tanner/spaceport
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Remove old member registration

Browse Source
This commit is contained in:
Tanner Collin
2021-11-15 05:57:18 +00:00
parent fc70bbca00
commit 04fa121fe9
5 changed files with 23 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
apiserver/apiserver/api/serializers.py
View File

@@ -563,7 +563,6 @@ class UserSerializer(serializers.ModelSerializer):
class MyRegisterSerializer(RegisterSerializer):
first_name = serializers.CharField(max_length=32)
last_name = serializers.CharField(max_length=32)
existing_member = serializers.ChoiceField(['true', 'false'])
request_id = serializers.CharField(required=False)
def validate_username(self, username):
@@ -578,13 +577,7 @@ class MyRegisterSerializer(RegisterSerializer):
def custom_signup(self, request, user):
data = request.data
if secrets.REGISTRATION_BYPASS:
bypass_code = data.get('bypass_code', None)
allow_bypass = secrets.REGISTRATION_BYPASS == bypass_code
else:
allow_bypass = False
if not allow_bypass and not utils.is_request_from_protospace(request):
if not utils.is_request_from_protospace(request):
logger.info('Request not from protospace')
user.delete()
raise ValidationError(dict(non_field_errors='Can only register from Protospace.'))

72
apiserver/apiserver/api/utils.py
View File

@@ -20,6 +20,7 @@ from django.core.cache import cache
from django.utils.timezone import now, pytz
from . import models, serializers, utils_ldap, utils_stats, utils_auth, utils
from .. import settings
STATIC_FOLDER = 'data/static/'
@@ -280,71 +281,14 @@ clean = Cleaner(tags=ALLOWED_TAGS).clean
def is_request_from_protospace(request):
whitelist = ['24.66.110.96', '205.233.15.76', '205.233.15.69']
if settings.DEBUG:
return True
# set (not appended) directly by nginx so we can trust it
real_ip = request.META.get('HTTP_X_REAL_IP', False)
return real_ip in whitelist
def link_old_member(data, user):
'''
If a member claims they have an account on the old protospace portal,
go through and link their objects to their new user using the member_id
found with their email as a hint
Since this runs AFTER registration, we need to delete the user on any
failures or else the username will be taken when they try again
'''
try:
member = models.Member.objects.get(old_email__iexact=data['email'])
except models.Member.DoesNotExist:
msg = 'Unable to find email in old portal. Try a different one or ask a director to look up which one you used.'
logger.info(msg)
raise ValidationError(dict(email=msg))
except models.Member.MultipleObjectsReturned:
msg = 'Duplicate emails found. Talk to Tanner.'
logger.info(msg)
raise ValidationError(dict(email=msg))
if member.user:
msg = 'Old member already claimed.'
logger.info(msg)
raise ValidationError(dict(email=msg))
if utils_ldap.is_configured():
if data['request_id']: utils_stats.set_progress(data['request_id'], 'Finding LDAP account...')
result = utils_ldap.find_user(user.username)
if result == 200:
if utils_ldap.set_password(data) != 200:
msg = 'Problem connecting to LDAP server: set.'
alert_tanner(msg)
logger.info(msg)
raise ValidationError(dict(non_field_errors=msg))
elif result == 404:
if utils_ldap.create_user(data) != 200:
msg = 'Problem connecting to LDAP server: create.'
alert_tanner(msg)
logger.info(msg)
raise ValidationError(dict(non_field_errors=msg))
else:
msg = 'Problem connecting to LDAP server: find.'
alert_tanner(msg)
logger.info(msg)
raise ValidationError(dict(non_field_errors=msg))
if data['request_id']: utils_stats.set_progress(data['request_id'], 'Linking old member data...')
member.user = user
member.first_name = data['first_name'].title()
member.last_name = data['last_name'].title()
member.preferred_name = data['first_name'].title()
member.save()
models.Transaction.objects.filter(member_id=member.id).update(user=user)
models.Card.objects.filter(member_id=member.id).update(user=user)
models.Training.objects.filter(member_id=member.id).update(user=user)
def create_new_member(data, user):
members = models.Member.objects
if members.filter(old_email__iexact=data['email']).exists():
@@ -384,12 +328,8 @@ def create_new_member(data, user):
def register_user(data, user):
try:
if data['existing_member'] == 'true':
logger.info('Linking old member...')
link_old_member(data, user)
else:
logger.info('Creating new member...')
create_new_member(data, user)
logger.info('Creating new member...')
create_new_member(data, user)
except:
user.delete()
raise

7
apiserver/apiserver/secrets.py.example
View File

@@ -12,13 +12,6 @@ ADMIN_RANDOM = ''
# head /dev/urandom | base32 | head -c 16
IPN_RANDOM = ''
# Registration bypass code
# Allows people to register outside of protospace
# Set this to random characters
# For example, use the output of this:
# head /dev/urandom | base32 | head -c 16
REGISTRATION_BYPASS = ''
# Django secret key
# Set this to random characters
# For example, use the output of this: