o Lfm@sddlZddlZddlZddlmZmZddlmZddlm Z ddl m Z ddl m Z mZmZmZmZddlmZddlmZdd lmZdd lmZdd lmZmZdd lm Z m!Z!dd l"m#Z#ddl$m%Z%ddl&m'Z'ddl(m)Z)ddl*m+Z+ddl,m-Z-ddl.m/Z/ddl0m1Z2ddl3m4Z5ddl6m7Z7ddl8m9Z9m:Z:ddl;mm?Z?m@Z@mAZAddlBm4Z4GdddeCZDdddZEdS) N)quoteurlparse)forms)settings)messages) authenticate get_backendsget_user_modelloginlogout) AbstractUser)validate_password)get_current_site)FieldDoesNotExist) EmailMessageEmailMultiAlternatives) HttpResponseHttpResponseRedirect) resolve_url)TemplateDoesNotExist)render_to_stringreverse)timezone)get_random_string force_str) gettext_lazy) app_settings)signals)AuthenticationMethodEmailVerificationMethod)context ratelimit)build_absolute_urigenerate_unique_usernameimport_attributec @s"eZdZedejdjdedededededed d Zdd d ZddZ ddZ ddZ ddZ ddZ ddZddZddZdddZd d!Zd"d#Zd$d%Zd&d'Zd(d)Zd*d+Zd,d-Zd.d/Zd0d1Zdd2d3Zdd5d6Zdd8d9Zd:d;Zddd?Z @ddAdBZ!ddCdDZ"dEdFZ#dGdHZ$dIdJZ%dKdLZ&dMdNZ'dOdPZ(dQdRZ)dSdTZ*dUdVZ+dWdXZ,dYdZZ-d[d\Z.d]d^Z/d_d`Z0dadbZ1dcddZ2dedfZ3dgdhZ4didjZ5dkdlZ6dmdnZ7dodpZ8dqdrZ9dsdtZ:dudvZ;dwdxZdd}d~Z?d S)DefaultAccountAdapterz4Username can not be used. Please use other username.usernameuniquez0Too many failed login attempts. Try again later.z5A user is already registered with this email address.z"Please type your current password.zIncorrect password.z-Password must be a minimum of {0} characters.z5The email address is not assigned to any user account)username_blacklistedusername_takentoo_many_login_attempts email_takenenter_current_passwordincorrect_passwordpassword_min_length unknown_emailNcCs tj|_dSN)r"requestselfr4r7X/var/www/html/humari/django-venv/lib/python3.10/site-packages/allauth/account/adapter.py__init__As zDefaultAccountAdapter.__init__cC||jd<dSNaccount_verified_emailsession)r6r4emailr7r7r8stash_verified_emailFz*DefaultAccountAdapter.stash_verified_emailcCs|jd}d|jd<|Sr;)r>get)r6r4retr7r7r8unstash_verified_emailIs  z,DefaultAccountAdapter.unstash_verified_emailcCr:N account_userr=r6r4userr7r7r8 stash_userNrAz DefaultAccountAdapter.stash_usercCs|jddSrE)r>popr5r7r7r8 unstash_userQrAz"DefaultAccountAdapter.unstash_usercCs(d}|jd}|r||k}|S)z Checks whether or not the email address is already verified beyond allauth scope, for example, by having accepted an invitation before signing up. Fr<)r>rBlower)r6r4r?rCverified_emailr7r7r8is_email_verifiedTs  z'DefaultAccountAdapter.is_email_verifiedcCsdddlm}|jj|jdj|jd}tj t j k}|j r(|r"dS|r&dSdS|r,dS|r0dSdS)Nr EmailAddressuser_idpkFT) allauth.account.modelsrPobjectsfilterrRexcluderTexistsrAUTHENTICATION_METHODr EMAILprimary)r6 email_addressrP has_otherlogin_by_emailr7r7r8can_delete_email`s&  z&DefaultAccountAdapter.can_delete_emailcCs2tj}|durttj}dj|jd}|t|S)Nz [{name}] )name)rEMAIL_SUBJECT_PREFIXrr"r4formatrar)r6subjectprefixsiter7r7r8format_email_subject}s   z*DefaultAccountAdapter.format_email_subjectcCstjS)z This is a hook that can be overridden to programmatically set the 'from' email address for sending emails )rDEFAULT_FROM_EMAIL)r6r7r7r8get_from_emailsz$DefaultAccountAdapter.get_from_emailc Cst|tr|gn|}td||}d|}||}|}i}t j } | dfD](} zd|| } t| |t dj || <Wq-t yU| dkrS|sSYq-wd|vrst||d|||d} | |vrq| || d| St||| |||d} d| _| S) z Renders an email to `email`. `template_prefix` identifies the email that is to be sent, e.g. "account/email/email_confirmation" z{0}_subject.txt txtz{0}_message.