jumpserver/apps/users/models/user.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-
#
import uuid
from collections import OrderedDict

from django.conf import settings
from django.contrib.auth.hashers import make_password
from django.contrib.auth.models import AbstractUser
from django.core import signing
from django.db import models
from django.utils.translation import ugettext_lazy as _
from django.utils import timezone
from django.shortcuts import reverse

from common.utils import get_signer, date_expired_default


__all__ = ['User']
signer = get_signer()


class User(AbstractUser):
    ROLE_ADMIN = 'Admin'
    ROLE_USER = 'User'
    ROLE_APP = 'App'

    ROLE_CHOICES = (
        (ROLE_ADMIN, _('Administrator')),
        (ROLE_USER, _('User')),
        (ROLE_APP, _('Application'))
    )
    OTP_LEVEL_CHOICES = (
        (0, _('Disable')),
        (1, _('Enable')),
        (2, _("Force enable")),
    )
    id = models.UUIDField(default=uuid.uuid4, primary_key=True)
    username = models.CharField(max_length=128, unique=True, verbose_name=_('Username'))
    name = models.CharField(max_length=128, verbose_name=_('Name'))
    email = models.EmailField(max_length=128, unique=True, verbose_name=_('Email'))
    groups = models.ManyToManyField('users.UserGroup', related_name='users', blank=True, verbose_name=_('User group'))
    role = models.CharField(choices=ROLE_CHOICES, default='User', max_length=10, blank=True, verbose_name=_('Role'))
    avatar = models.ImageField(upload_to="avatar", null=True, verbose_name=_('Avatar'))
    wechat = models.CharField(max_length=128, blank=True, verbose_name=_('Wechat'))
    phone = models.CharField(max_length=20, blank=True, null=True, verbose_name=_('Phone'))
    otp_level = models.SmallIntegerField(default=0, choices=OTP_LEVEL_CHOICES, verbose_name=_('Enable OTP'))
    otp_secret_key = models.CharField(max_length=16, blank=True)
    # Todo: Auto generate key, let user download
    _private_key = models.CharField(max_length=5000, blank=True, verbose_name=_('Private key'))
    _public_key = models.CharField(max_length=5000, blank=True, verbose_name=_('Public key'))
    comment = models.TextField(max_length=200, blank=True, verbose_name=_('Comment'))
    is_first_login = models.BooleanField(default=True)
    date_expired = models.DateTimeField(default=date_expired_default, blank=True, null=True, verbose_name=_('Date expired'))
    created_by = models.CharField(max_length=30, default='', verbose_name=_('Created by'))

    def __str__(self):
        return '{0.name}({0.username})'.format(self)

    @property
    def password_raw(self):
        raise AttributeError('Password raw is not a readable attribute')

    #: Use this attr to set user object password, example
    #: user = User(username='example', password_raw='password', ...)
    #: It's equal:
    #: user = User(username='example', ...)
    #: user.set_password('password')
    @password_raw.setter
    def password_raw(self, password_raw_):
        self.set_password(password_raw_)

    def get_absolute_url(self):
        return reverse('users:user-detail', args=(self.id,))

    def is_public_key_valid(self):
        """
            Check if the user's ssh public key is valid.
            This function is used in base.html.
        """
        if self._public_key:
            return True
        return False

    @property
    def is_expired(self):
        if self.date_expired and self.date_expired < timezone.now():
            return True
        else:
            return False

    @property
    def is_valid(self):
        if self.is_active and not self.is_expired:
            return True
        return False

    @property
    def private_key(self):
        return signer.unsign(self._private_key)

    @private_key.setter
    def private_key(self, private_key_raw):
        self._private_key = signer.sign(private_key_raw)

    @property
    def public_key(self):
        return signer.unsign(self._public_key)

    @public_key.setter
    def public_key(self, public_key_raw):
        self._public_key = signer.sign(public_key_raw)

