Tivix/django-rest-auth
1
1
Fork 0
mirror of https://github.com/Tivix/django-rest-auth.git synced 2025-07-22 05:29:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Merge 1fc84ce03e into aa677d51c0

Browse Source
This commit is contained in:
rubengrill 2016-12-21 22:25:36 +00:00 committed by GitHub
commit ed335590fd
4 changed files with 105 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
rest_auth/locale/de/LC_MESSAGES/django.mo
View File

Binary file not shown.

44
rest_auth/locale/de/LC_MESSAGES/django.po
View File

@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
"POT-Creation-Date: 2016-02-02 14:11+0100\n"
"POT-Creation-Date: 2016-10-14 10:21+0200\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
@ -18,82 +18,78 @@ msgstr ""
"Content-Transfer-Encoding: 8bit\n"
"Plural-Forms: nplurals=2; plural=(n != 1);\n"
#: registration/serializers.py:54
#: registration/serializers.py:52
msgid "View is not defined, pass it as a context variable"
msgstr "\"View\" ist nicht definiert, übergib es als Contextvariable"
#: registration/serializers.py:59
#: registration/serializers.py:57
msgid "Define adapter_class in view"
msgstr "Definier \"adapter_class\" in view"
#: registration/serializers.py:78
#: registration/serializers.py:76
msgid "Define callback_url in view"
msgstr "Definier \"callback_url\" in view"
#: registration/serializers.py:82
#: registration/serializers.py:80
msgid "Define client_class in view"
msgstr "Definier \"client_class\" in view"
#: registration/serializers.py:102
#: registration/serializers.py:100
msgid "Incorrect input. access_token or code is required."
msgstr "Falsche Eingabe. \"access_token\" oder \"code\" erforderlich."
#: registration/serializers.py:111
#: registration/serializers.py:109
msgid "Incorrect value"
msgstr "Falscher Wert."
#: registration/serializers.py:140
#: registration/serializers.py:138
msgid "A user is already registered with this e-mail address."
msgstr "Ein User mit dieser E-Mail Adresse ist schon registriert."
#: registration/serializers.py:148
#: registration/serializers.py:146
msgid "The two password fields didn't match."
msgstr "Die beiden Passwörter sind nicht identisch."
#: registration/views.py:64
#: registration/views.py:79
msgid "ok"
msgstr "Ok"
#: serializers.py:29
#: serializers.py:30
msgid "Must include \"email\" and \"password\"."
msgstr "Muss \"email\" und \"password\" enthalten."
#: serializers.py:40
#: serializers.py:41
msgid "Must include \"username\" and \"password\"."
msgstr "Muss \"username\" und \"password\" enthalten."
#: serializers.py:53
#: serializers.py:54
msgid "Must include either \"username\" or \"email\" and \"password\"."
msgstr "Muss entweder \"username\" oder \"email\" und password \"password\""
#: serializers.py:94
#: serializers.py:95
msgid "User account is disabled."
msgstr "Der Useraccount ist deaktiviert."
#: serializers.py:97
#: serializers.py:98
msgid "Unable to log in with provided credentials."
msgstr "Kann nicht mit den angegeben Zugangsdaten anmelden."
#: serializers.py:106
#: serializers.py:105
msgid "E-mail is not verified."
msgstr "E-Mail Adresse ist nicht verifiziert."
#: serializers.py:152
msgid "Error"
msgstr "Fehler"
#: views.py:71
#: views.py:120
msgid "Successfully logged out."
msgstr "Erfolgreich ausgeloggt."
#: views.py:111
#: views.py:161
msgid "Password reset e-mail has been sent."
msgstr "Die E-Mail zum Zurücksetzen des Passwortes wurde verschickt."
#: views.py:132
#: views.py:182
msgid "Password has been reset with the new password."
msgstr "Das Passwort wurde mit dem neuen Passwort ersetzt."
#: views.py:150
#: views.py:200
msgid "New password has been saved."
msgstr "Das neue Passwort wurde gespeichert."