{1}r")headersz text/htmlhtml) isinstancestrrrcjoin splitlinesstriprgrirTEMPLATE_EXTENSIONglobalsr4rrattach_alternativercontent_subtype) r6template_prefixr?r"rltord from_emailbodieshtml_extext template_namemsgr7r7r8 render_mailsD      z!DefaultAccountAdapter.render_mailcCs:|ttdjd}||||||}|dS)Nr")r? current_site)rrtr4updatersend)r6rwr?r"ctxr~r7r7r8 send_mails   zDefaultAccountAdapter.send_mailcC ttjSr3)rrSIGNUP_REDIRECT_URLr5r7r7r8get_signup_redirect_url z-DefaultAccountAdapter.get_signup_redirect_urlcCs>|jjsJttdd}|rtdtt|Stj}t|S)z Returns the default URL to redirect to after logging in. Note that URLs passed explicitly (e.g. by passing along a `next` GET parameter) take precedence over the value returned here. LOGIN_REDIRECT_URLNAMENzSLOGIN_REDIRECT_URLNAME is deprecated, simply use LOGIN_REDIRECT_URL with a URL name) rHis_authenticatedgetattrrwarningswarnDeprecationWarningLOGIN_REDIRECT_URLr)r6r4urlr7r7r8get_login_redirect_urls  z,DefaultAccountAdapter.get_login_redirect_urlcCr)a Returns the URL to redirect to after the user logs out. Note that this method is also invoked if you attempt to log out while no users is logged in. Therefore, request.user is not guaranteed to be an authenticated user. )rrLOGOUT_REDIRECT_URLr5r7r7r8get_logout_redirect_urls z-DefaultAccountAdapter.get_logout_redirect_urlcCs$|jjrtjr tjS||StjS)zK The URL to return to after successful email confirmation. )rHrr-EMAIL_CONFIRMATION_AUTHENTICATED_REDIRECT_URLr)EMAIL_CONFIRMATION_ANONYMOUS_REDIRECT_URLr5r7r7r8#get_email_confirmation_redirect_urls  z9DefaultAccountAdapter.get_email_confirmation_redirect_urlcCstdS)z The URL to redirect to after a successful password change/set. NOTE: Not called during the password reset flow. account_change_passwordrr5r7r7r8 get_password_change_redirect_urlsz6DefaultAccountAdapter.get_password_change_redirect_urlcCsdS)z Checks whether or not the site is open for signups. Next to simply returning True/False you can also intervene the regular flow by raising an ImmediateHttpResponse Tr7r5r7r7r8is_open_for_signupsz(DefaultAccountAdapter.is_open_for_signupcCs t}|S)z3 Instantiates a new User instance. )r rGr7r7r8new_userszDefaultAccountAdapter.new_userc Csdddlm}m}m}||d}||d}||}||} tjr0||| p,||||| dgdSdS)z Fills in a valid username, if required and missing. If the username is already present it is assumed to be valid (unique). r' user_email user_field user_username first_name last_namerHN)utilsrrrrUSER_MODEL_USERNAME_FIELDr%) r6r4rHrrrrrr?r)r7r7r8populate_usernames   z'DefaultAccountAdapter.populate_usernamecCs