2015-04-03 00:52:45 +08:00
|
|
|
"""
|
|
|
|
This module allows importing AbstractBaseUser even when django.contrib.auth is
|
|
|
|
not in INSTALLED_APPS.
|
|
|
|
"""
|
2016-04-23 03:17:42 +08:00
|
|
|
import unicodedata
|
|
|
|
|
2015-07-07 06:12:26 +08:00
|
|
|
from django.contrib.auth import password_validation
|
2015-04-03 00:52:45 +08:00
|
|
|
from django.contrib.auth.hashers import (
|
|
|
|
check_password, is_password_usable, make_password,
|
|
|
|
)
|
|
|
|
from django.db import models
|
|
|
|
from django.utils.crypto import get_random_string, salted_hmac
|
2017-01-27 03:58:33 +08:00
|
|
|
from django.utils.translation import gettext_lazy as _
|
2015-04-03 00:52:45 +08:00
|
|
|
|
|
|
|
|
|
|
|
class BaseUserManager(models.Manager):
|
|
|
|
|
|
|
|
@classmethod
|
|
|
|
def normalize_email(cls, email):
|
|
|
|
"""
|
2016-02-11 19:14:06 +08:00
|
|
|
Normalize the email address by lowercasing the domain part of it.
|
2015-04-03 00:52:45 +08:00
|
|
|
"""
|
|
|
|
email = email or ''
|
|
|
|
try:
|
|
|
|
email_name, domain_part = email.strip().rsplit('@', 1)
|
|
|
|
except ValueError:
|
|
|
|
pass
|
|
|
|
else:
|
2017-05-21 05:16:36 +08:00
|
|
|
email = email_name + '@' + domain_part.lower()
|
2015-04-03 00:52:45 +08:00
|
|
|
return email
|
|
|
|
|
|
|
|
def make_random_password(self, length=10,
|
|
|
|
allowed_chars='abcdefghjkmnpqrstuvwxyz'
|
|
|
|
'ABCDEFGHJKLMNPQRSTUVWXYZ'
|
|
|
|
'23456789'):
|
|
|
|
"""
|
|
|
|
Generate a random password with the given length and given
|
|
|
|
allowed_chars. The default value of allowed_chars does not have "I" or
|
|
|
|
"O" or letters and digits that look similar -- just to avoid confusion.
|
|
|
|
"""
|
|
|
|
return get_random_string(length, allowed_chars)
|
|
|
|
|
|
|
|
def get_by_natural_key(self, username):
|
|
|
|
return self.get(**{self.model.USERNAME_FIELD: username})
|
|
|
|
|
|
|
|
|
|
|
|
class AbstractBaseUser(models.Model):
|
|
|
|
password = models.CharField(_('password'), max_length=128)
|
|
|
|
last_login = models.DateTimeField(_('last login'), blank=True, null=True)
|
|
|
|
|
|
|
|
is_active = True
|
|
|
|
|
|
|
|
REQUIRED_FIELDS = []
|
|
|
|
|
2017-09-07 20:10:49 +08:00
|
|
|
# Stores the raw password if set_password() is called so that it can
|
|
|
|
# be passed to password_changed() after the model is saved.
|
|
|
|
_password = None
|
|
|
|
|
2015-04-03 00:52:45 +08:00
|
|
|
class Meta:
|
|
|
|
abstract = True
|
|
|
|
|
|
|
|
def get_username(self):
|
|
|
|
"Return the identifying username for this User"
|
|
|
|
return getattr(self, self.USERNAME_FIELD)
|
|
|
|
|
|
|
|
def __str__(self):
|
|
|
|
return self.get_username()
|
|
|
|
|
2016-06-21 21:06:34 +08:00
|
|
|
def clean(self):
|
|
|
|
setattr(self, self.USERNAME_FIELD, self.normalize_username(self.get_username()))
|
|
|
|
|
2015-07-07 06:12:26 +08:00
|
|
|
def save(self, *args, **kwargs):
|
2017-01-21 21:13:44 +08:00
|
|
|
super().save(*args, **kwargs)
|
2015-07-07 06:12:26 +08:00
|
|
|
if self._password is not None:
|
|
|
|
password_validation.password_changed(self._password, self)
|
|
|
|
self._password = None
|
|
|
|
|
2015-04-03 00:52:45 +08:00
|
|
|
def natural_key(self):
|
|
|
|
return (self.get_username(),)
|
|
|
|
|
2016-04-02 19:18:26 +08:00
|
|
|
@property
|
2015-04-03 00:52:45 +08:00
|
|
|
def is_anonymous(self):
|
|
|
|
"""
|
|
|
|
Always return False. This is a way of comparing User objects to
|
|
|
|
anonymous users.
|
|
|
|
"""
|
2017-01-01 00:46:40 +08:00
|
|
|
return False
|
2015-04-03 00:52:45 +08:00
|
|
|
|
2016-04-02 19:18:26 +08:00
|
|
|
@property
|
2015-04-03 00:52:45 +08:00
|
|
|
def is_authenticated(self):
|
|
|
|
"""
|
|
|
|
Always return True. This is a way to tell if the user has been
|
|
|
|
authenticated in templates.
|
|
|
|
"""
|
2017-01-01 00:46:40 +08:00
|
|
|
return True
|
2015-04-03 00:52:45 +08:00
|
|
|
|
|
|
|
def set_password(self, raw_password):
|
|
|
|
self.password = make_password(raw_password)
|
2015-07-07 06:12:26 +08:00
|
|
|
self._password = raw_password
|
2015-04-03 00:52:45 +08:00
|
|
|
|
|
|
|
def check_password(self, raw_password):
|
|
|
|
"""
|
|
|
|
Return a boolean of whether the raw_password was correct. Handles
|
|
|
|
hashing formats behind the scenes.
|
|
|
|
"""
|
|
|
|
def setter(raw_password):
|
|
|
|
self.set_password(raw_password)
|
2015-07-07 06:12:26 +08:00
|
|
|
# Password hash upgrades shouldn't be considered password changes.
|
|
|
|
self._password = None
|
2015-04-03 00:52:45 +08:00
|
|
|
self.save(update_fields=["password"])
|
|
|
|
return check_password(raw_password, self.password, setter)
|
|
|
|
|
|
|
|
def set_unusable_password(self):
|
|
|
|
# Set a value that will never be a valid hash
|
|
|
|
self.password = make_password(None)
|
|
|
|
|
|
|
|
def has_usable_password(self):
|
|
|
|
return is_password_usable(self.password)
|
|
|
|
|
|
|
|
def get_session_auth_hash(self):
|
|
|
|
"""
|
|
|
|
Return an HMAC of the password field.
|
|
|
|
"""
|
|
|
|
key_salt = "django.contrib.auth.models.AbstractBaseUser.get_session_auth_hash"
|
|
|
|
return salted_hmac(key_salt, self.password).hexdigest()
|
2016-06-21 21:06:34 +08:00
|
|
|
|
2016-09-19 20:55:18 +08:00
|
|
|
@classmethod
|
|
|
|
def get_email_field_name(cls):
|
|
|
|
try:
|
|
|
|
return cls.EMAIL_FIELD
|
|
|
|
except AttributeError:
|
|
|
|
return 'email'
|
|
|
|
|
2016-06-21 21:06:34 +08:00
|
|
|
@classmethod
|
|
|
|
def normalize_username(cls, username):
|
2017-03-04 22:47:49 +08:00
|
|
|
return unicodedata.normalize('NFKC', username) if username else username
|