django-cryptolock/django_cryptolock/views.py

# -*- coding: utf-8 -*-
from django.utils.translation import gettext_lazy as _
from django.contrib.auth.views import LoginView
from django.contrib.auth import get_user_model
from django.views.generic import FormView
from django.forms.utils import ErrorList
from django.conf import settings

from monerorpc.authproxy import JSONRPCException

from .forms import SimpleSignUpForm, SimpleLoginForm
from .utils import verify_monero_signature, verify_bitcoin_signature
from .models import Address, Challenge


class CryptoLockLoginView(LoginView):
    template_name = "django_cryptolock/login.html"
    form_class = SimpleLoginForm

    def form_valid(self, form):
        response = super().form_valid(form)
        challenge = form.cleaned_data["challenge"]
        Challenge.objects.invalidate(challenge)
        Challenge.objects.clean_expired()
        return response


class CryptoLockSignUpView(FormView):
    template_name = "django_cryptolock/signup.html"
    form_class = SimpleSignUpForm

    def get_form(self, form_class=None):
        return self.form_class(request=self.request, **self.get_form_kwargs())

    def form_valid(self, form):
        try:
            valid_sig = self.verify_signature(form)
        except JSONRPCException:
            form._errors["__all__"] = ErrorList(
                [_("Error connecting to Monero daemon")]
            )
            return self.form_invalid(form)

        username = form.cleaned_data["username"]
        address = form.cleaned_data["address"]
        challenge = form.cleaned_data["challenge"]

        if valid_sig:
            user = get_user_model().objects.create(username=username)
            user.address_set.create(address=address, network=form.network)
            Challenge.objects.invalidate(challenge)
            return super().form_valid(form)
        else:
            form._errors["signature"] = ErrorList([_("Invalid signature")])
            return self.form_invalid(form)

    def get_success_url(self):
        return settings.LOGIN_REDIRECT_URL

    def verify_signature(self, form):
        address = form.cleaned_data["address"]
        challenge = form.cleaned_data["challenge"]
        signature = form.cleaned_data["signature"]
        bitcoin = form.network == Address.NETWORK_BITCOIN
        monero = form.network == Address.NETWORK_MONERO
        valid_sig = False

        if bitcoin:
            valid_sig = verify_bitcoin_signature(
                address, challenge, signature, request=self.request
            )
        elif monero:
            valid_sig = verify_monero_signature(address, challenge, signature)

        return valid_sig
Initial commit. Cookiecutter based project structure 2019-09-24 19:02:54 +02:00			`# -- coding: utf-8 --`
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00			`from django.utils.translation import gettext_lazy as _`
add views to the example project 2019-11-17 23:27:40 +01:00			`from django.contrib.auth.views import LoginView`
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00			`from django.contrib.auth import get_user_model`
add views to the example project 2019-11-17 23:27:40 +01:00			`from django.views.generic import FormView`
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00			`from django.forms.utils import ErrorList`
			`from django.conf import settings`
Initial commit. Cookiecutter based project structure 2019-09-24 19:02:54 +02:00
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00			`from monerorpc.authproxy import JSONRPCException`

			`from .forms import SimpleSignUpForm, SimpleLoginForm`
first working prototype of bitid 2020-03-10 16:00:11 +01:00			`from .utils import verify_monero_signature, verify_bitcoin_signature`
current active challenges are now stored on the database 2020-05-12 17:53:23 +02:00			`from .models import Address, Challenge`
add views to the example project 2019-11-17 23:27:40 +01:00

first working prototype of bitid 2020-03-10 16:00:11 +01:00			`class CryptoLockLoginView(LoginView):`
Add urls.py and move default template location to cryptolock folder 2019-11-30 22:46:54 +01:00			`template_name = "django_cryptolock/login.html"`
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00			`form_class = SimpleLoginForm`
add views to the example project 2019-11-17 23:27:40 +01:00
current active challenges are now stored on the database 2020-05-12 17:53:23 +02:00			`def form_valid(self, form):`
			`response = super().form_valid(form)`
			`challenge = form.cleaned_data["challenge"]`
			`Challenge.objects.invalidate(challenge)`
			`Challenge.objects.clean_expired()`
			`return response`

add views to the example project 2019-11-17 23:27:40 +01:00
first working prototype of bitid 2020-03-10 16:00:11 +01:00			`class CryptoLockSignUpView(FormView):`
Add urls.py and move default template location to cryptolock folder 2019-11-30 22:46:54 +01:00			`template_name = "django_cryptolock/signup.html"`
add missing files to the example app 2019-11-25 14:23:55 +01:00			`form_class = SimpleSignUpForm`
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00
			`def get_form(self, form_class=None):`
			`return self.form_class(request=self.request, **self.get_form_kwargs())`

			`def form_valid(self, form):`
			`try:`
validate the address first on signup 2020-03-31 14:59:07 +02:00			`valid_sig = self.verify_signature(form)`
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00			`except JSONRPCException:`
validate the address first on signup 2020-03-31 14:59:07 +02:00			`form._errors["__all__"] = ErrorList(`
			`[_("Error connecting to Monero daemon")]`
			`)`
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00			`return self.form_invalid(form)`

first working prototype of bitid 2020-03-10 16:00:11 +01:00			`username = form.cleaned_data["username"]`
			`address = form.cleaned_data["address"]`
current active challenges are now stored on the database 2020-05-12 17:53:23 +02:00			`challenge = form.cleaned_data["challenge"]`
first working prototype of bitid 2020-03-10 16:00:11 +01:00
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00			`if valid_sig:`
			`user = get_user_model().objects.create(username=username)`
validate the address first on signup 2020-03-31 14:59:07 +02:00			`user.address_set.create(address=address, network=form.network)`
current active challenges are now stored on the database 2020-05-12 17:53:23 +02:00			`Challenge.objects.invalidate(challenge)`
added simple monero auth views and forms 2019-11-25 18:08:43 +01:00			`return super().form_valid(form)`
			`else:`
			`form._errors["signature"] = ErrorList([_("Invalid signature")])`
			`return self.form_invalid(form)`

			`def get_success_url(self):`
			`return settings.LOGIN_REDIRECT_URL`
first working prototype of bitid 2020-03-10 16:00:11 +01:00
			`def verify_signature(self, form):`
			`address = form.cleaned_data["address"]`
			`challenge = form.cleaned_data["challenge"]`
			`signature = form.cleaned_data["signature"]`
validate the address first on signup 2020-03-31 14:59:07 +02:00			`bitcoin = form.network == Address.NETWORK_BITCOIN`
			`monero = form.network == Address.NETWORK_MONERO`
first working prototype of bitid 2020-03-10 16:00:11 +01:00			`valid_sig = False`

validate the address first on signup 2020-03-31 14:59:07 +02:00			`if bitcoin:`
first working prototype of bitid 2020-03-10 16:00:11 +01:00			`valid_sig = verify_bitcoin_signature(`
			`address, challenge, signature, request=self.request`
			`)`
validate the address first on signup 2020-03-31 14:59:07 +02:00			`elif monero:`
first working prototype of bitid 2020-03-10 16:00:11 +01:00			`valid_sig = verify_monero_signature(address, challenge, signature)`

validate the address first on signup 2020-03-31 14:59:07 +02:00			`return valid_sig`