Commit Graph

169 Commits

Author SHA1 Message Date
Mateusz Mandera 06c2161f7e auth: Use zxcvbn to ensure password strength on server side.
For a long time, we've been only doing the zxcvbn password strength
checks on the browser, which is helpful, but means users could through
hackery (or a bug in the frontend validation code) manage to set a
too-weak password.  We fix this by running our password strength
validation on the backend as well, using python-zxcvbn.

In theory, a bug in python-zxcvbn could result in it producing a
different opinion than the frontend version; if so, it'd be a pretty
bad bug in the library, and hopefully we'd hear about it from users,
report upstream, and get it fixed that way. Alternatively, we can
switch to shelling out to node like we do for KaTeX.

Fixes #6880.
2019-11-21 10:23:37 -08:00
Anders Kaseorg becef760bf cleanup: Delete leading newlines.
Previous cleanups (mostly the removals of Python __future__ imports)
were done in a way that introduced leading newlines.  Delete leading
newlines from all files, except static/assets/zulip-emoji/NOTICE,
which is a verbatim copy of the Apache 2.0 license.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-08-06 23:29:11 -07:00
Rishi Gupta d84238ce74 ktlo: Contact org admin instead of server admin for wrong subdomain error. (#12543)
Did a quick pass through the codebase; I think this is the only place we
suggest contacting server admin instead of org admin for an issue like this.
2019-06-26 14:09:20 -07:00
Anders Kaseorg 082f23a659 authenticate: Remove default values for required parameters.
It is now the caller’s responsibility to check that realm is not None.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-05-27 23:47:22 -07:00
Anders Kaseorg 9efda71a4b get_realm: raise DoesNotExist instead of returning None.
This makes the implementation of `get_realm` consistent with its
declared return type of `Realm` rather than `Optional[Realm]`.

Fixes #12263.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-05-06 21:58:16 -07:00
Anders Kaseorg 643bd18b9f lint: Fix code that evaded our lint checks for string % non-tuple.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-23 15:21:37 -07:00
Shubham Padia 3c09f226a4 auth: Redirect deactivated users with error for social auth backend.
Fixes #11937.

Also extracts the error message for a deactivated account to
`DEACTIVATED_ACCOUNT_ERROR`.
2019-04-13 19:58:15 -07:00
Anders Kaseorg f0ecb93515 zerver core: Remove unused imports.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2019-02-02 17:41:24 -08:00
Rishi Gupta 0844c9a6ec emails: Update text for password_reset.
Note that a pretty common use case for this is a realm admin sending this to
everyone after an import from HipChat or Slack. So this adds the realm_name
to the title (so that there is something they might recognize) and kept the
wording generic enough to accommodate the user not having clicked anything
to get this email.

Also strengthens the tests a bit to better test the complicated template
logic.
2018-12-20 16:26:19 -08:00
Tim Abbott b2fc017671 i18n: Use the recipient's language when sending outgoing emails.
It appears that our i18n logic was only using the recipient's language
for logged-in emails, so even properly tagged for translation and
translated emails for functions like "Find my team" and "password
reset" were being always sent in English.

With great work by Vishnu Ks on the tests and the to_emails code path.
2018-12-17 09:49:36 -08:00
Tim Abbott e603237010 email: Convert accounts code to use delivery_email.
A key part of this is the new helper, get_user_by_delivery_email.  Its
verbose name is important for clarity; it should help avoid blind
copy-pasting of get_user (which we'll also want to rename).
Unfortunately, it requires detailed understanding of the context to
figure out which one to use; each is used in about half of call sites.

Another important note is that this PR doesn't migrate get_user calls
in the tests except where not doing so would cause the tests to fail.
This probably deserves a follow-up refactor to avoid bugs here.
2018-12-06 16:21:38 -08:00
Vishnu Ks 788b98d041 portico: Add page for redirecting to a realm subdomain. 2018-12-04 09:35:35 -08:00
Raymond Akornor 92dc3637df send_email: Add support for multiple recipients.
This adds a function that sends provided email to all administrators
of a realm, but in a single email. As a result, send_email now takes
arguments to_user_ids and to_emails instead of to_user_id and
to_email.