t||Sr3)r%)r6txtsregexr7r7r8r%rz.DefaultAccountAdapter.generate_unique_usernameTc Csddlm}m}m}|j}|d} |d} |d} |d} ||| ||| | r3||d| | r;||d| d|vrG||dn|||||rW| |S)zd Saves a new `User` instance using information provided in the signup form. r'rrrr?r) password1) rrrr cleaned_datarB set_passwordset_unusable_passwordrsave) r6r4rHformcommitrrrdatarrr?r)r7r7r8 save_users&         zDefaultAccountAdapter.save_userFc CstjD]}||qddtjD}||vr t|jd|sPddlm}|| rPt }tj }|j |jd}|sE|jd}tj||j|dd |S) z Validates the username. You can hook into this if you want to (dynamically) restrict what usernames can be chosen. cSsg|]}|qSr7)rL).0ubr7r7r8 <sz8DefaultAccountAdapter.clean_username..r+r')filter_users_by_usernamer*r,) model_name field_label)params)rUSERNAME_VALIDATORSUSERNAME_BLACKLISTrLrValidationErrorerror_messagesrrrYr r_meta get_fieldrB__name__) r6r)shallow validatorusername_blacklist_lowerr user_modelusername_field error_messager7r7r8clean_username3s4      z$DefaultAccountAdapter.clean_usernamecC|S)z Validates an email value. You can hook into this if you want to (dynamically) restrict what email addresses can be chosen. r7r6r?r7r7r8 clean_emailWsz!DefaultAccountAdapter.clean_emailcCs:tj}|rt||krt|jd|t|||S)z{ Validates a password. You can hook into this if you want to restric the allowed password choices. r1)rPASSWORD_MIN_LENGTHlenrrrrcr )r6passwordrH min_lengthr7r7r8clean_password^s z$DefaultAccountAdapter.clean_passwordcCrr3r7rr7r7r8validate_unique_emailkz+DefaultAccountAdapter.validate_unique_emailcCsndtjvr5z%|dur i}t||tj}|r(t|}tj ||||dWdSWdSt y4YdSwdS)zx Wrapper of `django.contrib.messages.add_message`, that reads the message text from a template. zdjango.contrib.messagesN) extra_tags) rINSTALLED_APPSrr"r4rrrmunescaper add_messager)r6r4levelmessage_templatemessage_contextrescaped_messagemessager7r7r8rns&   z!DefaultAccountAdapter.add_messagecCsi}|j}|r d}||d<|r8|jdkr|rd}nd}nd}|||d<t|dr0||jd|d<|dur@||d <tt ||d d S) NlocationPOSTirrenderutf8rmrapplication/json)status content_type) status_codemethodis_validajax_response_formhasattrrcontentdecoderjsondumps)r6r4response redirect_torrresprr7r7r8 ajax_responses(   z#DefaultAccountAdapter.ajax_responsec Csig|d}|D]3}t|j|t|jdd|jDddd|jjj Did}||d|j <|d  |j q |S) N)fields field_ordererrorscSsg|]}t|qSr7r)rer7r7r8rsz.attrscSsi|] \}}|t|qSr7r)rkvr7r7r8 sz.)labelvalue help_textrwidgetrr) non_field_errorsrrrrrfieldrritems html_nameappend)r6r form_specr field_specr7r7r8rs"  z(DefaultAccountAdapter.ajax_response_formc Csddlm}m} |js|||S|tjkrdS|tjkr2|||s.