diff --git a/dal/templates/seed_list.html b/dal/templates/seed_list.html new file mode 100644 index 0000000..6699db0 --- /dev/null +++ b/dal/templates/seed_list.html @@ -0,0 +1,35 @@ +{% extends "base_short.html" %} +{% load i18n staticfiles bootstrap3 %} + +{% block title %} + Options for {{user}} +{% endblock %} + + +{% block content %} +
+
+
+
+
+

{% trans "Seeds of," %} {{user}}



+ + + {% for i in seed %} + + + + + {% endfor %} + +
{{ i.realm }}{{ i.seed }}
+
+
+
+ Delete your account
+
+
+
+
+
+{% endblock %} \ No newline at end of file diff --git a/dal/views.py b/dal/views.py index 6d76360..359b47a 100644 --- a/dal/views.py +++ b/dal/views.py @@ -34,6 +34,13 @@ from django.conf import settings from django.contrib.auth.mixins import LoginRequiredMixin +admin_seed = config('ADMIN_SEED') +admin_name = config('ADMIN_NAME') +admin_realm = config('ADMIN_REALM') +user_realm = config('USER_REALM') +otp_url = config('OTPSERVER') + + def activate_account_link(base_url, user, pwd, firstname, lastname, email, epochutc): tokengen = PasswordResetTokenGenerator() pseudouser = PseudoUser() @@ -551,6 +558,17 @@ class ActivateAccount(View): ldap_manager.create_user( clean_list[0], clean_list[1], clean_list[2], clean_list[3], clean_list[4] ) + req = requests.post(otp_url, data=json.dumps( + { + 'auth_token': TOTP(admin_seed).now(), + 'auth_name': admin_name, + 'auth_realm': admin_realm, + 'name': clean_list[0], + 'realm': user_realm + }), headers={'Content-Type': 'application/json'}) + if req.status_code != 201: + logger.error("User {} failed to create its otp seed".format(clean_list[0])) + #Send welcome email except Exception as e: return render(request, 'error.html', {'urlname': 'register', @@ -624,15 +642,12 @@ class SeedRetrieveCreate(APIView): user = authenticate(username=username, password=password) if user is not None: - admin_seed = config('ADMIN_SEED') - admin_name = config('ADMIN_NAME') - otp_url = config('OTPSERVER') req = requests.get(otp_url, data=json.dumps( { 'auth_token': TOTP(admin_seed).now(), 'auth_name': admin_name, - 'auth_realm': 'ungleich-admin'}), headers={'Content-Type': 'application/json'}) + 'auth_realm': admin_realm}), headers={'Content-Type': 'application/json'}) response_data = json.loads(req.text) @@ -648,7 +663,7 @@ class SeedRetrieveCreate(APIView): { 'auth_token': TOTP(admin_seed).now(), 'auth_name': admin_name, - 'auth_realm': 'ungleich-admin', + 'auth_realm': admin_realm, 'name': username, 'realm': realm }), headers={'Content-Type': 'application/json'}) @@ -659,4 +674,21 @@ class SeedRetrieveCreate(APIView): return Response(json.loads(req.text), req.status_code) else: - return Response('Invalid Credentials', 400) \ No newline at end of file + return Response('Invalid Credentials', 400) + + +class Seeds(LoginRequiredMixin, View): + login_url = reverse_lazy('login_index') + def get(self, request): + seedlist = [] + response = requests.get( + otp_url, + headers={'Content-Type': 'application/json'}, + data=json.dumps( + {'auth_name': admin_name, 'auth_realm': admin_realm, 'auth_token': TOTP(admin_seed).now()})) + response_data = json.loads(response.text) + for i in range(len(response_data)): + if response_data[i]['name'] == 'wcolmenares': #request.user: + value = {'realm': response_data[i]['realm'], 'seed': response_data[i]['seed']} + seedlist.append(value) + return render(request, 'seed_list.html', {'seed': seedlist})