15
rest_auth/serializers.py
View File

@ -2,6 +2,7 @@ from django.contrib.auth import get_user_model, authenticate
from django.conf import settings
from django.contrib.auth.forms import PasswordResetForm, SetPasswordForm
from django.contrib.auth.tokens import default_token_generator
from django.core.exceptions import ObjectDoesNotExist
from django.utils.http import urlsafe_base64_decode as uid_decoder
from django.utils.translation import ugettext_lazy as _
from django.utils.encoding import force_text
@ -101,10 +102,22 @@ class LoginSerializer(serializers.Serializer):
# If required, is the email verified?
if 'rest_auth.registration' in settings.INSTALLED_APPS:
from allauth.account import app_settings
email_not_verified_msg = _('E-mail is not verified.')
if app_settings.EMAIL_VERIFICATION == app_settings.EmailVerificationMethod.MANDATORY:
# The authenticated user must not strictly be an instance of AUTH_USER_MODEL,
# depending on used authentication backends
if not hasattr(user, 'emailaddress_set'):
raise serializers.ValidationError(email_not_verified_msg)
try:
email_address = user.emailaddress_set.get(email=user.email)
except ObjectDoesNotExist:
raise serializers.ValidationError(email_not_verified_msg)
if not email_address.verified:
raise serializers.ValidationError(_('E-mail is not verified.'))
raise serializers.ValidationError(email_not_verified_msg)
attrs['user'] = user
return attrs

70
rest_auth/tests/test_api.py
View File

@ -10,6 +10,21 @@ from allauth.account import app_settings as account_app_settings
from .test_base import BaseAPITestCase
class CustomUser(object):
"""
User without `emailaddress_set`.
Should not be able to login via API.
"""
is_active = True
class CustomUserAuthenticationBackend(object):
def authenticate(self, *args, **kwargs):
return CustomUser()
@override_settings(ROOT_URLCONF="tests.urls")
class APITestCase1(TestCase, BaseAPITestCase):
"""
@ -468,6 +483,61 @@ class APITestCase1(TestCase, BaseAPITestCase):
self._login()
self._logout()
@override_settings(
ACCOUNT_EMAIL_VERIFICATION='mandatory',
ACCOUNT_EMAIL_REQUIRED=True,
ACCOUNT_EMAIL_CONFIRMATION_HMAC=False
)
def test_registration_with_email_verification_but_missing_email_address(self):
"""
Possible if user was created without using the register API, e.g. in admin backend.
"""
UserModel = get_user_model()
user = UserModel(username=self.USERNAME)
user.set_password(self.PASS)
user.save()
payload = {
"username": self.USERNAME,
"password": self.PASS,
}
response = self.post(
self.login_url,
data=payload,
status=status.HTTP_400_BAD_REQUEST
)
# Check against localized message to be sure that the user could not login because of an unverified email
self.assertEqual(response.data['non_field_errors'], ['E-mail is not verified.'])
@override_settings(
ACCOUNT_EMAIL_VERIFICATION='mandatory',
ACCOUNT_EMAIL_REQUIRED=True,
ACCOUNT_EMAIL_CONFIRMATION_HMAC=False,
AUTHENTICATION_BACKENDS=['rest_auth.tests.test_api.CustomUserAuthenticationBackend', 'django.contrib.auth.backends.ModelBackend']
)
def test_registration_with_email_verification_and_custom_authentication_backend(self):
"""
Authenticated user must not strictly be of type AUTH_USER_MODEL.
Thus, it is possible that there is also not an email address associated to the user.
"""
payload = {
"username": self.USERNAME,
"password": self.PASS,
}
response = self.post(
self.login_url,
data=payload,
status=status.HTTP_400_BAD_REQUEST
)
# Check against localized message to be sure that the user could not login because of an unverified email
self.assertEqual(response.data['non_field_errors'], ['E-mail is not verified.'])
@override_settings(ACCOUNT_LOGOUT_ON_GET=True)
def test_logout_on_get(self):
payload = {