|r0| ||||ddSdSdS|tjkrJ|||sL| ||||d| ||SdSdS)Nr')has_verified_emailsend_email_confirmation)signupr?) rrr is_activerespond_user_inactiver!NONEOPTIONAL MANDATORYrespond_email_verification_sent) r6r4rHemail_verification signal_kwargsr?r redirect_urlrrr7r7r8 pre_logins       zDefaultAccountAdapter.pre_loginc Csbddlm}t||||d} |duri}tjjd|j|| |d|||tj dd|i| S)Nr')r)r)senderr4rrHzaccount/messages/logged_in.txtrHr7) rrrruser_logged_inr __class__rrSUCCESS) r6r4rHr r r?rr rrr7r7r8 post_logins*  z DefaultAccountAdapter.post_loginc Csddlm}t|ds:ddlm}t}d}|D]}t||r#|}n |s,t|dr,|}qd|j|j j g}||_ t |||||dS)Nr)record_authenticationbackendr'AuthenticationBackendget_user.) allauth.account.reauthenticationrr auth_backendsrrrnrp __module__rrr django_login) r6r4rHrrbackendsrb backend_pathr7r7r8r s     zDefaultAccountAdapter.logincCs t|dSr3) django_logoutr5r7r7r8r  zDefaultAccountAdapter.logoutcCsddlm}ddlm}|jj|jdj|jd }|j dds#dS|j t j d|jd d gd t j rP|jj|jdj|jdD]}|qC||||d S) z@ Marks the email address as confirmed on the db rrO)emit_email_changedrQrSF)r) conditionalverifiedr\) update_fieldsT)rUrPallauth.account.utilsr!rVrWrRrXrTfirst set_verifiedset_as_primaryr CHANGE_EMAILrremove)r6r4r]rPr!from_email_addressinstancer7r7r8 confirm_emails(     z#DefaultAccountAdapter.confirm_emailcCs|||dSr3)rr)r6rHrr7r7r8r's  z"DefaultAccountAdapter.set_passwordc CsRg}t}tjdddg}|D]}z |j|||Wqty&Yqw|S)Nrrr?)r rrrrrr)r6rCUser candidates candidater7r7r8get_user_search_fields+s  z,DefaultAccountAdapter.get_user_search_fieldscCsZddlm}tjhttjB}d|vr't|j }|r|hnd}|||dS|||dS)Nr)url_has_allowed_host_and_scheme*) allowed_hosts) django.utils.httpr2r"r4get_hostsetr ALLOWED_HOSTSrnetloc)r6rr2r4 parsed_host allowed_hostr7r7r8 is_safe_url<s    z!DefaultAccountAdapter.is_safe_urlcCs.tddddd}|dt|}t|j|S)z Method intented to be overriden in case the password reset email needs to point to your frontend/SPA. account_reset_password_from_keyUIDKEY)uidb36key)kwargszUID-KEY)rreplacerr$r4)r6rApathr7r7r8get_reset_password_from_key_urlIs   z5DefaultAccountAdapter.get_reset_password_from_key_urlcCstd|jgd}t||}|S)zConstructs the email confirmation (activation) url. Note that if you have architected your system such that email confirmations are sent outside of the request context `request` can be `None` here. account_confirm_email)args)rrAr$)r6r4emailconfirmationrrCr7r7r8get_email_confirmation_urlWs z0DefaultAccountAdapter.get_email_confirmation_urlcCstj|d|jd}|S)Nr-actionrA)r#consumer?rL)r6r4r]r send_emailr7r7r8should_send_confirmation_mailbs z3DefaultAccountAdapter.should_send_confirmation_mailcCs@ttjtd}ttjtd}tj||d}|d||dS)Naccount_signupaccount_reset_password)r4 signup_urlpassword_reset_urlz$account/email/account_already_exists)r$r"r4rr)r6r?rQrRrr7r7r8 send_account_already_exists_mailjs z6DefaultAccountAdapter.send_account_already_exists_mailcCsB|||}|jj||jd}|rd}nd}|||jj|dS)N)rH activate_urlrAz'account/email/email_confirmation_signupz account/email/email_confirmation)rIr]rHrArr?)r6r4rHrrTremail_templater7r7r8send_confirmation_mailvs z,DefaultAccountAdapter.send_confirmation_mailcC ttdS)Naccount_inactiverrrGr7r7r8rr z+DefaultAccountAdapter.respond_user_inactivecCrW)Naccount_email_verification_sentrYrGr7r7r8rr z5DefaultAccountAdapter.respond_email_verification_sentcKs0t|}|d|dd}dj|j|dS)Nr?r)rz{site}:{login})rfr )rrBrLrcdomain)r6r4 credentialsrfr