We adjust other APIs to match, but note that send_future_email does
not yet support the multiple recipients model for good reasons.

Tweaked by tabbott to modify `manage.py deliver_email` to handle
backwards-compatibily for any ScheduledEmail objects already in the
database.

Fixes #10896.
2018-12-03 15:12:11 -08:00
Tim Abbott 69b2315a6e password reset: Deduplicate code for reset URL generation. 2018-08-23 12:06:02 -07:00
Shubham Dhama e70cf3bd67 emails/password_reset: Change text for listing other active accounts.
The main benefit of this change is that it reduces the amount of total
string that we might need to tag for translation.

Fixes: #10323.
2018-08-22 17:49:40 -07:00
Shubham Dhama aa8b3d2beb emails/password_reset: Change template string for deactivated users. 2018-08-22 17:43:23 -07:00
Shubham Dhama 491bd6d2c9 emails/password_reset: Refactor and replace no_account_in_realm.
In place of no_account_in_realm we will use its negation
active_account_in_realm as a part of refactoring this template.
2018-08-22 17:43:23 -07:00
Shubham Dhama 2dec30e4ab forms: Fix accounts listed in password_reset email to active accounts.
Previously we were listing both accounts, active as well as non-active.
Fixes: #10130.
2018-08-04 09:16:19 -07:00
Vishnu Ks 1b179ca530 signup: Prevent users from signing up with email containing +. 2018-06-23 12:03:30 -07:00
Vishnu Ks 994e1a2154 registration: Use tokenized noreply address in password reset. 2018-06-23 12:03:30 -07:00
Tim Abbott 3842404cc0 ldap: Don't allow password reset for users in LDAP domain.
This is the analog of the last commit, for the password reset flow.
For these users, they should be managing/changing their password in
the LDAP server.

The error message for users doing the wrong thing here is nonexistent
isn't great, but it should be a rare situation.
2018-05-28 22:47:47 -07:00
Umair Khan a2d3aea027 2FA: Add two-factor related code.
This commit adds a view which will be used to process login requests,
adds an AuthenticationTokenForm so that we can use TextField widget for
tokens, and activates two factor authentication code path whenever user
tries to login.
2018-05-23 15:46:56 -07:00
Tim Abbott 336ad0fbb1 password reset: Handle deactivated users and realms.
Since this is a logged-out view, need to actually write code for the
case of deactivated realms.

The change to get_active_user is more for clarity; the Django password
reset form already checks for whether the user is active earlier.
2018-05-20 20:02:27 -07:00
Aditya Bansal 993d50f5ab zerver: Change use of typing.Text to str. 2018-05-12 15:22:39 -07:00
Preston Hansen 0258d7db0d slack import: Be less strict in `check_subdomain_available`.
If the sysadmin is doing something explicit in a management command,
it's OK to take a reserved or short subdomain.

Fixes #9166.
2018-04-23 11:48:12 -07:00
Tim Abbott 68f816bba1 forms: Fix missing translation tag for disposable emails. 2018-03-15 14:43:40 -07:00
Vishnu Ks b13150a438 models: Do the check for disposable email in email_allowed_for_realm. 2018-03-15 14:35:24 -07:00
Vishnu Ks 951b88dd30 models: Make email_allowed_for_realm raise exception. 2018-03-15 14:35:24 -07:00
neiljp (Neil Pilgrim) 9e1dbde82d mypy: Final small migrations to python3.5 annotations in many files. 2018-03-12 11:23:30 -07:00
Vishnu Ks a44255eedb emails: Add backend for disallowing disposable email addresses. 2018-03-11 22:05:58 -07:00
Vishnu Ks 1a1bc84d2c subdomain: Check for invalid characters before length.
I think it makes more sense to first tell the user that
the character you are entering is invalid than telling
minimum length requirement is not satisfied.

