Authentication

This package contains views related to login, logout and password reset functionality as well as 2FA authentication:

• Webauthn
  • Webauthn Assert View
    • WebAuthnAssertView
      • WebAuthnAssertView.__init__()
      • WebAuthnAssertView.as_view()
      • WebAuthnAssertView.dispatch()
      • WebAuthnAssertView.get()
      • WebAuthnAssertView.http_method_names
      • WebAuthnAssertView.http_method_not_allowed()
      • WebAuthnAssertView.options()
      • WebAuthnAssertView.setup()
      • WebAuthnAssertView.view_is_async
  • Webauthn Login View
    • WebAuthnLoginView
      • WebAuthnLoginView.__init__()
      • WebAuthnLoginView.as_view()
      • WebAuthnLoginView.authentication_form
      • WebAuthnLoginView.content_type
      • WebAuthnLoginView.dispatch()
      • WebAuthnLoginView.extra_context
      • WebAuthnLoginView.form_class
      • WebAuthnLoginView.form_invalid()
      • WebAuthnLoginView.form_valid()
      • WebAuthnLoginView.get()
      • WebAuthnLoginView.get_context_data()
      • WebAuthnLoginView.get_default_redirect_url()
      • WebAuthnLoginView.get_form()
      • WebAuthnLoginView.get_form_class()
      • WebAuthnLoginView.get_form_kwargs()
      • WebAuthnLoginView.get_initial()
      • WebAuthnLoginView.get_prefix()
      • WebAuthnLoginView.get_redirect_url()
      • WebAuthnLoginView.get_success_url()
      • WebAuthnLoginView.get_success_url_allowed_hosts()
      • WebAuthnLoginView.get_template_names()
      • WebAuthnLoginView.http_method_names
      • WebAuthnLoginView.http_method_not_allowed()
      • WebAuthnLoginView.initial
      • WebAuthnLoginView.next_page
      • WebAuthnLoginView.options()
      • WebAuthnLoginView.post()
      • WebAuthnLoginView.prefix
      • WebAuthnLoginView.put()
      • WebAuthnLoginView.redirect_authenticated_user
      • WebAuthnLoginView.redirect_field_name
      • WebAuthnLoginView.render_to_response()
      • WebAuthnLoginView.response_class
      • WebAuthnLoginView.setup()
      • WebAuthnLoginView.success_url
      • WebAuthnLoginView.success_url_allowed_hosts
      • WebAuthnLoginView.template_engine
      • WebAuthnLoginView.template_name
      • WebAuthnLoginView.view_is_async
  • Webauthn Verify View
    • WebAuthnVerifyView
      • WebAuthnVerifyView.__init__()
      • WebAuthnVerifyView.as_view()
      • WebAuthnVerifyView.dispatch()
      • WebAuthnVerifyView.http_method_names
      • WebAuthnVerifyView.http_method_not_allowed()
      • WebAuthnVerifyView.options()
      • WebAuthnVerifyView.post()
      • WebAuthnVerifyView.setup()
      • WebAuthnVerifyView.view_is_async

Account Activation View

class integreat_cms.cms.views.authentication.account_activation_view.AccountActivationView(**kwargs)

Bases: PasswordResetConfirmView

View to set a new password and activate and account.

__init__(**kwargs)

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)

Main entry point for a request-response process.

content_type = None

dispatch(*args: Any, **kwargs: Any) → HttpResponse

The view part of the view. Handles all HTTP methods equally.

Parameters:

• *args (Any) – The supplied arguments

• **kwargs (Any) – The supplied keyword arguments

Returns:

The rendered template response or a redirection to the login page

Return type:

HttpResponse

extra_context = None

form_class

alias of SetPasswordForm

form_invalid(form)

If the form is invalid, render the invalid form.

form_valid(form: SetPasswordForm) → HttpResponse

If the form is valid, show a success message.

