forked from GithubBackups/healthchecks
154 lines
4.5 KiB
Python
154 lines
4.5 KiB
Python
import base64
|
|
from datetime import timedelta as td
|
|
|
|
from django import forms
|
|
from django.contrib.auth import authenticate
|
|
from django.contrib.auth.models import User
|
|
from hc.api.models import TokenBucket
|
|
|
|
|
|
class LowercaseEmailField(forms.EmailField):
|
|
def clean(self, value):
|
|
value = super(LowercaseEmailField, self).clean(value)
|
|
return value.lower()
|
|
|
|
|
|
class AvailableEmailForm(forms.Form):
|
|
# Call it "identity" instead of "email"
|
|
# to avoid some of the dumber bots
|
|
identity = LowercaseEmailField(
|
|
error_messages={"required": "Please enter your email address."}
|
|
)
|
|
|
|
def clean_identity(self):
|
|
v = self.cleaned_data["identity"]
|
|
if len(v) > 254:
|
|
raise forms.ValidationError("Address is too long.")
|
|
|
|
if User.objects.filter(email=v).exists():
|
|
raise forms.ValidationError(
|
|
"An account with this email address already exists."
|
|
)
|
|
|
|
return v
|
|
|
|
|
|
class EmailLoginForm(forms.Form):
|
|
# Call it "identity" instead of "email"
|
|
# to avoid some of the dumber bots
|
|
identity = LowercaseEmailField()
|
|
|
|
def clean_identity(self):
|
|
v = self.cleaned_data["identity"]
|
|
if not TokenBucket.authorize_login_email(v):
|
|
raise forms.ValidationError("Too many attempts, please try later.")
|
|
|
|
try:
|
|
self.user = User.objects.get(email=v)
|
|
except User.DoesNotExist:
|
|
raise forms.ValidationError("Incorrect email address.")
|
|
|
|
return v
|
|
|
|
|
|
class PasswordLoginForm(forms.Form):
|
|
email = LowercaseEmailField()
|
|
password = forms.CharField()
|
|
|
|
def clean(self):
|
|
username = self.cleaned_data.get("email")
|
|
password = self.cleaned_data.get("password")
|
|
|
|
if username and password:
|
|
if not TokenBucket.authorize_login_password(username):
|
|
raise forms.ValidationError("Too many attempts, please try later.")
|
|
|
|
self.user = authenticate(username=username, password=password)
|
|
if self.user is None or not self.user.is_active:
|
|
raise forms.ValidationError("Incorrect email or password.")
|
|
|
|
return self.cleaned_data
|
|
|
|
|
|
class ReportSettingsForm(forms.Form):
|
|
reports_allowed = forms.BooleanField(required=False)
|
|
nag_period = forms.IntegerField(min_value=0, max_value=86400)
|
|
|
|
def clean_nag_period(self):
|
|
seconds = self.cleaned_data["nag_period"]
|
|
|
|
if seconds not in (0, 3600, 86400):
|
|
raise forms.ValidationError("Bad nag_period: %d" % seconds)
|
|
|
|
return td(seconds=seconds)
|
|
|
|
|
|
class SetPasswordForm(forms.Form):
|
|
password = forms.CharField(min_length=8)
|
|
|
|
|
|
class ChangeEmailForm(forms.Form):
|
|
error_css_class = "has-error"
|
|
email = LowercaseEmailField()
|
|
|
|
def clean_email(self):
|
|
v = self.cleaned_data["email"]
|
|
if User.objects.filter(email=v).exists():
|
|
raise forms.ValidationError("%s is already registered" % v)
|
|
|
|
return v
|
|
|
|
|
|
class InviteTeamMemberForm(forms.Form):
|
|
email = LowercaseEmailField(max_length=254)
|
|
rw = forms.BooleanField(required=False)
|
|
|
|
|
|
class RemoveTeamMemberForm(forms.Form):
|
|
email = LowercaseEmailField()
|
|
|
|
|
|
class ProjectNameForm(forms.Form):
|
|
name = forms.CharField(max_length=60, required=True)
|
|
|
|
|
|
class TransferForm(forms.Form):
|
|
email = LowercaseEmailField()
|
|
|
|
|
|
class AddCredentialForm(forms.Form):
|
|
name = forms.CharField(max_length=100)
|
|
client_data_json = forms.CharField(required=True)
|
|
attestation_object = forms.CharField(required=True)
|
|
|
|
def clean_client_data_json(self):
|
|
v = self.cleaned_data["client_data_json"]
|
|
return base64.b64decode(v.encode())
|
|
|
|
def clean_attestation_object(self):
|
|
v = self.cleaned_data["attestation_object"]
|
|
return base64.b64decode(v.encode())
|
|
|
|
|
|
class LoginTfaForm(forms.Form):
|
|
credential_id = forms.CharField(required=True)
|
|
client_data_json = forms.CharField(required=True)
|
|
authenticator_data = forms.CharField(required=True)
|
|
signature = forms.CharField(required=True)
|
|
|
|
def clean_credential_id(self):
|
|
v = self.cleaned_data["credential_id"]
|
|
return base64.b64decode(v.encode())
|
|
|
|
def clean_client_data_json(self):
|
|
v = self.cleaned_data["client_data_json"]
|
|
return base64.b64decode(v.encode())
|
|
|
|
def clean_authenticator_data(self):
|
|
v = self.cleaned_data["authenticator_data"]
|
|
return base64.b64decode(v.encode())
|
|
|
|
def clean_signature(self):
|
|
v = self.cleaned_data["signature"]
|
|
return base64.b64decode(v.encode())
|