intranet.apps.auth package¶

Subpackages¶

intranet.apps.auth.management package
- Subpackages
  - intranet.apps.auth.management.commands package
- Module contents

Submodules¶

intranet.apps.auth.apps module¶

class intranet.apps.auth.apps.AuthConfig(app_name, app_module)[source]¶

Bases: AppConfig

label = 'intranet_auth'¶

name = 'intranet.apps.auth'¶

intranet.apps.auth.backends module¶

class intranet.apps.auth.backends.KerberosAuthenticationBackend[source]¶

Bases: object

Authenticate using Kerberos.

This is the default authentication backend.

authenticate(request, username=None, password=None)[source]¶

Authenticate a username-password pair.

Creates a new user if one is not already in the database.

Parameters:

username – The username of the User to authenticate.
password – The password of the User to authenticate.

Returns:

User

static get_kerberos_ticket(username, password)[source]¶

Attempts to create a Kerberos ticket for a user.

Parameters:

username – The username.
password – The password.

Returns:

Boolean indicating success or failure of ticket creation

get_user(user_id)[source]¶

Returns a user, given his or her user id. Required for a custom authentication backend. :param user_id: The user id of the user to fetch.

Returns:: User or None

static kinit_timeout_handle(username, realm)[source]¶: Check if the user exists before we throw an error.

static try_single_kinit(*, username: str, realm: str, password: str, krb5ccname: str, timeout: Union[int, float]) → KerberosAuthenticationResult[source]¶

class intranet.apps.auth.backends.KerberosAuthenticationResult(value)[source]¶

Bases: Enum

An enumeration.

EXPIRED = -1¶

FAILURE = 0¶

SUCCESS = 1¶

class intranet.apps.auth.backends.MasterPasswordAuthenticationBackend[source]¶

Bases: object

Authenticate as any user against a master password whose hash is in secret.py.

authenticate(request, username=None, password=None)[source]¶

Authenticate a username-password pair.

Creates a new user if one is not already in the database.

Parameters:

username – The username of the User to authenticate.
password – The master password.

Returns:

User

get_user(user_id)[source]¶

Returns a user, given his or her user id. Required for a custom authentication backend. :param user_id: The user id of the user to fetch.

Returns:: User or None

intranet.apps.auth.decorators module¶

Decorators that restrict views to certain types of users.

intranet.apps.auth.decorators.admin_required(group)[source]¶

Decorator that requires the user to be in a certain admin group.

For example, @admin_required(“polls”) would check whether a user is in the “admin_polls” group or in the “admin_all” group.

intranet.apps.auth.decorators.announcements_admin_required(view_func)¶: Restrict the wrapped view to announcements admins

intranet.apps.auth.decorators.attendance_taker_required(view_func)¶: Restrict the wrapped view to users who can take attendance

intranet.apps.auth.decorators.board_admin_required(view_func)¶: Restrict the wrapped view to board admins

intranet.apps.auth.decorators.deny_restricted(wrapped)[source]¶

intranet.apps.auth.decorators.eighth_admin_required(view_func)¶: Restrict the wrapped view to eighth admins

intranet.apps.auth.decorators.events_admin_required(view_func)¶: Restrict the wrapped view to events admins

intranet.apps.auth.decorators.reauthentication_required(wrapped)[source]¶

intranet.apps.auth.forms module¶

class intranet.apps.auth.forms.AuthenticateForm(request=None, *args, **kwargs)[source]¶

Bases: AuthenticationForm

Implements a login form.

username¶: The username text field.

password¶: The password text field.

declared_fields = {'password': <django.forms.fields.CharField object>, 'trust_device': <django.forms.fields.BooleanField object>, 'username': <django.forms.fields.CharField object>}¶

is_valid()[source]¶: Validates the username and password in the form.

intranet.apps.auth.helpers module¶

intranet.apps.auth.helpers.change_password(form_data)[source]¶

intranet.apps.auth.rest_permissions module¶

class intranet.apps.auth.rest_permissions.ApiAndOauthPermission[source]¶

Bases: BasePermission

has_permission(request, view) → bool[source]¶

class intranet.apps.auth.rest_permissions.DenyRestrictedPermission[source]¶

Bases: BasePermission

has_permission(request, view) → bool[source]¶

intranet.apps.auth.signals module¶

intranet.apps.auth.signals.user_login(sender, request, **kwargs)[source]¶

intranet.apps.auth.signals.user_logout(sender, request, **kwargs)[source]¶

intranet.apps.auth.tests module¶

class intranet.apps.auth.tests.GrantAdminTest(methodName='runTest')[source]¶

Bases: IonTestCase

Tests granting admin to an user.

test_grant_admin()[source]¶: Tests giving an valid user admin_all.

class intranet.apps.auth.tests.LoginViewTest(methodName='runTest')[source]¶

Bases: IonTestCase

Tests of the login page (but not actually auth)

static create_block_by_signup_datetime(signup_datetime, **kwargs)[source]¶

does_login_redirect_to(url)[source]¶

login_student()[source]¶

test_authentication()[source]¶

test_eighth_login_redirect()[source]¶

test_login()[source]¶: Just test Kerberos login, but not really because Kerberos isn’t accessible from here…

test_login_page()[source]¶

test_logout_view()[source]¶

test_reauthentication_view()[source]¶

test_reset_password_view()[source]¶

intranet.apps.auth.urls module¶

intranet.apps.auth.views module¶

class intranet.apps.auth.views.LoginView(**kwargs)[source]¶

Bases: View

get(request)[source]¶: Redirect to the login page.

post(request)[source]¶: Validate and process the login POST request.

intranet.apps.auth.views.about_view(request)[source]¶: Show an about page with credits.

intranet.apps.auth.views.do_logout(request)[source]¶: Logout.

intranet.apps.auth.views.get_bg_pattern(request)[source]¶

Choose a background pattern image.

One will be selected at random.

intranet.apps.auth.views.get_week_sports_school_events() → Tuple[Container[Event], Container[Event]][source]¶

Lists the sports/school events for the next week. This information is cached.

Returns:: A 2-tuple of (sports events, school events) for the next week.

intranet.apps.auth.views.index_view(request, auth_form=None, force_login=False, added_context=None, has_next_page=False)[source]¶: Process and show the main login page or dashboard if logged in.

intranet.apps.auth.views.log_auth(request, success)[source]¶

intranet.apps.auth.views.logout_view(request)[source]¶: Clear the Kerberos cache and logout.

intranet.apps.auth.views.reauthentication_view(request)[source]¶

intranet.apps.auth.views.reset_password_view(request)[source]¶

intranet.apps.auth package¶

Subpackages¶

Submodules¶

intranet.apps.auth.apps module¶

intranet.apps.auth.backends module¶

intranet.apps.auth.decorators module¶

intranet.apps.auth.forms module¶

intranet.apps.auth.helpers module¶

intranet.apps.auth.rest_permissions module¶

intranet.apps.auth.signals module¶

intranet.apps.auth.tests module¶

intranet.apps.auth.urls module¶

intranet.apps.auth.views module¶

Module contents¶