Parameters:

form (SetPasswordForm) – The supplied form

Returns:

A redirection to the success_url

Return type:

HttpResponse

get(request, *args, **kwargs)

Handle GET requests: instantiate a blank version of the form.

get_context_data(**kwargs)

Insert the form into the context dict.

get_form(form_class=None)

Return an instance of the form to be used in this view.

get_form_class()

Return the form class to use.

get_form_kwargs()

Return the keyword arguments for instantiating the form.

get_initial()

Return the initial data to use for forms on this view.

get_prefix()

Return the prefix to use for forms.

get_success_url()

Return the URL to redirect to after processing a valid form.

get_template_names()

Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.

get_user(uidb64)

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace']

http_method_not_allowed(request, *args, **kwargs)

initial = {}

options(request, *args, **kwargs)

Handle responding to requests for the OPTIONS HTTP verb.

post(request, *args, **kwargs)

Handle POST requests: instantiate a form instance with the passed POST variables and then check if it’s valid.

post_reset_login = False

post_reset_login_backend = None

prefix = None

put(*args, **kwargs)

render_to_response(context, **response_kwargs)

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

reset_url_token = 'set-password'

response_class

alias of TemplateResponse

setup(request, *args, **kwargs)

Initialize attributes shared by all view methods.

success_url = '/login/'

If the password was successfully reset, redirect to the login

template_engine = None

template_name = 'authentication/account_activation_form.html'

The template which should be rendered

title = 'Enter new password'

token_generator = <integreat_cms.cms.utils.account_activation_token_generator.AccountActivationTokenGenerator object>

The generator for activation tokens (use AccountActivationTokenGenerator instead of the default one to make sure password reset tokens are not accepted for account activation and vice versa)

view_is_async = False

Login View

class integreat_cms.cms.views.authentication.login_view.LoginView(**kwargs)

Bases: LoginView

View to extend the default login behavior from LoginView with multi-factor-authentication.

__init__(**kwargs)

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)

Main entry point for a request-response process.

authentication_form = None

content_type = None

dispatch(request, *args, **kwargs)

extra_context = None

form_class

alias of AuthenticationForm

form_invalid(form)

If the form is invalid, render the invalid form.

form_valid(form: AuthenticationForm) → HttpResponseRedirect

This function overwrites form_valid() which is called if the login form is valid. In case the user has mfa-keys configured, the login is delegated to WebAuthnLoginView. Else, the default method login() is used to log the user in. After that, the user is redirected to LOGIN_REDIRECT_URL.

Parameters:

form (AuthenticationForm) – User login form

Returns:

Redirect user to mfa login view or to LOGIN_REDIRECT_URL

Return type:

HttpResponseRedirect

get(request, *args, **kwargs)

Handle GET requests: instantiate a blank version of the form.

get_context_data(**kwargs)

Insert the form into the context dict.

get_default_redirect_url()

Return the default redirect URL.

get_form(form_class=None)

Return an instance of the form to be used in this view.

get_form_class()

Return the form class to use.

get_form_kwargs()

Return the keyword arguments for instantiating the form.

get_initial()

Return the initial data to use for forms on this view.

get_prefix()

Return the prefix to use for forms.

get_redirect_url()

Return the user-originating redirect URL if it’s safe.

get_success_url()

Return the URL to redirect to after processing a valid form.

get_success_url_allowed_hosts()

get_template_names()

Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace']

http_method_not_allowed(request, *args, **kwargs)

initial = {}

next_page = None

options(request, *args, **kwargs)

Handle responding to requests for the OPTIONS HTTP verb.

post(request, *args, **kwargs)

Handle POST requests: instantiate a form instance with the passed POST variables and then check if it’s valid.

prefix = None

put(*args, **kwargs)

redirect_authenticated_user = True

A boolean that controls whether or not authenticated users accessing the login page will be redirected as if they had just successfully logged in.

redirect_field_name = 'next'

render_to_response(context, **response_kwargs)

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

response_class

alias of TemplateResponse

setup(request, *args, **kwargs)

