chore(passport): add reactive

Author: duanhongyi

rootfs/api/forms.py

@@ -0,0 +1,17 @@
+from django.utils.translation import gettext_lazy as _
+from django.core.exceptions import ValidationError
+from django.contrib.auth.forms import AuthenticationForm as _AuthenticationForm
+
+from api.utils import send_activation_email
+
+
+class AuthenticationForm(_AuthenticationForm):
+
+    def confirm_login_allowed(self, user):
+        if not user.is_active and user.last_login is None:
+            send_activation_email(self.request, user)
+            raise ValidationError(
+                _('The account is not activated, please check the activation email.'),
+                code="inactive",
+            )
+        return super().confirm_login_allowed(user)

rootfs/api/settings/production.py

@@ -105,7 +105,6 @@
     'django.contrib.humanize',
     # Third-party apps
     'corsheaders',
-    'guardian',
     'gunicorn',
     'rest_framework',
     'oauth2_provider',
@@ -117,8 +116,7 @@
 DEFAULT_AUTO_FIELD = "django.db.models.BigAutoField"
 
 AUTHENTICATION_BACKENDS = (
-    "django.contrib.auth.backends.ModelBackend",
-    "guardian.backends.ObjectPermissionBackend",
+    "django.contrib.auth.backends.AllowAllUsersModelBackend",
 )
 
 ANONYMOUS_USER_ID = -1

rootfs/api/templates/user/login.html

@@ -1,5 +1,4 @@
 {% load static %}
-
 <link rel="stylesheet" href="{% static 'css/main.css' %}" type="text/css">
 <head>
     <meta charset="UTF-8">
@@ -13,7 +12,11 @@ <h2 class="h3">Log in to your account</h2>
             <form method="post" action="{% url 'user_login' %}">
                 {% csrf_token %}
                 {% if form.errors %}
-                <div class="alert alert-danger">There was a problem with your login.</div>
+                {% for error in form.non_field_errors %} 
+                <div class="alert alert-danger">
+                    <strong>{{ error|escape }}</strong>
+                </div>
+                {% endfor %}
                 {% endif %}
                 <div class="form-group">
                     <label for="username">{{ form.username.label_tag }}</label>

rootfs/api/utils.py

@@ -5,6 +5,9 @@
 import six
 import datetime
 
+from django.utils.encoding import force_bytes
+from django.template.loader import render_to_string
+from django.utils.http import urlsafe_base64_encode
 from django.contrib.auth.tokens import PasswordResetTokenGenerator
 from django.shortcuts import render
 
@@ -48,6 +51,18 @@ def get_local_host(request):
     return uri[0:uri.find(request.path)]
 
 
+def send_activation_email(request, user):
+    domain = get_local_host(request)
+    mail_subject = 'Activate your account.'
+    message = render_to_string(
+        'user/account_activation_email.html', {
+            'user': user,
+            'domain': domain,
+            'uid': urlsafe_base64_encode(force_bytes(user.pk)),
+            'token': token_generator.make_token(user),
+        })
+    user.email_user(mail_subject, message, fail_silently=True)
+
 if __name__ == "__main__":
     import doctest
 

rootfs/api/views.py

@@ -25,9 +25,10 @@
 from rest_framework.viewsets import ModelViewSet
 
 from api import serializers
+from api.forms import AuthenticationForm
 from api.exceptions import ServiceUnavailable, DryccException
 from api.serializers import RegistrationForm
-from api.utils import token_generator, get_local_host
+from api.utils import token_generator, get_local_host, send_activation_email
 from api.viewset import NormalUserViewSet
 
 User = get_user_model()
@@ -81,19 +82,9 @@ def post(self, request, *args, **kwargs):
         self.object = None
         if form.is_valid():
             user = form.save(commit=False)
-            user.is_staff = False
             user.is_active = False
             user.save()
-            domain = get_local_host(request)
-            mail_subject = 'Activate your account.'
-            message = render_to_string(
-                'user/account_activation_email.html', {
-                    'user': user,
-                    'domain': domain,
-                    'uid': urlsafe_base64_encode(force_bytes(user.pk)),
-                    'token': token_generator.make_token(user),
-                })
-            user.email_user(mail_subject, message, fail_silently=True)
+            send_activation_email(request, user)
             messages.success(request, (
                 'Please Confirm your email to complete registration.'))
             return self.form_valid(form)
@@ -117,7 +108,6 @@ def get(self, request, uidb64, token, *args, **kwargs):
         if user is not None and token_generator.check_token(
                 user, token):
             user.is_active = True
-            user.is_staff = True
             user.save()
             login(request, user, backend='django.contrib.auth.backends.ModelBackend')
             messages.success(request, 'Your account have been confirmed.')
@@ -139,6 +129,7 @@ class ActivateAccountFailView(TemplateView):
 
 
 class UserLoginView(views.LoginView):
+    form_class = AuthenticationForm
     extra_context = {
         "registration_enabled": settings.REGISTRATION_ENABLED,
         "password_reset_enabled": True if settings.EMAIL_HOST else False,

rootfs/requirements.txt

@@ -2,7 +2,6 @@
 django==3.2.5
 django-auth-ldap==3.0.0
 django-cors-headers==3.7.0
-django-guardian==2.4.0
 djangorestframework==3.12.4
 gunicorn==20.1.0
 psycopg2-binary==2.9.1