U >i@sddlmZddlmZddlmZddlmZddlm Z ddl m Z ddl m ZddlmZdd lmZddlm Z ed d d d ZdddZd S)wraps)messages)AbstractBaseUser)ValidationError)HttpResponseRedirect)reverse) get_adapter) EmailAddress) app_settingsN)userreturncCs6tjr dStjj|jdd }|s2tddS)z If we would allow users to enable 2FA with unverified email address, that would allow for an attacker to signup, not verify and prevent the real owner of the account from ever regaining access. NF)Zuser_idZverifiedZunverified_email) r ZALLOW_UNVERIFIED_EMAILr Zobjectsfilterpkexistsr Zvalidation_error)r Zemail_verifiedrB/tmp/pip-unpacked-wheel-upujnpc2/allauth/mfa/internal/flows/add.pyvalidate_can_add_authenticators rcCsdd}|r||S|S)Ncstfdd}|S)Nc s~|jjrnzt|jWnVtk rl}z8|jD]}t}|j|tj|dq.tt dWYSd}~XYnX|f||S)N)messageZ mfa_index) r is_authenticatedrrrget_account_adapterZ add_messageERRORrr)requestargskwargseradapter view_funcrr _wrapper_view s "zEredirect_if_add_not_allowed..decorator.._wrapper_viewr)rrrrr decorators z.redirect_if_add_not_allowed..decoratorr)functionr rrrredirect_if_add_not_allowedsr")N) functoolsrZdjango.contribrZdjango.contrib.auth.base_userrZdjango.core.exceptionsrZ django.httprZ django.urlsrZallauth.account.adapterr rZallauth.account.modelsr Z allauth.mfar Zallauth.mfa.adapterrr"rrrrs