Initialize attributes shared by all view methods.

success_url = None

success_url_allowed_hosts = {}

template_engine = None

template_name = 'authentication/login.html'

The template to render (see TemplateResponseMixin)

view_is_async = False

Logout View

class integreat_cms.cms.views.authentication.logout_view.LogoutView(**kwargs)

Bases: LogoutView

View to log off a user

__init__(**kwargs)

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)

Main entry point for a request-response process.

content_type = None

dispatch(request: HttpRequest, *args: Any, **kwargs: Any) → HttpResponse

This function sends message, if logout was successful

Parameters:

• request (HttpRequest) – The current request

• *args (Any) – The supplied arguments

• **kwargs (Any) – The supplied keyword arguments

Returns:

passes form to dispatch function

Return type:

HttpResponse

extra_context = None

get(request, *args, **kwargs)

Logout may be done via POST.

get_context_data(**kwargs)

get_default_redirect_url()

Return the default redirect URL.

get_redirect_url()

Return the user-originating redirect URL if it’s safe.

get_success_url()

get_success_url_allowed_hosts()

get_template_names()

Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.

http_method_names = ['get', 'head', 'post', 'options']

http_method_not_allowed(request, *args, **kwargs)

next_page = None

options(request, *args, **kwargs)

Handle responding to requests for the OPTIONS HTTP verb.

post(request, *args, **kwargs)

Logout may be done via POST.

redirect_field_name = 'next'

render_to_response(context, **response_kwargs)

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

response_class

alias of TemplateResponse

setup(request, *args, **kwargs)

Initialize attributes shared by all view methods.

success_url_allowed_hosts = {}

template_engine = None

template_name = 'registration/logged_out.html'

view_is_async = False

Password Reset Confirm View

class integreat_cms.cms.views.authentication.password_reset_confirm_view.PasswordResetConfirmView(**kwargs)

Bases: PasswordResetConfirmView

View to confirm that the password should be reset

__init__(**kwargs)

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)

Main entry point for a request-response process.

content_type = None

dispatch(*args: Any, **kwargs: Any) → HttpResponse

The view part of the view. Handles all HTTP methods equally.

Parameters:

• *args (Any) – The supplied arguments

• **kwargs (Any) – The supplied keyword arguments

Returns:

The rendered template response or a redirection to the password reset page

Return type:

HttpResponse

extra_context = None

form_class

alias of SetPasswordForm

form_invalid(form)

If the form is invalid, render the invalid form.

form_valid(form: SetPasswordForm) → HttpResponse

If the form is valid, show a success message.

Parameters:

form (SetPasswordForm) – The supplied form

Returns:

form validation

Return type:

HttpResponse

get(request, *args, **kwargs)

Handle GET requests: instantiate a blank version of the form.

get_context_data(**kwargs)

Insert the form into the context dict.

get_form(form_class=None)

Return an instance of the form to be used in this view.

get_form_class()

Return the form class to use.

get_form_kwargs()

Return the keyword arguments for instantiating the form.

get_initial()

Return the initial data to use for forms on this view.

get_prefix()

Return the prefix to use for forms.

get_success_url()

Return the URL to redirect to after processing a valid form.

get_template_names()

Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.

get_user(uidb64)

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace']

http_method_not_allowed(request, *args, **kwargs)

initial = {}

options(request, *args, **kwargs)

Handle responding to requests for the OPTIONS HTTP verb.

post(request, *args, **kwargs)

Handle POST requests: instantiate a form instance with the passed POST variables and then check if it’s valid.

post_reset_login = False

post_reset_login_backend = None

prefix = None

put(*args, **kwargs)

render_to_response(context, **response_kwargs)

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

reset_url_token = 'set-password'

response_class

alias of TemplateResponse

setup(request, *args, **kwargs)

Initialize attributes shared by all view methods.

success_url = '/login/'

If the password was successfully reset, redirect to the login

template_engine = None

template_name = 'authentication/password_reset_confirm.html'

The template which should be rendered

title = 'Enter new password'

token_generator = <django.contrib.auth.tokens.PasswordResetTokenGenerator object>

view_is_async = False

Password Reset View

class integreat_cms.cms.views.authentication.password_reset_view.PasswordResetView(**kwargs)

Bases: PasswordResetView

View to extend the default login behaviour from LoginView with multi-factor-authentication.

