def test_pw_change(self):
user = create_user()
pw = 'new_pass1'
form = PasswordChangeForm(user=user, data={
'old_password': PASSWORD,
'new_password1': pw,
'new_password2': pw,
})
form.is_valid()
form.save()
self.assertTrue(form.password_changed())
def test_pw_change(self):
user = create_user()
pw = 'new_pass1'
form = PasswordChangeForm(user=user,
data={
'old_password': PASSWORD,
'new_password1': pw,
'new_password2': pw,
})
form.is_valid()
form.save()
self.assertTrue(form.password_changed())
def password_change(request):
if request.method == "POST":
form = PasswordChangeForm(request.POST)
if form.is_valid():
cd = form.cleaned_data
user = authenticate(username=request.user.username,
password=cd['current_password'])
if not user:
form.errors['__all__'] = form.error_class(
['Current password incorrect'])
else:
user.set_password(cd['password1'])
user.save()
update_session_auth_hash(request, user)
# Success !
message = "You have successfully changed your password"
url = reverse('profile')
return success(request, url, message)
else:
form = PasswordChangeForm()
return render(
request, 'password_change_form.html', {
'form': form,
'form_title': 'Change Password',
'action': reverse('password_change')
})
def profile():
user = authnz.current_user
user_info = _(username=user.username,
email_addr=user.email_addr,
role=user.role)
session = get_session()['messages']
if request.method == 'POST':
form = PasswordChangeForm(request, user)
try:
if form.is_valid():
form.save()
session['pass'].append('Password has been changed successfully.')
return authnz.logout(success_redirect='/profile')
else:
session['fail'].append(form.errors)
except HTTPResponse:
raise
except Exception as ex:
error_message = 'Password change failed. Error: %s' % str(ex)
session['fail'].append(error_message)
logging.error(error_message, exc_info=True)
roles = sorted(
list(authnz.list_roles()),
key=lambda x: x[1], reverse=True)
return {
'title': 'Profile',
'user': user_info,
'roles': roles,
'readonly': True,
}
def test_pw_length(self):
user = create_user()
for pw, success in [('a', False,), ('a' * User.MINIMUM_PASSWORD_LENGTH, True,)]:
form = PasswordChangeForm(user=user, data={
'old_password': PASSWORD,
'new_password1': pw,
'new_password2': pw,
})
self.assertEqual(form.is_valid(), success)
def update_password(request):
if request.method == 'POST':
form = PasswordChangeForm(request.POST)
if form.is_valid():
request.user.set_password(form.cleaned_data['password1'])
request.user.save()
return render(request, 'registration/update_password.html', {'success': True})
else:
form = PasswordChangeForm()
return render(request, 'registration/update_password.html', {'form': form})
def update_password(request):
if request.method == 'POST':
form = PasswordChangeForm(request.POST)
if form.is_valid():
request.user.set_password(form.cleaned_data['password1'])
request.user.save()
return render(request, 'registration/update_password.html', {'success': True})
else:
form = PasswordChangeForm()
return render(request, 'registration/update_password.html', {'form': form})
def edit(request):
"""
Change password only, for now...
"""
if request.POST:
form = PasswordChangeForm(request.user, request.POST)
if form.is_valid():
instance = form.save()
return HttpResponse('')
else:
form = PasswordChangeForm(user=request.user)
return render_to_response('users/change_password.html', {'form': form}, context_instance=RequestContext(request))
def password_change(request):
message = ''
saved = False
form = PasswordChangeForm()
# is the user logged in?
if not request.user.is_authenticated():
return HttpResponseRedirect('/nest/login/')
if request.user.is_staff:
return HttpResponseRedirect('/admin/')
# change password
if request.method == 'POST':
pcform = PasswordChangeForm(data=request.POST)
if pcform.is_valid():
# still have to check if old password matches
u = request.user
oldpass = request.POST.get('oldpass')
newpass = request.POST.get('newpass1')
if u.check_password(oldpass):
# passwords match so it's safe to change the password
u.set_password(newpass)
u.save()
# for some reason, the user gets logged out so we have to log them in again
login(request,
authenticate(username=u.username, password=newpass))
# create a message and redirect to the dashboard
messages.add_message(
request, messages.SUCCESS,
"Your password has been changed successfully")
return HttpResponseRedirect('/nest/')
else:
form = pcform
message = '<span style="color:firebrick">Old password is incorrect. Please try again</span>'
else:
form = pcform
message = '<span style="color:firebrick">Please correct the errors below</span>'
context = {
'title': 'Change my password' + SITE_SUF,
'navlight': 3,
'request': request,
'message': message,
'form': form,
'saved': saved,
}
return render(request, 'nest/passwordchange.html', context)
def changePassword(request):
form = PasswordChangeForm()
if 'ok' in request.POST:
form = PasswordChangeForm(request.POST)
if form.is_valid():
u = User.objects.get(username=request.user)
password1 = request.POST.get('confirm_password', '')
u.set_password(password1)
u.save()
return HttpResponse(status=201)
return render_to_response("establishment/accounts/change_password.html",
{'form': form},
context_instance=RequestContext(request))
def change_password(request):
if request.POST:
form = PasswordChangeForm(request.POST)
if form.is_valid():
mail_user = form.cleaned_data["user"]
mail_user.change_password(form.cleaned_data["new_password"])
return render_to_response(
"mailauth/password_change.html",
{"message": "Password changed successfully"},
context_instance=RequestContext(request),
)
else:
form = PasswordChangeForm()
return render_to_response("mailauth/password_change.html", {"form": form}, context_instance=RequestContext(request))
def password_change(request, template_name='registration/password_change_form.html',
post_change_redirect=None):
if post_change_redirect is None:
#post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
post_change_redirect = reverse('auth.views.password_change_done')
if request.method == "POST":
form = PasswordChangeForm(request.user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(post_change_redirect)
else:
form = PasswordChangeForm(request.user)
return render_to_response(template_name, {
'form': form,
}, context_instance=RequestContext(request))
def settings_view(request):
if request.method == 'POST':
form = PasswordChangeForm(user=request.user, data=request.POST, files=request.FILES)
#imgform = UploadFileForm(request.POST, request.FILES)
if form.is_valid():
form.save()
update_session_auth_hash(request, form.user)
return HttpResponseRedirect(reverse('settings_view'))
else:
pass
else:
form = PasswordChangeForm(user=request.user)
#imgform = UploadFileForm()
context = {'form': form, }
return render(request, "profile.html", context)
def test_pw_length(self):
user = create_user()
for pw, success in [(
'a',
False,
), (
'a' * User.MINIMUM_PASSWORD_LENGTH,
True,
)]:
form = PasswordChangeForm(user=user,
data={
'old_password': PASSWORD,
'new_password1': pw,
'new_password2': pw,
})
self.assertEqual(form.is_valid(), success)
def change_password(request):
user = request.user
if request.method == "POST":
form = PasswordChangeForm(request.POST)
if form.is_valid():
password = form.cleaned_data['password']
user.set_password(password)
user.save()
logger.info("Changed password for user %s" % user.username)
messages.info(request, "Password was changed!")
else:
form = PasswordChangeForm()
data = {'form': form}
return render_to_response('people/change-password.html', data,
RequestContext(request))
def password_change(request,
template_name='registration/password_change_form.html',
post_change_redirect=None):
if post_change_redirect is None:
#post_change_redirect = reverse('django.contrib.auth.views.password_change_done')
post_change_redirect = reverse('auth.views.password_change_done')
if request.method == "POST":
form = PasswordChangeForm(request.user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(post_change_redirect)
else:
form = PasswordChangeForm(request.user)
return render_to_response(template_name, {
'form': form,
},
context_instance=RequestContext(request))
def change_password(request):
user = request.user
if request.method == "POST":
form = PasswordChangeForm(request.POST)
if form.is_valid():
password = form.cleaned_data['password']
user.set_password(password)
user.save()
logger.info("Changed password for user %s" % user.username)
messages.info(request, "Password was changed!")
