def resetPassword(request):
if (request.user.is_anonymous):
if request.method == 'POST':
form = PasswordResetForm(request.POST)
if form.is_valid():
form.save(request=request)
messages.info(
request,
'We\'ve emailed you instructions for setting your password, if an account exists with the email you entered. You should receive them shortly.If you don\'t receive an email, please make sure you\'ve entered the address you registered with, and check your spam folder.',
extra_tags='info-alert message')
return redirect(to='accounts:resetpwd_done')
return render(request, 'accounts/resetPassword.html', locals())
else:
form = PasswordResetForm()
return render(request,
'accounts/resetPassword.html',
context={'form': form})
else:
return redirect(to='accounts:profile')
def test_custom_email_subject(self):
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
# Since we're not providing a request object, we must provide a
# domain_override to prevent the save operation from failing in the
# potential case where contrib.sites is not installed. Refs #16412.
form.save(domain_override='example.com')
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].subject, 'Custom password reset on example.com')
def test_custom_email_field(self):
email = '*****@*****.**'
CustomEmailField.objects.create_user('test name', 'test password',
email)
form = PasswordResetForm({'email': email})
self.assertTrue(form.is_valid())
form.save()
self.assertEqual(form.cleaned_data['email'], email)
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].to, [email])
def send_password_reset(self, user_email, request):
form = PasswordResetForm({'email': user_email})
if form.is_valid():
form.save(request=request,
from_email=settings.DEFAULT_FROM_EMAIL,
use_https=True)
return True
else:
return False
def register(request):
if request.user.is_authenticated():
messages.info(request, _('You are already logged in to an account.'))
form = None
elif request.method == 'POST':
form = forms.UserRegisterForm(request.POST)
mkt_user = UserProfile.objects.filter(email=form.data['email'],
password='')
if form.is_valid():
try:
u = form.save(commit=False)
u.set_password(form.cleaned_data['password'])
u.generate_confirmationcode()
u.lang = request.LANG
u.save()
log.info(u'Registered new account for user (%s)', u)
log_cef('New Account', 5, request, username=u.username,
signature='AUTHNOTICE',
msg='User created a new account')
u.email_confirmation_code()
msg = _('Congratulations! Your user account was '
'successfully created.')
messages.success(request, msg)
msg = _(u'An email has been sent to your address {0} to '
'confirm your account. Before you can log in, you '
'have to activate your account by clicking on the '
'link provided in this email.').format(u.email)
messages.info(request, _('Confirmation Email Sent'), msg)
except IntegrityError, e:
# I was unable to reproduce this, but I suspect it happens
# when they POST twice quickly and the slaves don't have the
# new info yet (total guess). Anyway, I'm assuming the
# first one worked properly, so this is still a success
# case to the end user so we just log it...
log.error('Failed to register new user (%s): %s' % (u, e))
return http.HttpResponseRedirect(reverse('users.login'))
elif mkt_user.exists():
f = PasswordResetForm()
f.users_cache = [mkt_user[0]]
f.save(use_https=request.is_secure(),
email_template_name='users/email/pwreset.ltxt',
request=request)
return render(request, 'users/newpw_sent.html', {})
else:
messages.error(request, _('There are errors in this form'),
_('Please correct them and resubmit.'))
def medi_create_user(request: HttpRequest) -> HttpResponse:
newuser_form = AllUserForm()
if request.method == 'POST':
newuser_form = AllUserForm(request.POST)
if newuser_form.is_valid():
data = newuser_form.cleaned_data
user = User.objects.filter(
Q(username=data['username']) | Q(email=data['email']))
if not user.exists():
user = User.objects.create(
first_name=newuser_form.cleaned_data['first_name'],
last_name=newuser_form.cleaned_data['last_name'],
username=newuser_form.cleaned_data['username'],
email=newuser_form.cleaned_data['email'],
type=data['user_type'])
user.set_password(newuser_form.cleaned_data['password'])
user.save()
if data['user_type'] == GENERAL_PRACTICE_USER:
user_form = NewGPForm(request.POST)
organisation = data['gp_organisation']
elif data['user_type'] == CLIENT_USER:
user_form = NewClientForm(request.POST)
organisation = data['client_organisation']
else:
user_form = NewMediForm(request.POST)
organisation = data['medi_organisation']
if user_form.is_valid():
newuser = user_form.save(commit=False)
newuser.organisation = organisation
if user.type != MEDIDATA_USER:
newuser.role = data.get('role')
newuser.user = user
newuser.save()
reset_password_form = PasswordResetForm(
data={'email': user.email})
if newuser_form.cleaned_data[
'send_email'] and reset_password_form.is_valid():
reset_password_form.save(
request=request,
from_email=DEFAULT_FROM,
subject_template_name=
'registration/password_reset_subject_new.txt',
email_template_name=
'registration/password_reset_email_new.html')
messages.success(request,
'New User Account created successfully.')