__init__(**kwargs)

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)

Main entry point for a request-response process.

content_type = None

dispatch(*args: HttpRequest, **kwargs: Any) → HttpResponseRedirect | TemplateResponse

The view part of the view. Handles all HTTP methods equally.

Parameters:

• *args (HttpRequest) – The supplied arguments

• **kwargs (Any) – The supplied keyword arguments

Returns:

The rendered template response or a redirection

Return type:

HttpResponseRedirect | TemplateResponse

email_template_name = 'emails/password_reset_email.txt'

The full name of a template to use for generating the email with the reset password link.

extra_context = None

extra_email_context = None

form_class

The form for the password reset

Form fields:

• email: Email (EmailField)

alias of CustomPasswordResetForm

form_invalid(form)

If the form is invalid, render the invalid form.

form_valid(form: CustomPasswordResetForm) → HttpResponseRedirect

This function validates the form and sends a message depending if the function was executed successfully

Parameters:

form (CustomPasswordResetForm) – The supplied form

Returns:

passes form to form validation

Return type:

HttpResponseRedirect

from_email = None

get(request, *args, **kwargs)

Handle GET requests: instantiate a blank version of the form.

get_context_data(**kwargs)

Insert the form into the context dict.

get_form(form_class=None)

Return an instance of the form to be used in this view.

get_form_class()

Return the form class to use.

get_form_kwargs()

Return the keyword arguments for instantiating the form.

get_initial()

Return the initial data to use for forms on this view.

get_prefix()

Return the prefix to use for forms.

get_success_url()

Return the URL to redirect to after processing a valid form.

get_template_names()

Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.

html_email_template_name = 'emails/password_reset_email.html'

The full name of a template to use for generating the html email with the reset password link.

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace']

http_method_not_allowed(request, *args, **kwargs)

initial = {}

options(request, *args, **kwargs)

Handle responding to requests for the OPTIONS HTTP verb.

post(request, *args, **kwargs)

Handle POST requests: instantiate a form instance with the passed POST variables and then check if it’s valid.

prefix = None

put(*args, **kwargs)

render_to_response(context, **response_kwargs)

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

response_class

alias of TemplateResponse

setup(request, *args, **kwargs)

Initialize attributes shared by all view methods.

subject_template_name = 'registration/password_reset_subject.txt'

success_url = '/reset-password/'

If the password reset process was successfully initialized, stay on the password reset page

template_engine = None

template_name = 'authentication/password_reset_form.html'

The template which should be rendered

title = 'Password reset'

token_generator = <django.contrib.auth.tokens.PasswordResetTokenGenerator object>

view_is_async = False

Passwordless Login View

class integreat_cms.cms.views.authentication.passwordless_login_view.PasswordlessLoginView(**kwargs)

Bases: LoginView

View to extend the default login behavior from LoginView with multi-factor-authentication.

__init__(**kwargs)

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)

Main entry point for a request-response process.

authentication_form = None

content_type = None

dispatch(request, *args, **kwargs)

extra_context = None

form_class

The form class for the passwordless login

Form fields:

• username: Username (UsernameField)

alias of PasswordlessAuthenticationForm

form_invalid(form)

If the form is invalid, render the invalid form.

form_valid(form: PasswordlessAuthenticationForm) → HttpResponseRedirect

This function overwrites form_valid() which is called if the login form is valid. In case the user has mfa-keys configured, the login is delegated to WebAuthnLoginView or TOTPLoginView. Else, the default method login() is used to log the user in. After that, the user is redirected to LOGIN_REDIRECT_URL.