Fixes #3058.
2018-02-19 10:45:17 -08:00
neiljp (Neil Pilgrim) a88c083aa7 mypy: Annotate user variable in ZulipPasswordResetForm.save.
[greg: moved annotation to avoid a mypy error, from second assignment.]
2018-02-13 11:40:07 -08:00
Umair Khan b19d6e99bf django-2.0: Pass string to reverse.
urlsafe_base64_encode returns bytes. These can safely be converted to
ascii encoding. If we pass bytes to reverse, the match fails.
2018-01-31 12:07:36 -08:00
rht 9a8d2244ca django-2.0: Shift to resolvers from urlresolvers.
The old name is deprecated.
2018-01-30 10:53:54 -08:00
greysome bbe2d91d31 mypy: Use Python 3 type syntax in zerver/forms.py 2017-12-26 08:30:33 -05:00
neiljp (Neil Pilgrim) 73a834990b mypy: Swap order of `user` initialization in ZulipPasswordResetForm.save.
When running with `--strict-optional`, this helps mypy see what's
going on here.

[Fix changed by greg.]
2017-12-23 01:22:22 +09:00
rht a1cc720860 zerver: Use Python 3 syntax for typing.
Tweaked by tabbott to fix some minor whitespace errors.
2017-11-28 16:49:36 -08:00
Tim Abbott e6f460f511 auth: Replace user_email_is_unique validator.
As we migrate to allow reuse of the same email with multiple realms,
we need to replace the old "no email reuse" validators.  Because
stealing the email for a system bot would be problematic, we still ban
doing so.

This commit only affects the realm creation logic, not registering an
account in an existing realm.
2017-11-28 16:23:10 -08:00
Umair Khan 1acdfef13c two_factor: Disable prefix in OurAuthenticationForm.
In two factor authentication every step adds a unique prefix to the fields,
due to this the name of the form fields differs from the HTML fields. If
we do not do this we will have to change the name in the HTML, which
will cause the change in tests.
2017-11-28 15:27:44 -08:00
Vishnu Ks 610eb557b8 backend: Make password reset form support multi realm membership. 2017-11-26 15:35:25 -08:00
Tim Abbott f6e57fd514 forms: Remove unnecessary OurAuthenticationForm logic.
This is checked for in the caller of OurAuthenticationForm, which
meant this code was never run.  But it is worth having an assertion
here to catch any possible regressions.
2017-11-21 20:14:12 -08:00
Tim Abbott 719d6c49df forms: Stop using get_user_profile_by_email in OurAuthenticationForm.
Structurally, the main change here is replacing the `clean_username`
function, which would get called when one accessed
self.cleaned_data['username'] with code in the main `clean` function.

This is important because only in `clean` do we have access to the
`realm` object.

Since I recently added full test coverage on this form, we know each
of the major cases have a test; the error messages are unchanged.
2017-11-21 20:14:12 -08:00
Tim Abbott 3bfb19b5f3 Convert EmailAuthBackend and LDAPAuthBackend to accept a realm. 2017-11-21 18:23:50 -08:00
Rishi Gupta 27babcf92b portico: Update error message for deactivated user.
The installation admin is not the right person to get support requests from
deactivated users, regardless of the situation.

Also updates the wording to be a bit more concise.
2017-11-20 13:40:51 -08:00
Tim Abbott 0667a62244 password reset: Simplify password reset form logic.
Now that we're generating the URL inside the Python code, we can clean
up the context logic.
2017-11-20 10:40:33 -08:00
Vishnu Ks 9c50819dd6 email: Add reset button to password reset email. 2017-11-20 10:35:03 -08:00
Tim Abbott c8edbae21c password reset: Fix error message for invalid realm.
This is a lot cleaner than the previous model.

Basically rewritten by Vishnu Ks to actually work :).
2017-11-20 10:34:55 -08:00
Umair Khan 95ba3e7cbb password_reset: Send email unconditionally.
This was basically rewritten by tabbott, because the code is a lot
cleaner after just rewriting the ZulipPasswordResetForm code to no
longer copy the model of the original Django version.

Fixes #4733.
2017-11-20 10:32:40 -08:00
Tim Abbott cd95c09fca forms: Use an AssertionError for unexpected DNS errors. 2017-11-17 17:25:56 -08:00
rht c4fcff7178 refactor: Replace super(.*self) with Python 3-specific super().
We change all the instances except for the `test_helpers.py`
TimeTrackingCursor monkey-patching, which actually needs to specify
the base class.
2017-10-30 14:30:25 -07:00