    @property
    def public_key_obj(self):
        class PubKey(object):
            def __getattr__(self, item):
                return ''
        if self.public_key:
            import sshpubkeys
            try:
                return sshpubkeys.SSHKey(self.public_key)
            except (TabError, TypeError):
                pass
        return PubKey()

    @property
    def is_superuser(self):
        if self.role == 'Admin':
            return True
        else:
            return False

    @is_superuser.setter
    def is_superuser(self, value):
        if value is True:
            self.role = 'Admin'
        else:
            self.role = 'User'

    @property
    def is_app(self):
        return self.role == 'App'

    @property
    def is_staff(self):
        if self.is_authenticated and self.is_valid:
            return True
        else:
            return False

    @is_staff.setter
    def is_staff(self, value):
        pass

    def save(self, *args, **kwargs):
        if not self.name:
            self.name = self.username
        if self.username == 'admin':
            self.role = 'Admin'
            self.is_active = True

        super().save(*args, **kwargs)

    @property
    def private_token(self):
        return self.create_private_token()

    def create_private_token(self):
        from .authentication import PrivateToken
        try:
            token = PrivateToken.objects.get(user=self)
        except PrivateToken.DoesNotExist:
            token = PrivateToken.objects.create(user=self)
        return token.key

    def create_access_key(self):
        from . import AccessKey
        access_key = AccessKey.objects.create(user=self)
        return access_key

    def refresh_private_token(self):
        from .authentication import PrivateToken
        PrivateToken.objects.filter(user=self).delete()
        return PrivateToken.objects.create(user=self)

    def is_member_of(self, user_group):
        if user_group in self.groups.all():
            return True
        return False

    def check_public_key(self, public_key):
        if self.ssH_public_key == public_key:
            return True
        return False

    def avatar_url(self):
        admin_default = settings.STATIC_URL + "img/avatar/admin.png"
        user_default = settings.STATIC_URL + "img/avatar/user.png"
        if self.avatar:
            return self.avatar.url
        if self.is_superuser:
            return admin_default
        else:
            return user_default

    def generate_reset_token(self):
        return signer.sign_t({'reset': str(self.id), 'email': self.email}, expires_in=3600)

    @property
    def otp_enabled(self):
        return self.otp_level > 0

    def enabled_otp(self):
        self.otp_level = 1

    def force_enable_otp(self):
        self.otp_level = 2

    @property
    def otp_force_enabled(self):
        return self.otp_level == 2

    def to_json(self):
        return OrderedDict({
            'id': self.id,
            'username': self.username,
            'name': self.name,
            'email': self.email,
            'is_active': self.is_active,
            'is_superuser': self.is_superuser,
            'role': self.get_role_display(),
            'groups': [group.name for group in self.groups.all()],
            'wechat': self.wechat,
            'phone': self.phone,
            'comment': self.comment,
            'date_expired': self.date_expired.strftime('%Y-%m-%d %H:%M:%S') if self.date_expired is not None else None
        })

    @classmethod
    def create_app_user(cls, name, comment):
        app = cls.objects.create(
            username=name, name=name, email='{}@local.domain'.format(name),
            is_active=False, role='App', comment=comment,
            is_first_login=False, created_by='System'
        )
        access_key = app.create_access_key()
        return app, access_key

    @classmethod
    def validate_reset_token(cls, token):
        try:
            data = signer.unsign_t(token)
            user_id = data.get('reset', None)
            user_email = data.get('email', '')
            user = cls.objects.get(id=user_id, email=user_email)

        except (signing.BadSignature, cls.DoesNotExist):
            user = None
        return user

    def reset_password(self, new_password):
        self.set_password(new_password)
        self.save()

    def delete(self, using=None, keep_parents=False):
        if self.pk == 1 or self.username == 'admin':
            return
        return super(User, self).delete()

    class Meta:
        ordering = ['username']
        verbose_name = _("User")

