjrtdStj|g|Ri|S)z'Check if user is already authenticated.r<N)r=r>rr@rArBrGrIrJrAszRegisterView.dispatchc rK)zAdd additional context data.ZRegisterrMzCreate your accountrNNrIrOrRrGrIrJrPs  zRegisterView.get_context_datacsH|}t|j}td|jd|t|jtdt |S)zHandle valid form submission.zNew user registered: from IP z1Account created successfully! You can now log in.N) rr6rDrrrsr rrQr@r)rCrr=r^rGrIrJrs  zRegisterView.form_validcst|jtdt|S)zHandle invalid form submission.rN)r rzrDrQr@r{rrGrIrJr{s  zRegisterView.form_invalid) rrrrrrrrrArPrr{rrIrIrGrJrs    rcsDeZdZdZdZeZedZfddZ fddZ dd Z Z S) PasswordResetRequestViewzj Password reset request view. Handles password reset token generation and email sending. z auth/password_reset_request.htmlzauth:password_reset_sentc rK)rLzReset PasswordrMz'Enter your email to reset your passwordrNNrIrOrRrGrIrJrPrTz)PasswordResetRequestView.get_context_datacs|jd}z*tjj|dd}tjj|t|jd}|||t d|j dt|jWn tj y9Ynwt |S)z Handle valid form submission. Args: form: Valid password reset form Returns: HttpResponse: Response object rsT)rsrk)r= requested_ipz"Password reset requested for user rN)rtrrxrur3ryr6rDsend_password_reset_emailrrrsrr@r)rCrrsr= reset_tokenrGrIrJrs   z#PasswordResetRequestView.form_validcCsb|jtdd|jid}td||ttdd|jd}t|}t t d|tj |j g|d d d S) z Send password reset email to user. Args: user: User instance reset_token: PasswordResetToken instance zauth:password_reset_confirmtokenrFzauth/emails/password_reset.htmlZ SITE_NAMEzOur Site)r= reset_url site_namerlzPassword Reset RequestFsubjectmessage from_emailrecipient_list html_message fail_silentlyN) rDbuild_absolute_urirrrgetattrr rlrr rQDEFAULT_FROM_EMAILrs)rCr=rrr plain_messagerIrIrJrs,    z2PasswordResetRequestView.send_password_reset_email) rrrrrr$rrrrPrrrrIrIrGrJrs  #rcr:) PasswordResetConfirmViewz\ Password reset confirmation view. Handles password reset using the token. z auth/password_reset_confirm.htmlzauth:password_reset_completecs|d|_ztjj|jd|_|js"t|tdt dWSWntj y9t|tdt dYSwt j |g|Ri|S)a& Validate token before processing request. Args: request: HTTP request object *args: Variable length argument list **kwargs: Arbitrary keyword arguments Returns: HttpResponse: Response object rrz3This password reset link is invalid or has expired.zauth:password_reset_requestz$This password reset link is invalid.N) rurr3rxris_validr rzrQrrr@rArBrGrIrJrAQs(    z!PasswordResetConfirmView.dispatchcst}|jj|d<|S)zb Add user to form kwargs. Returns: dict: Form kwargs r=N)r@get_form_kwargsrr=)rCrFrGrIrJrts  z(PasswordResetConfirmView.get_form_kwargsc s:tjdi|}td|d<td|d<|jj|d<|S)rLzSet New PasswordrMzEnter your new passwordrNr=NrI)r@rPrQrr=rRrGrIrJrPs    z)PasswordResetConfirmView.get_context_datacsn|}|jt|jtd|jdt|jtj j |ddj ddt |jtdt|S) z Handle valid form submission. Args: form: Valid set password form Returns: HttpResponse: Response object z"Password reset completed for user rT)r=rkF)rkzPYour password has been reset successfully. Please log in with your new password.N)rr use_tokenr6rDrrrsr5rxfilterupdater rrQr@r)rCrr=rGrIrJrs  z#PasswordResetConfirmView.form_valid)rrrrrr%rrrrArrPrrrIrIrGrJrFs  # rc@eZdZdZddZdS)EmailVerificationViewzT Email verification view. Handles email verification using tokens. cOszDtjj|d}|r8|t|td|jj dt|t |t d|jj s3tdWStdWSt |t dWtdStjyYt |t dYtdSw) aI Handle email verification GET request. Args: request: HTTP request object token: Verification token *args: Variable length argument list **kwargs: Arbitrary keyword arguments Returns: HttpResponse: Response object rzEmail verified for user rz*Your email has been verified successfully!rr<z7This email verification link is invalid or has expired.z(This email verification link is invalid.N)r4rxrur verify_emailr6rrr=rsr rrQr>rrzr)rCrDrrErFverification_tokenrIrIrJrus8    zEmailVerificationView.getN)rrrrrurIrIrIrJr rc@s(eZdZdZddZddZddZdS) ResendVerificationViewz_ Resend email verification view. Handles resending email verification tokens. cOsvz$tt|d}|jrt|tdtdWS|tdd}t|d|WStjy:t |tdtdYSw) a\ Handle resend verification GET request. Args: request: HTTP request object user_id: User ID to resend verification for *args: Variable length argument list **kwargs: Arbitrary keyword arguments Returns: HttpResponse: Response object r~Your email is already verified.rzResend Email Verification)r=rMzauth/resend_verification.htmlUser not found.N) rrr}r rrQrrrrz)rCrDrdrErFr=rSrIrIrJrus&   zResendVerificationView.getc OsNzgtt|d}|jrt|tdtdWStjj |dt d }|r)|}nddl }|d} tjj|| |jt td d d }|||t|td td |jdt|td|jdWStjy}t|tdtdYSty} ztdt| t|tdtd|dWYd} ~ Sd} ~ ww)a] Handle resend verification POST request. Args: request: HTTP request object user_id: User ID to resend verification for *args: Variable length argument list **kwargs: Arbitrary keyword arguments Returns: HttpResponse: Response object rrrF)r=is_usedexpires_at__gtrN )hours)r=rrsrlz7Verification email has been sent to your email address.z#Verification email resent for user rrbrcrz$Error resending verification email: zIAn error occurred while sending the verification email. Please try again.)rrr}r rrQrr4rxrrrfirstsecrets token_urlsaferyrsr0send_verification_emailrrr6r~rrz Exceptionstr) rCrDrdrErFr=Zexisting_tokenrrrerIrIrJrsb     zResendVerificationView.postc Cs|jtdd|jid}td}d|jp|jd|d|d}d |jp'|jd |d }zt||tj |jg|d d WdSt yU}z t dt |d}~ww)z Send email verification email to user. Args: user: User instance verification_token: EmailVerificationToken instance zauth:verify_emailrrzVerify Your Email Addressz\