return redirect("accounts:view_users")
else:
messages.warning(request, user_form.errors)
else:
messages.warning(request, 'User Account Existing In Database')
response = render(request, 'user_management/medi_create_user.html', {
'newuser_form': newuser_form,
})
return response
def reset_password(request):
reset_type = 'reset_request'
if request.method == 'POST':
form = PasswordResetForm(request.POST)
if form.is_valid():
try:
user = get_user_model().objects.get(email=form.cleaned_data["email"])
except ObjectDoesNotExist:
form.errors['email'] = ["No user with that email exists"]
return render(request, 'password_reset.html', context={'form': form, 'type': reset_type})
if user:
send_password_reset_email(user, request)
return redirect(reverse('mhacks-password_reset_sent'))
elif request.method == 'GET':
form = PasswordResetForm()
else:
return HttpResponseNotAllowed(permitted_methods=['GET', 'POST'])
if form:
form.fields['email'].longest = True
return render(request, 'password_reset.html', context={'form': form, 'type': reset_type})
def reset(request):
if request.user.is_authenticated():
return HttpResponse(status=400)
form = PasswordResetForm(request.POST)
if form.is_valid():
form.save(email_template_name='password_email.html')
return HttpResponse(JSON_SUCCESS)
else:
return get_json_errors(form.errors)
def create_users(file_name):
email_file = open(file_name, 'r')
emails = email_file.readlines()
for email in emails:
if email.__contains__('@') and email.__contains__('.'):
user = User.objects.create_user(username=email, password='******', email=email)
user.save();
password_reset = PasswordResetForm({'email':email})
password_reset.save();
else:
print("Invalid email " + email)
def forgot_password_view(request):
if request.method == 'POST':
form = PasswordResetForm(request.POST)
if form.is_valid():
form.save(subject_template_name=
'account/password_reset_email_subject.txt',
email_template_name='account/password_reset_email.html',
from_email=settings.EMAIL_PASSWORD_RESET,
request=request)
return render(
request, 'account/message.html', {
'title':
"Password Reset Email Sent",
'message':
'Your password reset request has been sent to your email, '
'please follow the further instruction in your email',
})
else:
form = PasswordResetForm()
return render(request, 'account/forgot.html', {'form': form})
def test_inactive_user(self):
"""
Test that inactive user cannot receive password reset email.
"""
(user, username, email) = self.create_dummy_user()
user.is_active = False
user.save()
form = PasswordResetForm({'email': email})
self.assertTrue(form.is_valid())
form.save()
self.assertEqual(len(mail.outbox), 0)
def test_nonexistant_email(self):
# Test nonexistant email address
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertFalse(form.is_valid())
self.assertEqual(
form.errors, {
'email': [
u"That e-mail address doesn't have an associated user account. Are you sure you've registered?"
