Merge pull request #21 from anuket-project/iol-dev

11/19/2024 Deploy

Author: jfchoquette

src/account/middleware.py

@@ -10,9 +10,11 @@
 
 from django.utils import timezone
 from django.utils.deprecation import MiddlewareMixin
+from django.shortcuts import render
 
 from account.models import UserProfile
 
+from laas_dashboard.settings import SITE_CONTACT
 
 class TimezoneMiddleware(MiddlewareMixin):
     """
@@ -33,3 +35,12 @@ def process_request(self, request):
                 timezone.activate(tz)
         else:
             timezone.deactivate()
+
+class ActiveUserMiddleware(MiddlewareMixin):
+    def process_request(self, request):
+        if request.user.is_authenticated and not request.user.is_active and request.path != "/oidc/logout/":
+            return render(request, "account/account_disabled.html", {
+                "contact_email": SITE_CONTACT
+            })
+
+        return self.get_response(request)

src/account/views.py

@@ -23,7 +23,7 @@
 from django.shortcuts import render
 from booking.lib import attempt_end_booking
 from mozilla_django_oidc.auth import OIDCAuthenticationBackend
-from laas_dashboard.settings import PROJECT, AUTH_SETTING
+from laas_dashboard.settings import PROJECT, AUTH_SETTING, SITE_CONTACT
 
 from account.models import UserProfile
 from booking.models import Booking
@@ -119,6 +119,9 @@ def update_user(self, user, claims):
         up.save()
         return user
 
+    def user_can_authenticate(self, user):
+        return True
+
 
 class OIDCLoginView(RedirectView):
     def get_redirect_url(self, *args, **kwargs):
@@ -253,6 +256,7 @@ def account_dev_login_view(request):
             username = request.POST['username']
             password = request.POST['password']
         user = authenticate(username=username, password=password)
+
         if user is not None:
             django_login(request, user)
             template_dash = "dashboard/landing.html"

src/laas_dashboard/settings.py

@@ -46,15 +46,16 @@
 ]
 
 MIDDLEWARE = [
-    'django.middleware.security.SecurityMiddleware',
+    "django.middleware.security.SecurityMiddleware",
     "whitenoise.middleware.WhiteNoiseMiddleware",
-    'django.contrib.sessions.middleware.SessionMiddleware',
-    'django.middleware.common.CommonMiddleware',
-    'django.middleware.csrf.CsrfViewMiddleware',
-    'django.contrib.auth.middleware.AuthenticationMiddleware',
-    'django.contrib.messages.middleware.MessageMiddleware',
-    'django.middleware.clickjacking.XFrameOptionsMiddleware',
-    'account.middleware.TimezoneMiddleware',
+    "django.contrib.sessions.middleware.SessionMiddleware",
+    "django.middleware.common.CommonMiddleware",
+    "django.middleware.csrf.CsrfViewMiddleware",
+    "django.contrib.auth.middleware.AuthenticationMiddleware",
+    "account.middleware.ActiveUserMiddleware",
+    "django.contrib.messages.middleware.MessageMiddleware",
+    "django.middleware.clickjacking.XFrameOptionsMiddleware",
+    "account.middleware.TimezoneMiddleware"
 ]
 
 STORAGES = {
@@ -67,7 +68,7 @@
 }
 
 # AUTHENTICATION_BACKENDS = ['django.contrib.auth.backends.ModelBackend', 'account.views.MyOIDCAB']
-AUTHENTICATION_BACKENDS = ['django.contrib.auth.backends.ModelBackend']
+AUTHENTICATION_BACKENDS = ['django.contrib.auth.backends.AllowAllUsersModelBackend']
 
 AUTH_SETTING = os.environ.get('AUTH_SETTING')
 

src/templates/base/account/account_disabled.html

@@ -0,0 +1,13 @@
+{% extends "base.html" %}
+
+{% load static %}
+{% load bootstrap4 %}
+
+{% block content %}
+<h1>Disabled Account</h1>
+
+<p>
+    Your account has been disabled. Please contact the administrator at <a href="mailto:{{contact_email}}">{{contact_email}}</a> and log out.
+</p>
+
+{% endblock content %}

src/templates/base/account/dev_login.html

@@ -1,6 +1,6 @@
 {% extends "base.html" %}
 
-{% load staticfiles %}
+{% load static %}
 {% load bootstrap4 %}
 
 {% block content %}