o "4gj@sddlmZddlmZddlmZmZddlmZddl m Z m Z ddl m Z mZddlmZddlmZmZmZdd lmZdd lmZdd lmZdd lmZmZdd lm Z m!Z!ddl"m#Z#ddl$m%Z%m&Z&ddl#m'Z'ddl(m)Z)m*Z*ddl+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2GdddeZ3e#4Z5GdddZ6Gdddej7Z8Gddde8Z9Gdddej:Z;Gdddej:ZGd$d%d%e>Z?Gd&d'd'ej:Z@Gd(d)d)e@ZAGd*d+d+e6e@ZBGd,d-d-e6e@ZCGd.d/d/ej:ZDGd0d1d1e6ej:ZEGd2d3d3ej:ZFGd4d5d5ej:ZGGd6d7d7ej:ZHGd8d9d9ej:ZIGd:d;d;eIZJGdS)?) import_module)forms)get_user_modelpassword_validation)PasswordResetTokenGenerator) exceptions validators)NoReverseMatchreverse) mark_safe)gettext gettext_lazypgettext)flows)LOGIN_SESSION_KEY)EmailVerificationStage)context ratelimit)get_username_max_lengthset_form_field_order) app_settings)DefaultAccountAdapter get_adapter)AuthenticationMethod) EmailAddressLogin)filter_users_by_emailsetup_user_emailsync_user_email_addressesurl_str_to_user_pk user_emailuser_pk_to_url_str user_usernameceZdZfddZZS)%EmailAwarePasswordResetTokenGeneratorcshtt|||}t|t|}t|r|gng}|tjj |dj ddd|d t |7}|S)NuseremailT)flat|) superr%_make_hash_valuerr!setupdaterobjectsfilter values_listjoinsorted)selfr' timestampretr(emails __class__^/var/www/html/authentication-server/venv/lib/python3.10/site-packages/allauth/account/forms.pyr,!s z6EmailAwarePasswordResetTokenGenerator._make_hash_value)__name__ __module__ __qualname__r, __classcell__r:r:r8r;r% r%cr$)PasswordVerificationMixincsFtt|}|d}|d}|r!|r!||kr!|dtd|S)N password1 password2*You must type the same password each time.)r+rAcleanget add_error_)r4 cleaned_datarBrCr8r:r;rE3s   zPasswordVerificationMixin.clean)r<r=r>rEr?r:r:r8r;rA2r@rAcr$) PasswordFieldcsf|dtj}tj|d|did|d<|dd}|dur&||djd<tt|j |i|dS)N render_value placeholderlabel)rKattrswidget autocomplete) poprPASSWORD_INPUT_RENDER_VALUEr PasswordInputrFrNr+rJ__init__)r4argskwargsrKrPr8r:r;rT=s  zPasswordField.__init__r<r=r>rTr?r:r:r8r;rJ<r@rJcs(eZdZfddZfddZZS)SetPasswordFieldcs4d|d<|dttj|i|d|_dS)N new-passwordrP help_text) setdefaultr"password_validators_help_text_htmlr+rTr'r4rUrVr8r:r;rTLs  zSetPasswordField.__init__cs"t|}tj||jd}|S)Nr&)r+rErclean_passwordr'r4valuer8r:r;rETs zSetPasswordField.clean)r<r=r>rTrEr?r:r:r8r;rXKs rXcspeZdZeedddZejedddZdZ fdd Z d d Z d d Z ddZ fddZdddZZS) LoginFormPasswordcurrent-passwordrMrPz Remember MeF)rMrequiredNcsD|dd|_tt|j|i|tjtjkr-t j t dddd}t j t d|d}n:tjtj krJt jt dd dd}t jt d|td }ntjtjksRJt jt d ddd}t jtd d |d}||jd<t|gdtjdur||jd=ztd}Wn tyYdSwt d}td|d|d|jd_dS)Nrequest Email addressr(rLrPrNEmailrMrOUsernameusername)rMrO max_lengthzUsername or emailz field labelrlogin)ropasswordrememberrqaccount_reset_passwordzForgot your password?z zrp)rQrfr+rarTrAUTHENTICATION_METHODrEMAILr EmailInputrH EmailFieldUSERNAME TextInput CharFieldrUSERNAME_EMAILrfieldsrSESSION_REMEMBERr r r rZ)r4rUrV login_widget login_field reset_url forgot_txtr8r:r;rT`sP         zLoginForm.