Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# (c) 2018-2020
2# MPIB <https://www.mpib-berlin.mpg.de/>,
3# MPI-CBS <https://www.cbs.mpg.de/>,
4# MPIP <http://www.psych.mpg.de/>
5#
6# This file is part of Castellum.
7#
8# Castellum is free software; you can redistribute it and/or modify it
9# under the terms of the GNU Affero General Public License as published
10# by the Free Software Foundation; either version 3 of the License, or
11# (at your option) any later version.
12#
13# Castellum is distributed in the hope that it will be useful, but
14# WITHOUT ANY WARRANTY; without even the implied warranty of
15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16# Affero General Public License for more details.
17#
18# You should have received a copy of the GNU Affero General Public
19# License along with Castellum. If not, see
20# <http://www.gnu.org/licenses/>.
22from django.conf import settings
23from django.contrib.auth.forms import AuthenticationForm as BaseAuthenticationForm
24from django.contrib.auth.forms import UserCreationForm
26from .models import User
29class UserCreationAdminForm(UserCreationForm):
30 class Meta(UserCreationForm.Meta):
31 model = User
33 def __init__(self, *args, **kwargs):
34 super().__init__(*args, **kwargs)
35 self.fields['password1'].required = False
36 self.fields['password2'].required = False
38 def save(self, commit=True):
39 if not self.cleaned_data["password1"]:
40 self.cleaned_data["password1"] = None
41 return super().save(commit=commit)
44class AuthenticationForm(BaseAuthenticationForm):
45 """Block demo users in production setups.
47 We want demo users in dev and demo setups. But in production they
48 are a major security issue.
50 Creating demo users is already blocked in production. As an
51 additional safeguard, we block login with the demo password in case
52 ``settings.PRODUCTION`` was set after the user had already been
53 created.
54 """
56 def clean(self):
57 cleaned_data = super().clean()
58 password = cleaned_data['password']
59 if settings.PRODUCTION and password == User.DEMO_PASSWORD:
60 raise self.get_invalid_login_error()
61 return cleaned_data