    #: Use this method initial user
    @classmethod
    def initial(cls):
        from .group import UserGroup
        user = cls(username='admin',
                   email='admin@jumpserver.org',
                   name=_('Administrator'),
                   password_raw='admin',
                   role='Admin',
                   comment=_('Administrator is the super user of system'),
                   created_by=_('System'))
        user.save()
        user.groups.add(UserGroup.initial())

    @classmethod
    def generate_fake(cls, count=100):
        from random import seed, choice
        import forgery_py
        from django.db import IntegrityError
        from .group import UserGroup

        seed()
        for i in range(count):
            user = cls(username=forgery_py.internet.user_name(True),
                       email=forgery_py.internet.email_address(),
                       name=forgery_py.name.full_name(),
                       password=make_password(forgery_py.lorem_ipsum.word()),
                       role=choice(list(dict(User.ROLE_CHOICES).keys())),
                       wechat=forgery_py.internet.user_name(True),
                       comment=forgery_py.lorem_ipsum.sentence(),
                       created_by=choice(cls.objects.all()).username)
            try:
                user.save()
            except IntegrityError:
                print('Duplicate Error, continue ...')
                continue
            user.groups.add(choice(UserGroup.objects.all()))
            user.save()
prepare merge ops 8 years ago			`#!/usr/bin/env python`
			`# -- coding: utf-8 --`
			`#`
[Change] 全部使用uuid作为主键 7 years ago			`import uuid`
prepare merge ops 8 years ago			`from collections import OrderedDict`

remove unused templatetags: users_tags and common_tags 8 years ago			`from django.conf import settings`
prepare merge ops 8 years ago			`from django.contrib.auth.hashers import make_password`
			`from django.contrib.auth.models import AbstractUser`
			`from django.core import signing`
remove unused templatetags: users_tags and common_tags 8 years ago			`from django.db import models`
prepare merge ops 8 years ago			`from django.utils.translation import ugettext_lazy as _`
			`from django.utils import timezone`
			`from django.shortcuts import reverse`

[Update] 修改ops task运行 7 years ago			`from common.utils import get_signer, date_expired_default`
Change models dir 8 years ago

			`__all__ = ['User']`
[Update] 修改ops task运行 7 years ago			`signer = get_signer()`
prepare merge ops 8 years ago

			`class User(AbstractUser):`
[Bugfix] 详见trello 7 years ago			`ROLE_ADMIN = 'Admin'`
			`ROLE_USER = 'User'`
			`ROLE_APP = 'App'`

prepare merge ops 8 years ago			`ROLE_CHOICES = (`
[Update] 修改一些翻译 7 years ago			`(ROLE_ADMIN, _('Administrator')),`
			`(ROLE_USER, _('User')),`
			`(ROLE_APP, _('Application'))`
prepare merge ops 8 years ago			`)`
[Update] 修改用户Opt 7 years ago			`OTP_LEVEL_CHOICES = (`
			`(0, _('Disable')),`
			`(1, _('Enable')),`
			`(2, _("Force enable")),`
			`)`
[Change] 全部使用uuid作为主键 7 years ago			`id = models.UUIDField(default=uuid.uuid4, primary_key=True)`
[Update] 修改注册流程 7 years ago			`username = models.CharField(max_length=128, unique=True, verbose_name=_('Username'))`
			`name = models.CharField(max_length=128, verbose_name=_('Name'))`
			`email = models.EmailField(max_length=128, unique=True, verbose_name=_('Email'))`
[Feature] 添加setting页面 7 years ago			`groups = models.ManyToManyField('users.UserGroup', related_name='users', blank=True, verbose_name=_('User group'))`
prepare merge ops 8 years ago			`role = models.CharField(choices=ROLE_CHOICES, default='User', max_length=10, blank=True, verbose_name=_('Role'))`
[Fixture] 添加用户连接终端 8 years ago			`avatar = models.ImageField(upload_to="avatar", null=True, verbose_name=_('Avatar'))`
[Update] 修改注册流程 7 years ago			`wechat = models.CharField(max_length=128, blank=True, verbose_name=_('Wechat'))`
prepare merge ops 8 years ago			`phone = models.CharField(max_length=20, blank=True, null=True, verbose_name=_('Phone'))`
[Update] 修改用户Opt 7 years ago			`otp_level = models.SmallIntegerField(default=0, choices=OTP_LEVEL_CHOICES, verbose_name=_('Enable OTP'))`
			`otp_secret_key = models.CharField(max_length=16, blank=True)`
[Feature] 打算拆分下载和上传为独立模块，时间有限暂时放弃 7 years ago			`# Todo: Auto generate key, let user download`
			`_private_key = models.CharField(max_length=5000, blank=True, verbose_name=_('Private key'))`
			`_public_key = models.CharField(max_length=5000, blank=True, verbose_name=_('Public key'))`
prepare merge ops 8 years ago			`comment = models.TextField(max_length=200, blank=True, verbose_name=_('Comment'))`
[Update] 添加和修改部分翻译 7 years ago			`is_first_login = models.BooleanField(default=True)`
[Copyright] 修改copyrite 7 years ago			`date_expired = models.DateTimeField(default=date_expired_default, blank=True, null=True, verbose_name=_('Date expired'))`
prepare merge ops 8 years ago			`created_by = models.CharField(max_length=30, default='', verbose_name=_('Created by'))`