__init__cCsfi}|jd}tjtjkr||d<ntjtjkr||d<n ||r&||d<||d<|jd|d<|S)z_ Provides the credentials required to authenticate the user for login. ror(rmrp)rIrrsrrtrw_is_login_email)r4 credentialsror:r:r;user_credentialss      zLoginForm.user_credentialscCs|jd}|S)Nro)rIstrip)r4ror:r:r; clean_logins zLoginForm.clean_logincCs0z t|d}W|Stjyd}Y|Sw)NTF)rvalidate_emailrValidationError)r4ror6r:r:r;rs zLoginForm._is_login_emailcstt||jr dS|}t|j}|j|jfi|}|r@t|| dd}t j t j|r7|d||_||_|jStj}|tjjkr\|jd}||rXtjj}ntjj}|d|j)Nr(r'r(too_many_login_attemptsroz%s_password_mismatch)r+rarE_errorsrrrf authenticaterrFrrois_login_rate_limitedrvalidation_error_loginr'rrsrrzrIrrtrwr`)r4radapterr'ro auth_methodr8r:r;rEs(       zLoginForm.cleancCsb|}|j}||_tj|||}tj}|dur|jd}|r)|j tj |S|j d|S)Nrqr) rr redirect_urlrroperform_password_loginrr|rIsession set_expirySESSION_COOKIE_AGE)r4rfrrror6rqr:r:r;ros  zLoginForm.loginN)r<r=r>rJrHrpr BooleanFieldrqr'rTrrrrEror?r:r:r8r;raZs - rac@seZdZddZdS)_DummyCustomSignupFormcCsdS)zL Invoked at signup time to complete the signup of the user. Nr:r4rfr'r:r:r;signupsz_DummyCustomSignupForm.signupN)r<r=r>rr:r:r:r;rs rc CstjstSz tjdd\}}Wntytdtjwzt|}Wnty;}z td||fd}~wwzt ||}Wnt yStd||fwt |ds^td|S) a Currently, we inherit from the custom form, if any. This is all not very elegant, though it serves a purpose: - There are two signup forms: one for local accounts, and one for social accounts - Both share a common base (BaseSignupForm) - Given the above, how to put in a custom signup form? Which form would your custom form derive from, the local or the social one? .rz!%s does not point to a form classz#Error importing form class %s: "%s"Nz(Module "%s" does not define a "%s" classrzLThe custom signup form must offer a `def signup(self, request, user)` method) rSIGNUP_FORM_CLASSrrsplit ValueErrorrImproperlyConfiguredr ImportErrorgetattrAttributeErrorhasattr) fc_module fc_classnamemodefc_classr:r:r;_base_signup_form_classs:       rcseZdZejedejejedddddZ ej ejdeddddd Z fd d Z d d Z ddZddZddZfddZddZddZddZZS)BaseSignupFormrlrmrhri)rM min_lengthrOr(rgtyperLrPrOcs,|dtj}|dtj|_d|_tt|j|i||j d}t |_ |j t |j t|j |jjd<gd}tjrUtjtdtjdtd d d d |j d <|rftd|j d_d|j d_ntd|j d_d|j d_d|j dj_|jrgd}|js|j d=t|t|ddp|dS)Nemail_requiredusername_requiredFrm maxlength)r(email2rmrBrCz Email (again)r(zEmail address confirmationrrLrirkrrjTzEmail (optional))rmr(rrBrC field_order)rQrEMAIL_REQUIREDUSERNAME_REQUIREDraccount_already_existsr+rrTr{rrnrappendMaxLengthValidatorstrrOrNSIGNUP_EMAIL_ENTER_TWICErrvrHrxr rMre is_requiredrr)r4rUrVrusername_fielddefault_field_orderr8r:r;rTsF     zBaseSignupForm.