Customize django-otp email template - django

I'm doing two-factor authentication (2FA) in my Django app and using django-otp package. I want to send my custom email to users. I followed the official documentation and added my custom settings as follow:
# django-otp template
OTP_EMAIL_SUBJECT = _('Please confirm your login attempt')
OTP_EMAIL_BODY_TEMPLATE_PATH = 'account/email/login_confirmation_otp.html'
The above settings are working and it's sending the email in text/plain content type but I want text/html content type.
The following code is sending the email:
def generate_challenge(self, extra_context=None):
"""
Generates a random token and emails it to the user.
:param extra_context: Additional context variables for rendering the
email template.
:type extra_context: dict
"""
self.generate_token(valid_secs=settings.OTP_EMAIL_TOKEN_VALIDITY)
context = {'token': self.token, **(extra_context or {})}
if settings.OTP_EMAIL_BODY_TEMPLATE:
body = Template(settings.OTP_EMAIL_BODY_TEMPLATE).render(Context(context))
else:
body = get_template(settings.OTP_EMAIL_BODY_TEMPLATE_PATH).render(context)
send_mail(settings.OTP_EMAIL_SUBJECT,
body,
settings.OTP_EMAIL_SENDER,
[self.email or self.user.email])
message = "sent by email"
return message
in django_otp/plugins/otp_email/models.py. I want to override generate_challenge() function and add html_message in send_email() function but don't know how to do it?

Related

How to scrape a webpage which has login if we have the credentials using python scrapy?

Just want to know how to send request along with the login credentials to a login page to fetch the data.
It is usual for web sites to provide pre-populated form fields through elements, such as session related data or authentication tokens (for login pages). When scraping, you’ll want these fields to be automatically pre-populated and only override a couple of them, such as the user name and password. You can use the FormRequest.from_response() method for this job. Here’s an example spider which uses it:
import scrapy
def authentication_failed(response):
# TODO: Check the contents of the response and return True if it failed
# or False if it succeeded.
pass
class LoginSpider(scrapy.Spider):
name = 'example.com'
start_urls = ['http://www.example.com/users/login.php']
def parse(self, response):
return scrapy.FormRequest.from_response(
response,
formdata={'username': 'john', 'password': 'secret'},
callback=self.after_login
)
def after_login(self, response):
if authentication_failed(response):
self.logger.error("Login failed")
return
# continue scraping with authenticated session...

Invalid Username/Password when Trying to signup with DRF CreateAPIView

I want to create users using django built-in "User" Model and with CreateAPIVIew mixin
here is the code :
class Register(generics.CreateAPIView):
permission_classes=[permissions.AllowAny]
def post(self,request,*args,**kwargs):
username= request.POST.get('username')
email=request.POST.get('email')
password=request.POST.get('password')
# first_name=request.POST.get('first_name')
# last_name=request.POST.get('last_name')
user=User.objects.create_user(username,email,password)
# user.first_name='mintu'
user.save()
but when I tried to submit a HTTP post request using Postman
I have been fired up with an error
called
{
"detail": "Invalid username/password."
}
so to make sure if I my database is creating users perfectly fine
I have decided to create a user manually through python shell with this command
user=User.objects.create_user('mounikesh','thota#gmail.com','test1234')
Successfully a user has been created
so I came to a conclusion that my database is fine and its accepting the request now the issue is only with drf's CreateAPIView
and now I tried to figure if the error is caused because of the data that I've been sending through postman
for that I've directly injected the username,email&password to the server
class Register(generics.CreateAPIView):
def post(self,request,*args,**kwargs):
permission_classes=[permissions.AllowAny]
#
# username= request.POST.get('username')
# email=request.POST.get('email')
# password=request.POST.get('password')
user=User.objects.create_user('ok','ok#gmail.com','test1234')
# user=User.objects.create_user(username,email,password)
user.save()
# token=Token.objects.create(user=user)
return Response("user has been created")
tried to send all my required credentials to create a User expecting my User created response instead got a Error Reponse
tried a lot of searching it in google and all other forums
But it's of no use
Any kind of help is appreciated