[Update] 拆分asset api module 7 years ago			`def __str__(self):`
[Update] 修改授权规则详情列表页面 7 years ago			`return '{0.name}({0.username})'.format(self)`
[Update] 拆分asset api module 7 years ago
prepare merge ops 8 years ago			`@property`
			`def password_raw(self):`
Change models dir 8 years ago			`raise AttributeError('Password raw is not a readable attribute')`
prepare merge ops 8 years ago
			`#: Use this attr to set user object password, example`
			`#: user = User(username='example', password_raw='password', ...)`
			`#: It's equal:`
			`#: user = User(username='example', ...)`
			`#: user.set_password('password')`
			`@password_raw.setter`
			`def password_raw(self, password_raw_):`
			`self.set_password(password_raw_)`

			`def get_absolute_url(self):`
			`return reverse('users:user-detail', args=(self.id,))`

fix #13;fix `user` context conflict problem in user-detail page 8 years ago			`def is_public_key_valid(self):`
			`"""`
			`Check if the user's ssh public key is valid.`
			`This function is used in base.html.`
			`"""`
			`if self._public_key:`
			`return True`
			`return False`

prepare merge ops 8 years ago			`@property`
			`def is_expired(self):`
[Bugfix] 修复bug 7 years ago			`if self.date_expired and self.date_expired < timezone.now():`
prepare merge ops 8 years ago			`return True`
Change models dir 8 years ago			`else:`
			`return False`
prepare merge ops 8 years ago
			`@property`
			`def is_valid(self):`
			`if self.is_active and not self.is_expired:`
			`return True`
			`return False`

			`@property`
			`def private_key(self):`
			`return signer.unsign(self._private_key)`

			`@private_key.setter`
			`def private_key(self, private_key_raw):`
			`self._private_key = signer.sign(private_key_raw)`

			`@property`
			`def public_key(self):`
			`return signer.unsign(self._public_key)`

			`@public_key.setter`
			`def public_key(self, public_key_raw):`
			`self._public_key = signer.sign(public_key_raw)`

[Fixture] 添加用户profile 8 years ago			`@property`
[Fixture] 添加用户信息更改 8 years ago			`def public_key_obj(self):`
			`class PubKey(object):`
			`def __getattr__(self, item):`
			`return ''`
[Fixture] 添加用户profile 8 years ago			`if self.public_key:`
			`import sshpubkeys`
			`try:`
[Fixture] 添加用户信息更改 8 years ago			`return sshpubkeys.SSHKey(self.public_key)`
[Update] 服务器可以生成用户密钥 7 years ago			`except (TabError, TypeError):`
[Fixture] 添加用户profile 8 years ago			`pass`
[Fixture] 添加用户信息更改 8 years ago			`return PubKey()`
[Fixture] 添加用户profile 8 years ago
prepare merge ops 8 years ago			`@property`
			`def is_superuser(self):`
			`if self.role == 'Admin':`
			`return True`
			`else:`
			`return False`