else:
form = PasswordChangeForm()
data = {
'form': form
}
return render_to_response('people/change-password.html', data,
RequestContext(request))
def settings_view(request):
if request.method == 'POST':
form = PasswordChangeForm(user=request.user,
data=request.POST,
files=request.FILES)
#imgform = UploadFileForm(request.POST, request.FILES)
if form.is_valid():
form.save()
update_session_auth_hash(request, form.user)
return HttpResponseRedirect(reverse('settings_view'))
else:
pass
else:
form = PasswordChangeForm(user=request.user)
#imgform = UploadFileForm()
context = {
'form': form,
}
return render(request, "profile.html", context)
def change_password(request):
if request.method == 'POST':
form = PasswordChangeForm(request.POST)
password_correct = False
if form.is_valid():
current_password = form.cleaned_data['current_password']
new_pass = form.cleaned_data['new_password1']
password_correct = request.user.check_password(current_password)
if password_correct:
request.user.set_password(new_pass)
request.user.save()
json = {'location': '.'}
return HttpResponse(simplejson.dumps(json),
mimetype="application/json")
if not password_correct:
form._errors['current_password'] = ErrorList()
form._errors['current_password'].append(_("Your password is incorrect"))
else:
raise Http404
return render(request, 'password_change_modal.html', {'form': form})
def changePassword(request):
# This needs work
messages = []
if request.method == 'POST':
print request.POST
passwordChangeForm = PasswordChangeForm(request.POST)
if passwordChangeForm.is_valid():
if hashers.check_password(passwordChangeForm.cleaned_data['oldpassword'], request.user.password):
if passwordChangeForm.cleaned_data['newpassword1'] == passwordChangeForm.cleaned_data['newpassword2']:
request.user.set_password(passwordChangeForm.cleaned_data['newpassword1'])
request.user.save()
print 'password change request successful'
return render(request, 'changePassword.html', {'passwordChangeForm':passwordChangeForm,\
'messages':messages})
else:
messages.append('passwords do not match')
passwordChangeForm = PasswordChangeForm()
return render(request, 'changePassword.html', {'passwordChangeForm':passwordChangeForm,\
'messages':messages})
else:
messages.append('Bad password supplied')
passwordChangeForm = PasswordChangeForm()
return render(request, 'changePassword.html', {'passwordChangeForm':passwordChangeForm,\
'messages':messages})
else:
messages.append('form is not valid')
passwordChangeForm = PasswordChangeForm()
return render(request, 'changePassword.html', {'passwordChangeForm':passwordChangeForm,\
'messages':messages})
else:
passwordChangeForm = PasswordChangeForm()
return render(request, 'changePassword.html', {'passwordChangeForm':passwordChangeForm,\
'messages':messages})
def editview(request, action):
if request.user.is_authenticated():
request_data = None
context = {}
if request.method == 'POST':
request_data = request.POST
if action == 'password':
form = PasswordChangeForm(user=request.user, data=request_data)
context = {'form': form, 'action': 'Change password', 'edition': True}
elif action == 'settings':
tz = 'UTC'
if hasattr(request.user, 'sciriususer'):
tz = request.user.sciriususer.timezone
initial = {'timezone': tz}
if request.user.is_superuser:
form = UserSettingsForm(request_data, instance=request.user, initial=initial)
else:
form = NormalUserSettingsForm(request_data, instance=request.user, initial=initial)
context = {'form': form, 'action': 'Edit settings for ' + request.user.username, 'edition': True}
elif action == 'token':
initial = {}
token = Token.objects.filter(user=request.user)
if len(token):
initial['token'] = token[0]
form = TokenForm(request_data, initial=initial)
context = {'form': form, 'action': 'User token', 'edition': True}
else:
context = {'action': 'User settings', 'edition': False}
if request.method == 'POST':
orig_superuser = request.user.is_superuser
orig_staff = request.user.is_staff
if form.is_valid():
if action == 'token':
current_tokens = Token.objects.filter(user=request.user)
for token in current_tokens:
token.delete()
Token.objects.create(user=request.user)
UserAction.create(
action_type='edit_user_token',
comment=form.cleaned_data['comment'],
user=request.user,
other_user=request.user
)
return redirect('accounts_edit', action='token')
context['edition'] = False
context['action'] = 'User settings'
ruser = form.save(commit = False)
if not orig_superuser:
ruser.is_superuser = False
ruser.is_staff = orig_staff
ruser.save()
if action == 'password':
update_session_auth_hash(request, ruser)
UserAction.create(
action_type='edit_user_password',
comment=form.cleaned_data['comment'],
user=request.user,
other_user=request.user
)
if action == 'settings':
try:
sciriususer = ruser.sciriususer
sciriususer.timezone = form.cleaned_data['timezone']
except:
sciriususer = SciriusUser.objects.create(user = ruser, timezone = form.cleaned_data['timezone'])
UserAction.create(
action_type='edit_user',
comment=form.cleaned_data['comment'],
user=request.user,
other_user=request.user
)
sciriususer.save()
return scirius_render(request, 'accounts/edit.html', context)