]
})
def find_lost_account_view(request):
auth_logout(request)
if request.method == "GET":
password_reset_form = PasswordResetForm()
phone_verification_send_form = AuthPhoneOnlyVerificationForm()
phone_verification_form = AuthPhoneVerificationForm()
context = dict(
password_reset_form=password_reset_form,
phone_verification_send_form=phone_verification_send_form,
phone_verification_form=phone_verification_form)
return render(request, 'auth/find_lost_account.html', context)
def form_valid(self, form):
# Save form
response = super(UserAdd, self).form_valid(form)
# Send a password recover email
email_form = PasswordResetForm({'email': form.cleaned_data['email']})
email_form.is_valid()
email_form.save(email_template_name='accounts/welcome_email.html')
# send response
return response
def reset_password_email(
self,
email,
template='telemeta/registration/password_reset_email.html'):
form = PasswordResetForm({'email': email})
opts = {
'from_email': self.from_email,
'email_template_name': template,
'token_generator': default_token_generator
}
return form.save(**opts)
def cambiarContrasena(correo):
template = 'registration/password_reset_email.html'
#Se rellena el formulario con el correo del usuario que se encontro con el rut
form = PasswordResetForm({'email': correo})
#Se debe de comprobar el formulario, si no dará una exepcion
if form.is_valid():
#Se guarda el formulario, enviándole un template del link para cambiar la pass
# se sobreescribe el dominio
return form.save(email_template_name=template,
domain_override="localhost:8000")
def PassReset(request):
if request.method == 'POST':
# Get the user's email address
email = request.POST.get('email')
form = PasswordResetForm(request.POST)
# If the email address is valid
if form.is_valid():
form.save(request=request)
return render(request, 'pages/emailSent.html', {'email': email})
return render(request, 'pages/forgotPassword.html')
def send(request):
data = json.loads(request.body.decode("utf-8"))
form = PasswordResetForm(data)
if form.is_valid():
form.save(
subject_template_name='email/nopass/subject.txt',
email_template_name='email/nopass/body.txt',
)
return JsonResponse(
{"success": "Please check your email for a login link."})
return JsonResponse({}, status=400)
def password_reset(request):
serializer = PasswordResetSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
form = PasswordResetForm(serializer.validated_data)
if form.is_valid():
form.save(from_email=settings.CKL_REST_AUTH.get('FROM_EMAIL'),
email_template_name='registration/password_reset_email.html',
request=request)
return JsonResponse(request.data, status=status.HTTP_200_OK)
def password_reset_view(request):
if request.method == "POST":
form = PasswordResetForm(request.POST)
if form.is_valid():
email = form.cleaned_data['email']
try:
user = Account.objects.filter(email=email).last()
except (TypeError, ValueError, OverflowError, user.DoesNotExist):
user = None
if user is not None:
token = account_activation_token.make_token(user)
# if settings.DEBUG:
# link = f"localhost:8000/user/password/{user.id}/{token}"
# else:
link = f"https://vriendly.herokuapp.com/user/password/{user.id}/{token}"
messages.info(
request,
mark_safe(
f"<p>Hi, {user.first_name}.</p><p>Reset your password from link below, please.</p><p><a href={link}>{link}</a></p>"
))
# subject = "Password Reset Requested"
# email_template_name = "main/password/password_reset_email.txt"
# c = {
# "email":user.email,
# 'domain':'127.0.0.1:8000',
# 'site_name': 'Website',
# "uid": urlsafe_base64_encode(force_bytes(user.pk)),
# "user": user,
# 'token': default_token_generator.make_token(user),
# 'protocol': 'http',
# }
# email = render_to_string(email_template_name, c)
# try:
# send_mail(subject, email, '*****@*****.**' , [user.email], fail_silently=False)
# except BadHeaderError:
# return HttpResponse('Invalid header found.')
return redirect("password_reset_done")
else:
form = PasswordResetForm()
return render(request, 'account/password_reset.html',
{'password_reset_form': form})
def save(self, request):
user = super(InviteUserForm, self).save(commit=False)
user.set_password(get_random_string(1024))
user.save()
prf = PasswordResetForm({"email": user.email})
if prf.is_valid():
prf.save(
request=request,
use_https=True,
email_template_name='registration/invitation_email.html',
subject_template_name='registration/invitation_subject.txt')
return user
def validate_email(self, value):
if not list(PasswordResetForm().get_users(value)):
raise serializers.ValidationError(
_('There is no password linked to this Email address.'))
# Create PasswordResetForm with the serializer
self.reset_form = self.password_reset_form_class(
data=self.initial_data)
if not self.reset_form.is_valid():
raise serializers.ValidationError(self.reset_form.errors)
return value
def test_custom_email_subject(self):
template_path = os.path.join(os.path.dirname(__file__), 'templates')
with self.settings(TEMPLATE_DIRS=(template_path,)):