			`@is_superuser.setter`
			`def is_superuser(self, value):`
			`if value is True:`
			`self.role = 'Admin'`
			`else:`
			`self.role = 'User'`

Update app terminal name to applications 8 years ago			`@property`
			`def is_app(self):`
			`return self.role == 'App'`

prepare merge ops 8 years ago			`@property`
			`def is_staff(self):`
			`if self.is_authenticated and self.is_valid:`
			`return True`
			`else:`
			`return False`

			`@is_staff.setter`
			`def is_staff(self, value):`
			`pass`

			`def save(self, args, *kwargs):`
			`if not self.name:`
			`self.name = self.username`
[Update] 修改设置的一些require 7 years ago			`if self.username == 'admin':`
			`self.role = 'Admin'`
			`self.is_active = True`

[Bugfix] 修复一些明显的bug 7 years ago			`super().save(args, *kwargs)`
prepare merge ops 8 years ago
			`@property`
			`def private_token(self):`
Update app terminal name to applications 8 years ago			`return self.create_private_token()`
prepare merge ops 8 years ago
Update app terminal name to applications 8 years ago			`def create_private_token(self):`
			`from .authentication import PrivateToken`
prepare merge ops 8 years ago			`try:`
Update app terminal name to applications 8 years ago			`token = PrivateToken.objects.get(user=self)`
			`except PrivateToken.DoesNotExist:`
			`token = PrivateToken.objects.create(user=self)`
prepare merge ops 8 years ago			`return token.key`

[Bug&Update] 以下bug和功能 - 修复新建资产不选管理用户和集群异常bug - profile下拉增加icon - 授权api增加os和platform 7 years ago			`def create_access_key(self):`
			`from . import AccessKey`
			`access_key = AccessKey.objects.create(user=self)`
			`return access_key`

prepare merge ops 8 years ago			`def refresh_private_token(self):`
Update app terminal name to applications 8 years ago			`from .authentication import PrivateToken`
			`PrivateToken.objects.filter(user=self).delete()`
			`return PrivateToken.objects.create(user=self)`
prepare merge ops 8 years ago
			`def is_member_of(self, user_group):`
			`if user_group in self.groups.all():`
			`return True`
			`return False`

			`def check_public_key(self, public_key):`
Change models dir 8 years ago			`if self.ssH_public_key == public_key:`
prepare merge ops 8 years ago			`return True`
			`return False`

remove unused templatetags: users_tags and common_tags 8 years ago			`def avatar_url(self):`
[Bugfix] 修复一些明显的bug 7 years ago			`admin_default = settings.STATIC_URL + "img/avatar/admin.png"`
			`user_default = settings.STATIC_URL + "img/avatar/user.png"`
remove unused templatetags: users_tags and common_tags 8 years ago			`if self.avatar:`
			`return self.avatar.url`
[Bugfix] 修复一些明显的bug 7 years ago			`if self.is_superuser:`
			`return admin_default`
remove unused templatetags: users_tags and common_tags 8 years ago			`else:`
[Bugfix] 修复一些明显的bug 7 years ago			`return user_default`
remove unused templatetags: users_tags and common_tags 8 years ago
prepare merge ops 8 years ago			`def generate_reset_token(self):`
[Feature] 添加signals 解耦代码 7 years ago			`return signer.sign_t({'reset': str(self.id), 'email': self.email}, expires_in=3600)`
prepare merge ops 8 years ago
[Update] 修改用户Opt 7 years ago			`@property`
			`def otp_enabled(self):`
			`return self.otp_level > 0`