Email Verification

Hello zk,

Please click the link below to verify your email address:

Verify Email

Or copy and paste this link in your browser:

z

This link will expire in 24 hours.

If you didn't request this verification, please ignore this email.

z3 Email Verification Hello zY, Please visit the following link to verify your email address: z This link will expire in 24 hours. If you didn't request this verification, please ignore this email. Frz#Failed to send verification email: N)rDrrrrQrrsr r rrrrzr)rCr=rZverification_urlrrrrrIrIrJrds@    z.ResendVerificationView.send_verification_emailN)rrrrrurrrIrIrIrJrs & JrcCs0t|j}|jj}td||d}t|d|S)z View for managing user sessions. Args: request: HTTP request object Returns: HttpResponse: Response object zActive Sessions)rMsessionscurrent_session_keyzauth/user_sessions.htmlN)r5get_active_sessions_for_userr=rrmrQr)rDrrrSrIrIrJuser_sessions_views  rPOSTcCsz0tjj||jdd}|j|jjkrt|tdn| t |tdWt dSWt dStj yEt|tdYt dSw)z View for invalidating a specific user session. Args: request: HTTP request object session_id: Session ID to invalidate Returns: HttpResponse: Response object T)r~r=rkz+You cannot invalidate your current session.z!Session invalidated successfully.z)Session not found or already invalidated.zauth:user_sessionsN) r5rxrur=rmrr rzrQrrrr)rDZ session_idrrIrIrJinvalidate_session_views4  rc@r)CustomAuthTokenViewzu Custom API authentication view. Extends the default token authentication with additional features. c Os|j|jd|id}|r>|jd}tjj|d\}}tjj||j t ||j ddddt |j|j|j |j|jd S|j d d}tjj|t ||j ddd d d t |jtjdS)a Handle token authentication request. Args: request: HTTP request object *args: Variable length argument list **kwargs: Arbitrary keyword arguments Returns: Response: API response rD)datarSr=)r=rWrXT)r=r]r^r_r`)rrdrsrrrUFZinvalid_api_credentials)r]r^r_r`rar&N)Zserializer_classrrZvalidated_datar.rx get_or_creater2ryrsr6rvrur,keypkrrerrorsr'HTTP_400_BAD_REQUEST) rCrDrErF serializerr=rcreatedrsrIrIrJrsB     zCustomAuthTokenView.postN)rrrrrrIrIrIrJrrrc Cs`z|jjtdtditjdWSty/}ztdtditjdWYd}~Sd}~ww)z API logout view. Args: request: HTTP request object Returns: Response: API response rzSuccessfully logged out.r&rzzLogout failed.N) r=Z auth_tokendeleter,rQr' HTTP_200_OKrr)rDrrIrIrJapi_logout_view%s   rrc Csdt|j}g}|D]}||j|j|j|j|j|j |j |j |j |j j kd q td|itjdS)z API view for getting user sessions. Args: request: HTTP request object Returns: Response: API response with user sessions ) r~r^rerfrjr[r\ last_activityZ is_currentrr&N)r5rr=appendr~r^rerfrjr[r\rrmrr,r'r)rDrZ sessions_datarrIrIrJapi_user_sessions_view@s&    rc$eZdZdZdZfddZZS)PasswordResetSentViewz6 Password reset email sent confirmation view. zauth/password_reset_sent.htmlc "tjdi|}td|d<|S)rLzPassword Reset Email SentrMNrIrOrRrGrIrJrPi z&PasswordResetSentView.get_context_datarrrrrrPrrIrIrGrJrcrcr)PasswordResetCompleteViewz4 Password reset complete confirmation view. z!auth/password_reset_complete.htmlc r)rLzPassword Reset CompleterMNrIrOrRrGrIrJrP~rz*PasswordResetCompleteView.get_context_datarrIrIrGrJrxrr)jrdjango.shortcutsrrrdjango.contrib.authrrrdjango.contrib.auth.decoratorsrZdjango.contrib.auth.mixinsr django.contribr django.core.mailr django.confr django.utils.translationr rQ django.utilsrdjango.views.genericrrrrr django.httprrrr django.urlsrrdjango.template.loaderrdjango.utils.htmlrrdjango.db.modelsrrdjango.core.paginatorrdjango.views.decorators.csrfr Zdjango.views.decorators.httpr!django.utils.decoratorsr"rr#r$r%rest_frameworkr'Zrest_framework.decoratorsr(r)Zrest_framework.permissionsr*r+Zrest_framework.responser,Zrest_framework.viewsr-Zrest_framework.authtoken.modelsr.Zrest_framework.authtoken.viewsr/datetimer0jsonloggingmodelsr2r3r4r5utilsr6r7r8r9r getLoggerrrr;rrrrrrrrrrrrrrIrIrIrJsv                      zDNdk<6  *=  !