__init__cCs|jd}t|}|S)Nrm)rIrclean_usernamer_r:r:r;rJs  zBaseSignupForm.clean_usernamecCs2|jd}t|}|rtjr||}|S)Nr()rIlowerr clean_emailr UNIQUE_EMAILvalidate_unique_emailr_r:r:r;rSs    zBaseSignupForm.clean_emailcCs|jd}|S)Nr)rIrr_r:r:r; clean_email2ZszBaseSignupForm.clean_email2cCsJt}tj|}|durn|dur|d|dusJd|_||S)NTF email_taken)rr manage_emailassess_unique_emailrrr)r4r`r assessmentr:r:r;r^s    z$BaseSignupForm.validate_unique_emailcsLtt|}tjr$|d}|d}|r$|r$||kr$|dtd|S)Nr(rz'You must type the same email each time.)r+rrErrrFrGrH)r4rIr(rr8r:r;rEls  zBaseSignupForm.cleancCs|||dSr)rrr:r:r; custom_signupuszBaseSignupForm.custom_signupcCsL|jr|jd}tj||}d}tj|jt<||fS| |}d}||fS)zTry and save the user. This can fail in case of a conflict on the email address, in that case we will send an "account already exists" email and return a standard "email verification sent" response. r(N) rrIrrprevent_enumerationrkeyrrsave)r4rfr(respr'r:r:r;try_savexs   zBaseSignupForm.try_savecCsj|jd}|jr t|t}||}|||||||t|||r0t |dg|Sg|S)Nr()r() rIrFrrrnew_user save_userrrr)r4rfr(rr'r:r:r;rs   zBaseSignupForm.save)r<r=r>rryrHrUSERNAME_MIN_LENGTHrxrmrvr(rTrrrrrErrrr?r:r:r8r;rs2  6   rcs4eZdZfddZfddZfddZZS) SignupFormcs|dd|_tt|j|i||js1ttddtd|j d<t j r1ttddd|j d <t |d rtj}|r|j|rd}t}||d}||fSt|S)z override of parent class method that adds additional catching of a potential bot filling out the honeypot field and returns a 'fake' email verification response if honeypot was filled out N)rrrIrrespond_email_verification_sentr+r)r4rfrr'rrr8r:r;rs   zSignupForm.try_savec stt}|}t||jdt||jd|jd}|rIz tj||dWnt j yH}z | d|WYd}~nd}~wwt j rhd|jvrhd|jvrh|jd|jdkrh| dtd|jS)Nrmr(rBr&rCrD)r+rErr#rIrFr!rr^rrrGrrrH)r4User dummy_userrprr8r:r;rEs.    zSignupForm.clean)r<r=r>rTrrEr?r:r:r8r;rs  rcseZdZdfdd ZZS)UserFormNcs ||_tt|j|i|dSr)r'r+rrT)r4r'rUrVr8r:r;rTszUserForm.__init__rrWr:r:r8r;rsrc@sBeZdZejeddejdeddddZdd Zd d Z d S) AddEmailFormrjTr(rgrrirMrerOcsddlm}jd}t}||}t|}fdd|D}fdd|D}|r2|d|r?tj r?tj s?|dt j jsM|d tj|jjjj|jd |S) Nr)signalsr(csg|] }|jjjkr|qSr:pkr'.0ur4r:r; z,AddEmailForm.clean_email..csg|] }|jjjkr|qSr:rrrr:r;rrduplicate_emailrmax_email_addresses)senderr(r')allauth.accountrrIrrrrrrrPREVENT_ENUMERATIONrr/ can_add_emailr'MAX_EMAIL_ADDRESSES _add_emailsendr9)r4rr`ruserson_this_accounton_diff_accountr:rr;rs4    zAddEmailForm.clean_emailcCsbtjrt|j|jdd}|||Stjr#tj||j|jdStjj ||j|jdddS)Nr(rT)confirm) r"EMAIL_VERIFICATION_BY_CODE_ENABLEDrr'rIsend_confirmation CHANGE_EMAILr/ add_new_email add_email)r4rf email_addressr:r:r;rs  zAddEmailForm.saveN) r<r=r>rrvrHrxr(rrr:r:r:r;rs  !rcsXeZdZeedddZeeddZeeddZfddZ d d Z d d Z Z S) ChangePasswordFormzCurrent Passwordrcrd New PasswordrMNew Password (again)c(tt|j|i||j|jd_dSNrB)r+rrTr'r{r]r8r:r;rT/zChangePasswordForm.