[Update] 修改用户Opt 7 years ago			`def enabled_otp(self):`
			`self.otp_level = 1`

			`def force_enable_otp(self):`
			`self.otp_level = 2`

[Update] 修改用户Opt 7 years ago			`@property`
			`def otp_force_enabled(self):`
			`return self.otp_level == 2`

prepare merge ops 8 years ago			`def to_json(self):`
			`return OrderedDict({`
			`'id': self.id,`
			`'username': self.username,`
			`'name': self.name,`
			`'email': self.email,`
			`'is_active': self.is_active,`
			`'is_superuser': self.is_superuser,`
			`'role': self.get_role_display(),`
			`'groups': [group.name for group in self.groups.all()],`
			`'wechat': self.wechat,`
			`'phone': self.phone,`
			`'comment': self.comment,`
bugfix: 解决用户失效时间为空时，无法使用密码进行ssh登录跳板机的问题 (#659) * bugfix: 解决用户失效时间为空时，无法使用密码进行ssh登录跳板机的问题 bugfix: 解决用户失效时间为空时，无法使用密码进行ssh登录跳板机的问题。 ``` AttributeError at /api/users/v1/auth/ 'NoneType' object has no attribute 'strftime' Request Method: POST Request URL: http://127.0.0.1:8080/api/users/v1/auth/ Django Version: 1.11.4 Python Executable: /opt/py3/bin/python Python Version: 3.6.1 Python Path: ['/data/deployment/jumpserver/apps', '/usr/local/lib/python36.zip', '/usr/local/lib/python3.6', '/usr/local/lib/python3.6/lib-dynload', '/opt/py3/lib/python3.6/site-packages', '/data/deployment/jumpserver', '/data/deployment/jumpserver/apps'] Server time: Wed, 30 Aug 2017 23:18:47 +0800 Installed Applications: ['users.apps.UsersConfig', 'assets.apps.AssetsConfig', 'perms.apps.PermsConfig', 'ops.apps.OpsConfig', 'audits.apps.AuditsConfig', 'common.apps.CommonConfig', 'applications.apps.ApplicationsConfig', 'rest_framework', 'rest_framework_swagger', 'django_filters', 'bootstrap3', 'captcha', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles'] Installed Middleware: ['django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', 'jumpserver.middleware.TimezoneMiddleware', 'jumpserver.middleware.DemoMiddleware'] Traceback: File "/opt/py3/lib/python3.6/site-packages/django/core/handlers/exception.py" in inner 41. response = get_response(request) File "/opt/py3/lib/python3.6/site-packages/django/core/handlers/base.py" in _get_response 187. response = self.process_exception_by_middleware(e, request) File "/opt/py3/lib/python3.6/site-packages/django/core/handlers/base.py" in _get_response 185. response = wrapped_callback(request, callback_args, callback_kwargs) File "/usr/local/lib/python3.6/contextlib.py" in inner 53. return func(args, *kwds) File "/opt/py3/lib/python3.6/site-packages/django/views/decorators/csrf.py" in wrapped_view 58. return view_func(args, *kwargs) File "/opt/py3/lib/python3.6/site-packages/django/views/generic/base.py" in view 68. return self.dispatch(request, args, *kwargs) File "/opt/py3/lib/python3.6/site-packages/rest_framework/views.py" in dispatch 489. response = self.handle_exception(exc) File "/opt/py3/lib/python3.6/site-packages/rest_framework/views.py" in handle_exception 449. self.raise_uncaught_exception(exc) File "/opt/py3/lib/python3.6/site-packages/rest_framework/views.py" in dispatch 486. response = handler(request, args, *kwargs) File "/data/deployment/jumpserver/apps/users/api.py" in post 166. return Response({'token': token, 'user': user.to_json()}) File "/data/deployment/jumpserver/apps/users/models/user.py" in to_json 207. 'date_expired': self.date_expired.strftime('%Y-%m-%d %H:%M:%S') Exception Type: AttributeError at /api/users/v1/auth/ Exception Value: 'NoneType' object has no attribute 'strftime' Request information: USER: AnonymousUser GET: No GET data POST: No POST data FILES: No FILES data COOKIES: No cookie data ``` bugfix: 个人信息页面个人信息pannel错位 bugfix: 个人信息页面个人信息pannel错位 7 years ago			`'date_expired': self.date_expired.strftime('%Y-%m-%d %H:%M:%S') if self.date_expired is not None else None`
prepare merge ops 8 years ago			`})`