django python social auth send email

I am using python social auth for login. After user is created I want to send the user a email. For this I am writing a custom pipeline
def send_confirmation_email(strategy, details, response, user=None, *args, **kwargs):
if user:
if kwargs['is_new']:
template = "email/social_registration_confirm.html"
subject = "Account Confirmation"
email = user.email
print(user.username)
username = user.username
kwargs.update(subject=subject, email=email, username=username)
notification_email.delay(template, **kwargs)
I am using celery to send email. When I send email it gives me error saying <UserSocialAuth: some_username> is not JSON serializable
Why I am getting this error. notification_email works for other email sending functionality.
Need suggestion. Thank you
JSON accepts only a few datatypes: null, arrays, booleans, numbers, strings, and objects.
So, anything else should be expressed as one of these types.
My guess is that **kwargs that you are sending in to notification_email contains a data type that cannot be expressed as JSON.
To solve this problem, send only needed arguments, not the whole **kwargs.
I would create a dictionary and include everything there:
var args = dict()
args['username'] = username
args['template'] = template
# other arguments
notification_email.delay(args)
I hope it helps.

Control a function (E.g send mail) from a users profile page

I have a profile page like so: http://i.stack.imgur.com/Rx4kg.png . In management I would like a option "Notify by mail" that would control my send_email functions in every application I want. As example I'm using django-messages and it sends private messages aswell as emails when you send a message. I would like for the user to be able to specify if he wants emails aswell when he gets a message.
messages/utils.py
def new_message_email(sender, instance, signal,
subject_prefix=_(u'New Message: %(subject)s'),
template_name="messages/new_message.html",
default_protocol=None,
*args, **kwargs):
"""
This function sends an email and is called via Django's signal framework.
Optional arguments:
``template_name``: the template to use
``subject_prefix``: prefix for the email subject.
``default_protocol``: default protocol in site URL passed to template
"""
if default_protocol is None:
default_protocol = getattr(settings, 'DEFAULT_HTTP_PROTOCOL', 'http')
if 'created' in kwargs and kwargs['created']:
try:
current_domain = Site.objects.get_current().domain
subject = subject_prefix % {'subject': instance.subject}
message = render_to_string(template_name, {
'site_url': '%s://%s' % (default_protocol, current_domain),
'message': instance,
})
if instance.recipient.email != "":
send_mail(subject, message, settings.DEFAULT_FROM_EMAIL,
[instance.recipient.email,])
except Exception, e:
#print e
pass #fail silently
Apparently instance.recipient.email is the email for the recipient user. So my questions are: How do I go about creating an option in my profile management that can be used in my new_message_email to check if the user wants emails or not? My own thoughts are that I need to save a value in the database for the user and then check for that value in new_message_email function. How I do that isn't clear though. Do I create a new function in my userprofile/views.py and class in userprofile/forms.py? And have my userprofile/overview.html template change them? Some specifics and thoughts if this is the right approach would help alot!
You probably want to start off by creating a user profile so that you have a good way to store weather or not the user wants these emails sent to them. This is done using the AUTH_PROFILE_MODULE setting in your settings.py.
Once you have the data stored, you should be able to access it from instance.recipient (assuming that instance.recipient is a User object). So you could change your code to:
if instance.recipient.get_profile().wants_emails and instance.recipient.email != "":
send_mail(subject, message, settings.DEFAULT_FROM_EMAIL,
[instance.recipient.email,])
Done and done.

Proper technique for a contact form?