r7r7r8_get_login_attempts_cache_keysz3DefaultAccountAdapter._get_login_attempts_cache_keycKs&|j|fi|}tj|d|ddS)N login_failedrJ)r]r#clearr6r4r\ cache_keyr7r7r8#_delete_login_attempts_cached_emailsz9DefaultAccountAdapter._delete_login_attempts_cached_emailcKs6|j|fi|}tj|d|dst|jddS)Nr^rJr-)r]r#rLrrrr`r7r7r8pre_authenticatesz&DefaultAccountAdapter.pre_authenticatecKsvddlm}|j|fi||t|fi|}|}|p"|}|r0|j|fi||S|j|fi||S)z8Only authenticates, does not actually login. See `login`rr)allauth.account.auth_backendsrrcunstash_authenticated_userrrbauthentication_failed)r6r4r\rrHalt_userr7r7r8rs z"DefaultAccountAdapter.authenticatecKsdSr3r7)r6r4r\r7r7r8rfrz+DefaultAccountAdapter.authentication_failedc Cstddlm}ddlm}d|i}||}|r||d<|j|}|r&||d<|jtjfi|}|duo9|j |j kS)NrrO)rrr)r?) rUrPr%rrVget_primary_emailrr"r4rT) r6rHrrPrr\r)r? reauth_userr7r7r8reauthenticates   z$DefaultAccountAdapter.reauthenticatecCs,t|jddk|jdk|jddkgS)NHTTP_X_REQUESTED_WITHXMLHttpRequestr HTTP_ACCEPT)anyMETArBrr5r7r7r8is_ajaxs zDefaultAccountAdapter.is_ajaxcCs2|jd}|r|dd}|S|jd}|S)NHTTP_X_FORWARDED_FOR,r REMOTE_ADDR)rorBsplit)r6r4x_forwarded_foripr7r7r8 get_client_ips  z#DefaultAccountAdapter.get_client_ipcCs|jddS)NHTTP_USER_AGENT Unspecified)rorBr5r7r7r8get_http_user_agentrAz)DefaultAccountAdapter.get_http_user_agentcCstd}|S)N@)rrL)r6r?rAr7r7r8generate_emailconfirmation_keys z4DefaultAccountAdapter.generate_emailconfirmation_keycCsg}tjr |d|S)Nz$allauth.mfa.stages.AuthenticateStage)allauth_app_settings MFA_ENABLEDr)r6rCr7r7r8get_login_stagess z&DefaultAccountAdapter.get_login_stagescCsdg}|js|S|r|tdtddtjr0ddlm}||r0|tdtdd|S)zThe order of the methods returned matters. The first method is the default when using the `@reauthentication_required` decorator. zUse your passwordaccount_reauthenticate) descriptionrr)is_mfa_enabledzUse your authenticator appmfa_reauthenticate) rhas_usable_passwordr_rr}r~allauth.mfa.utilsr)r6rHrCrr7r7r8get_reauthentication_methodss$ z2DefaultAccountAdapter.get_reauthentication_methodscCsnddlm}tjs dS|s|j|}|sdSt||j | |j d}|r.| || |||dS)NrrO) timestamprv user_agent) rUrPrEMAIL_NOTIFICATIONSrVrhrnowrwr4rzrr)r6rwrHr"r?rPrr7r7r8send_notification_mails     z,DefaultAccountAdapter.send_notification_mailr3)T)F)Nr)NNN)NN)@rr __qualname__rr rrrr9r@rDrIrKrNr`rgrirrrrrrrrrrr%rrrrrrrrr rr r r-rr1r<rErIrNrSrVrrr]rbrcrrfrjrprwrzr|rrrr7r7r7r8r(/s    (       $   "      r(cCsttj|Sr3)r&rADAPTER)r4r7r7r8 get_adapterrArr3)Frmrr urllib.parserrdjangor django.confrdjango.contribrdjango.contrib.authrrr r rr rdjango.contrib.auth.modelsr 'django.contrib.auth.password_validationr django.contrib.sites.shortcutsrdjango.core.exceptionsrdjango.core.mailrr django.httprrdjango.shortcutsrdjango.templaterdjango.template.loaderr django.urlsr django.utilsrdjango.utils.cryptordjango.utils.encodingrdjango.utils.translationrrallauthrr}allauth.accountrallauth.account.app_settingsr r! allauth.corer"r# allauth.utilsr$r%r&robjectr(rr7r7r7r8sF                  \