update user model for create application user 8 years ago			`@classmethod`
			`def create_app_user(cls, name, comment):`
[Update] 修改settings和配置文件 7 years ago			`app = cls.objects.create(`
[Update] 修改注册流程 7 years ago			`username=name, name=name, email='{}@local.domain'.format(name),`
[Update] 修改Perms 7 years ago			`is_active=False, role='App', comment=comment,`
[Update] 修改settings和配置文件 7 years ago			`is_first_login=False, created_by='System'`
			`)`
[Bug&Update] 以下bug和功能 - 修复新建资产不选管理用户和集群异常bug - profile下拉增加icon - 授权api增加os和platform 7 years ago			`access_key = app.create_access_key()`
update terminal regist 8 years ago			`return app, access_key`
update user model for create application user 8 years ago
prepare merge ops 8 years ago			`@classmethod`
			`def validate_reset_token(cls, token):`
			`try:`
			`data = signer.unsign_t(token)`
			`user_id = data.get('reset', None)`
			`user_email = data.get('email', '')`
			`user = cls.objects.get(id=user_id, email=user_email)`

			`except (signing.BadSignature, cls.DoesNotExist):`
			`user = None`
			`return user`

			`def reset_password(self, new_password):`
			`self.set_password(new_password)`
			`self.save()`

[Change] 全部使用uuid作为主键 7 years ago			`def delete(self, using=None, keep_parents=False):`
Change models dir 8 years ago			`if self.pk == 1 or self.username == 'admin':`
			`return`
			`return super(User, self).delete()`

prepare merge ops 8 years ago			`class Meta:`
Add private token and change user group 8 years ago			`ordering = ['username']`
[Update] 修改一些bug和文案 7 years ago			`verbose_name = _("User")`
prepare merge ops 8 years ago
			`#: Use this method initial user`
			`@classmethod`
			`def initial(cls):`
[Feature] 添加basic settings 7 years ago			`from .group import UserGroup`
prepare merge ops 8 years ago			`user = cls(username='admin',`
			`email='admin@jumpserver.org',`
			`name=_('Administrator'),`
			`password_raw='admin',`
			`role='Admin',`
			`comment=_('Administrator is the super user of system'),`
			`created_by=_('System'))`
			`user.save()`
			`user.groups.add(UserGroup.initial())`

			`@classmethod`
			`def generate_fake(cls, count=100):`
			`from random import seed, choice`
			`import forgery_py`
			`from django.db import IntegrityError`
[Feature] 添加basic settings 7 years ago			`from .group import UserGroup`
prepare merge ops 8 years ago
			`seed()`
			`for i in range(count):`
			`user = cls(username=forgery_py.internet.user_name(True),`
			`email=forgery_py.internet.email_address(),`
			`name=forgery_py.name.full_name(),`
			`password=make_password(forgery_py.lorem_ipsum.word()),`
[Change] 全部使用uuid作为主键 7 years ago			`role=choice(list(dict(User.ROLE_CHOICES).keys())),`
prepare merge ops 8 years ago			`wechat=forgery_py.internet.user_name(True),`
			`comment=forgery_py.lorem_ipsum.sentence(),`
			`created_by=choice(cls.objects.all()).username)`
			`try:`
			`user.save()`
			`except IntegrityError:`
			`print('Duplicate Error, continue ...')`
			`continue`
			`user.groups.add(choice(UserGroup.objects.all()))`
			`user.save()`