I have a contact form at shantiyoga.ca/contact
With the view
def contact(request):
template = 'contact.html'
form = ContactForm(request.POST or None)
if form.is_valid(): # All validation rules pass
subject = form.cleaned_data['subject']
message = "%s\n\n%s" % (form.cleaned_data['message'], form.cleaned_data['sender'])
cc_myself = form.cleaned_data['cc_myself']
recipients = ['contact#shantiyoga.ca']
sender = form.cleaned_data['sender']
if cc_myself:
recipients.append(sender)
headers = {'Reply-To': form.cleaned_data['sender']}
from django.core.mail import send_mail
send_mail(subject,message,sender,recipients,headers)
return redirect('/thanks/')
return render_to_response(template, {'form': form, 'current':'contact'}, context_instance=RequestContext(request))
Which works fairly well. I'm not terribly sophisticated with Django and my Python skills are not quite up to snuff, so please bear with me if I step through this in a basic fashion.
I would like to clarify that there is no way for the form recipient (contact#shantiyoga.ca) to receive the contact form from the value of the email field (user entered). It will always be sent by the authenticated email in my settings.py, which at this point is my personal email?
A user fills out the contact form and hits submit, an email is sent to contact#shantiyoga.ca from my personal email, and if the user decides to cc themself, a copy of the email is sent to them, also from my personal email.
This is not ideal, should I create an email like contactform#shantiyoga.ca for my settings.py to send the email from?
Also, the headers = {'Reply-To': form.cleaned_data['sender']} does not appear to be doing anything and I can't seem to find documentation describing its proper usage, has anyone had success using this technique?
Thank you for your time,
Noah
I would like to clarify that there is no way for the form recipient (contact#shantiyoga.ca) to receive the contact form from the value of the email field (user entered). It will always be sent by the authenticated email in my settings.py, which at this point is my personal email?
You're setting the sender of the email to sender but using EMAIL_HOST, correct? If this is the case, be careful that your SMTP account will let you send email from users other than your domain. Normally, providing you have an authenticated account on that server, you'll be able to set the From: field to whatever you like.
So in short, this email will hit your inbox appearing to be from the sender variable. So when you hit reply, you'll be able to email them back, which is I think what you want. However, it will be sent using the SMTP server whose authentication details you provide. There is a disconnect between being able to send email (SMTP) and being able to receive it, which I think has got you confused.
I've never tried it, but to add extra headers I believe you need to use the EmailMessage object. According to the docs, you would:
e = EmailMessage(headers={'Reply-To':...
e.send()
Be careful doing this; specifically, be careful to strip out newlines in the reply to field. I do not know if the default clean methods would do this.
Finally, there isn't much wrong with your django/python at all. The only thing I'd say, by way of awareness, is not to use this:
return redirect('/thanks/')
but instead:
return HttpResponseRedirect(reverse('myapp.views.method',args=tuple,kwargs=dict))
This gives you the ability to not hardcode urls into your application. The reverse method will look them up from urls.py for you, so you can move your application around/change urls and it will still work.
Here is signature of send_mail from django documentation:
send_mail(subject, message, from_email, recipient_list, fail_silently=False, auth_user=None, auth_password=None, connection=None)
As you can see it does not have headers argument.
You will need to use EmailMessage object directly.
It would also be nice to remove email-formatting from view. I would write everything something more like this:
from django.core.mail.message import EmailMessage
from django.conf import settings
class ContactsEmailMessage(EmailMessage):
def __init__(self, sender, subject, message, cc_myself):
super(ContactEmailMessage, self).__init__(
subject=subject,
body=self._get_message(self, sender, message),
from=settings.DEFAULT_FROM_EMAIL,
to=settings.CONTACT_RECIPIENTS,
headers=self._get_headers(sender),
cc=(sender, ) if cc_myself else None
)
def _format_message(self, sender, message):
return "%s\n\n%s" % (sender, message)
def _get_headers(self, sender):
return {
'reply-to': sender
}
Now you can write clean and easy to read view:
from myproject.mail.message import ContactsEmailMessage, BadHeaderError
from django.core.exceptions import SuspiciousOperation
def contact(request):
...
form = ContactForm(request.POST or None)
if form.is_valid(): # All validation rules pass
try:
message = ContactsEmailMessage(**form.cleaned_data)
message.send()
except BadHeaderError:
# django will raise this error if user will try to pass suspicious new-line
# characters to "sender" or other fields. This is safe-guard from
# header injections
raise SuspiciousOperation()
return redirect('/thanks/')
...