__init__cCs*|j|jdstd|jdS)N oldpasswordenter_current_password)r'check_passwordrIrFrrrr:r:r;clean_oldpassword3s  z$ChangePasswordForm.clean_oldpasswordcCtj|j|jddSrrpassword_changechange_passwordr'rIrr:r:r;r8zChangePasswordForm.save) r<r=r>rJrHrrXrBrCrTrrr?r:r:r8r;r(s rc@eZdZeeddZeeddZfddZddZ Z S)SetPasswordFormrbrrcrr)r+rrTr'r{r]r8r:r;rT@rzSetPasswordForm.__init__cCr rr rr:r:r;rDr zSetPasswordForm.save r<r=r>rXrHrBrJrCrTrr?r:r:r8r;r<s  rc@sJeZdZejeddejdedddddZdd Zd e fd d Z d S)ResetPasswordFormrjTr(rgrrircCsL|jd}t|}t|ddd|_|js!tjs!td|jdS)Nr(T is_activeprefer_verified unknown_email) rIrrrrrrrr)r4r(r:r:r;rUs     zResetPasswordForm.clean_emailreturnc Ks|jd}|jstj|||St}|dt}|jD]2}||}t |}|d|} | | } || |||d} t j t jkrHt|| d<|||| q|S)Nr(token_generator-)r'password_reset_urluidrrfrm)rIrrrsend_unknown_account_mailrrFdefault_token_generator make_tokenr"get_reset_password_from_key_urlrrsrrtr#send_password_reset_mail) r4rfrVr(rrr'temp_keyrrurlrr:r:r;r]s*       zResetPasswordForm.saveN) r<r=r>rrvrHrxr(rrrr:r:r:r;rHs rcr)ResetPasswordKeyFormrrrcsD|dd|_|dd|_tt|j|i||j|jd_dS)Nr'r rB)rQr'r r+r"rTr{r]r8r:r;rTszResetPasswordKeyForm.__init__cCr r)rpassword_resetreset_passwordr'rIrr:r:r;rr zResetPasswordKeyForm.saverr:r:r8r;r"}s  r"cs<eZdZeZeZdZeZ ddZ fddZ Z S) UserTokenFormNc Cs:t}z t|}|jj|dWSt|jfyYdSw)N)r)rr r/rFr DoesNotExist)r4uidb36rrr:r:r; _get_userszUserTokenForm._get_usercsntt|}|dd}|dd}t}|s|d|||_|jdus0|j |j|s5|d|S)Nr'rinvalid_password_reset) r+r%rErFrrr( reset_userr check_token)r4rIr'rrr8r:r;rEs     zUserTokenForm.clean) r<r=r>rryr'rr*rrr(rEr?r:r:r8r;r%sr%cs4eZdZeedddZfddZddZZS)ReauthenticateFormrbrcrdc"|d|_tj|i|dS)Nr')rQr'r+rTr]r8r:r;rT zReauthenticateForm.__init__cCs,|jd}t|j|std|S)Nrpincorrect_password)rIrFrreauthenticater'r)r4rpr:r:r;r^s  z!ReauthenticateForm.clean_password) r<r=r>rJrHrprTr^r?r:r:r8r;r,s r,c@s2eZdZejejedddddZddZdS) RequestLoginCodeFormrgr(rhrircCsVt}|jd}tjst|ddd}|s|dtjtj d| ds)|d|S)Nr(Trrrequest_login_code)actionrr) rrIrrrrrconsumerrfr)r4rr(rr:r:r;rs    z RequestLoginCodeForm.clean_emailN) r<r=r>rrvrurHr(rr:r:r:r;r1s r1csHeZdZejedejedddddZfddZdd Z Z S) BaseConfirmCodeFormCodez one-time-coderhrirkcr-)Ncode)rQr7r+rTr]r8r:r;rTr.zBaseConfirmCodeForm.__init__cCs.|jd}tjj||jdstd|S)Nr7)actualexpectedincorrect_code)rIrFr login_by_code compare_coder7rr)r4r7r:r:r; clean_codes  zBaseConfirmCodeForm.clean_code) r<r=r>rryrHrxr7rTr=r?r:r:r8r;r5s  r5c@ eZdZdS)ConfirmLoginCodeFormNr<r=r>r:r:r:r;r?r?c@r>) ConfirmEmailVerificationCodeFormNr@r:r:r:r;rBrArBN)L importlibrdjangordjango.contrib.authrrdjango.contrib.auth.tokensr django.corerr django.urlsr r django.utils.safestringr django.utils.translationr r rHrallauth.account.internalr!allauth.account.internal.stagekitrallauth.account.stagesr allauth.corerr allauth.utilsrrrrrrrrmodelsrrutilsrrrr r!r"r#r%PASSWORD_RESET_TOKEN_GENERATORrrAryrJrXFormrarrrrrrrrrr"r%r,r1r5r?rBr:r:r:r;sR        $  x(Q: 5!