Parameters:

form (PasswordlessAuthenticationForm) – User login form

Returns:

Redirect user to mfa login view or to LOGIN_REDIRECT_URL

Return type:

HttpResponseRedirect

get(request, *args, **kwargs)

Handle GET requests: instantiate a blank version of the form.

get_context_data(**kwargs)

Insert the form into the context dict.

get_default_redirect_url()

Return the default redirect URL.

get_form(form_class=None)

Return an instance of the form to be used in this view.

get_form_class()

Return the form class to use.

get_form_kwargs()

Return the keyword arguments for instantiating the form.

get_initial()

Return the initial data to use for forms on this view.

get_prefix()

Return the prefix to use for forms.

get_redirect_url()

Return the user-originating redirect URL if it’s safe.

get_success_url()

Return the URL to redirect to after processing a valid form.

get_success_url_allowed_hosts()

get_template_names()

Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace']

http_method_not_allowed(request, *args, **kwargs)

initial = {}

next_page = None

options(request, *args, **kwargs)

Handle responding to requests for the OPTIONS HTTP verb.

post(request, *args, **kwargs)

Handle POST requests: instantiate a form instance with the passed POST variables and then check if it’s valid.

prefix = None

put(*args, **kwargs)

redirect_authenticated_user = True

A boolean that controls whether or not authenticated users accessing the login page will be redirected as if they had just successfully logged in.

redirect_field_name = 'next'

render_to_response(context, **response_kwargs)

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

response_class

alias of TemplateResponse

setup(request, *args, **kwargs)

Initialize attributes shared by all view methods.

success_url = None

success_url_allowed_hosts = {}

template_engine = None

template_name = 'authentication/passwordless_login.html'

The template to render (see TemplateResponseMixin)

view_is_async = False

Totp Login View

class integreat_cms.cms.views.authentication.totp_login_view.TOTPLoginView(**kwargs)

Bases: TemplateView

View to extend the default login behavior from LoginView with multi-factor-authentication using TOTP.

__init__(**kwargs)

Constructor. Called in the URLconf; can contain helpful extra keyword arguments, and other things.

classmethod as_view(**initkwargs)

Main entry point for a request-response process.

content_type = None

dispatch(request: HttpRequest, *args: Any, **kwargs: Any) → HttpResponse

Check whether TOTP login can be used right now

Parameters:

• request (HttpRequest) – The current request

• *args (Any) – The supplied arguments

• **kwargs (Any) – The supplied keyword arguments

Returns:

Redirection to login form or region selection

Return type:

HttpResponse

extra_context = None

get(request, *args, **kwargs)

get_context_data(**kwargs: Any) → dict[str, Any]

Get revision context data

Returns:

The context dictionary

Parameters:

kwargs (Any)

Return type:

dict[str, Any]

get_template_names()

Return a list of template names to be used for the request. Must return a list. May not be called if render_to_response() is overridden.

http_method_names = ['get', 'post', 'put', 'patch', 'delete', 'head', 'options', 'trace']

http_method_not_allowed(request, *args, **kwargs)

options(request, *args, **kwargs)

Handle responding to requests for the OPTIONS HTTP verb.

post(request: HttpRequest, *args: Any, **kwargs: Any) → HttpResponse

Retrieves the entered TOTP code of the user and validates it.

Parameters:

• request (HttpRequest) – The current request

• *args (Any) – The supplied arguments

• **kwargs (Any) – The supplied keyword arguments

Returns:

Redirection to region selection or rendered login form

Return type:

HttpResponse

render_to_response(context, **response_kwargs)

Return a response, using the response_class for this view, with a template rendered with the given context.

Pass response_kwargs to the constructor of the response class.

response_class

alias of TemplateResponse

setup(request, *args, **kwargs)

Initialize attributes shared by all view methods.

template_engine = None

template_name: str = 'authentication/login_totp.html'

The template to render (see TemplateResponseMixin)

user: User | None = None

The user who tries to authenticate

view_is_async = False