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
# Since we're not providing a request object, we must provide a
# domain_override to prevent the save operation from failing in the
# potential case where contrib.sites is not installed. Refs #16412.
form.save(domain_override='example.com')
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].subject, 'Custom password reset on example.com')
def post(self, request):
form = PasswordResetForm(request.POST)
if form.is_valid():
email = form.cleaned_data['email']
self.password_reset(request=request,
email=email,
password_reset_form=PasswordResetForm)
return redirect('/reset/done/')
else:
messages.warning(request, f'Wystąpił błąd, spróbuj jeszcze raz:')
ctx = {'form': form}
return render(request, 'reset_password.html', ctx)
def realm_user_resend_password_reset(request, realm_id, user_dn):
realm = Realm.objects.get(id=realm_id)
ldap_user = LdapUser.get_user_by_dn(dn=user_dn, realm=realm)
try:
if ldap_user.email:
logger.info(f"Sending email to {ldap_user.email}")
form = PasswordResetForm({'email': ldap_user.email})
if form.is_valid():
logger.info('CREATE REQUEST')
pw_reset_request = HttpRequest()
pw_reset_request.META['SERVER_NAME'] = get_current_site(
request).domain
pw_reset_request.META['SERVER_PORT'] = '80'
if request.is_secure():
pw_reset_request.META['SERVER_PORT'] = '443'
logger.info('form.save')
form.save(
request=pw_reset_request,
use_https=True,
from_email=realm.email,
email_template_name='registration/password_reset_email.html'
)
return render_realm_user_detail_view(
request,
realm_id,
user_dn,
success_headline="Erfolgreich",
success_text=
"Die Passwort zurücksetzen E-Mail wurde erfolgreich versendet."
)
return render_realm_user_detail_view(
request,
realm_id,
user_dn,
error_headline="Fehlgeschlagen",
error_text="Der Nutzer E-Mail Addresse ist ungültig. "
"Es wurde keine E-Mail übermittelt.")
return render_realm_user_detail_view(
request,
realm_id,
user_dn,
error_headline="Fehlgeschlagen",
error_text="Der Nutzer besitzt keine E-Mail Addresse. "
"Bitte tragen Sie diese nach und probieren es erneut.")
except Exception as err:
logger.error(f'Error: {err}')
return render_realm_user_detail_view(
request,
realm_id,
user_dn,
error_headline="Fehlgeschlagen",
error_text=
"Die Passwort zurücksetzen E-Mail konnte nicht versendet werden.")
def reset_pw(request):
email = request.POST.get('email')
form = PasswordResetForm(request.POST)
if form.is_valid():
opts = {
'use_https': request.is_secure(),
'email_template_name': 'registration/password_reset_email.html',
'subject_template_name': 'registration/password_reset_subject.txt',
'request': request,
}
form.save(**opts)
return JsonResponse({})
def reset_password(request):
if request.method == 'POST':
form = PasswordResetForm(request.POST)
if form.is_valid():
email = form.cleaned_data['email']
if AuthUser.objects.filter(email=email).count() > 0:
user = AuthUser.objects.get(email=email)
random_password = get_random_string(8)
user.password = hashers.make_password(password=random_password)
user.save()
send_email_reset_password(
to_user=user,
new_password=random_password,
login_url=request.META['HTTP_HOST'] + '/admin/login')
form.is_success = True
else:
form.add_error('email', 'Địa chỉ email không tồn tại.')
return render(request, "admin/password_reset.html", context={'form': form})
else:
return render(request, "admin/password_reset.html", context={'form': PasswordResetForm()})
def custom_reset_view(request):
print('custom_reset_view')
if request.method == 'POST':
print('POST')
pr_from = PasswordResetForm(request.POST)
if pr_from.is_valid():
print(pr_from.cleaned_data)
uemail = pr_from.cleaned_data.get('email')
if not AuthUser.objects.filter(email=uemail).exists():
#user with valid email and active
messages.error(
request, f'Your email { uemail } is invalid, '
f'Please enter your registered email id ')
else:
messages.error(request, pr_from.errors)
else:
pr_from = PasswordResetForm()
context = {'form': pr_from}
return render(request, 'authsystem/password_reset.html', context)
def post(self, request, *args, **kwargs):
self.user_form = self.form_class(request.POST)
if self.user_form.is_valid():
user = self.user_form.save()
setpsw = PasswordResetForm(data={'email': user.email})
if setpsw.is_valid():
setpsw.save(subject_template_name=self.subject_template_name,
email_template_name=self.email_template_name)
messages.success(request,
"Invitation email sent to %s" % user.email)
return self.get_redirect_url()
return self.render_to_response(self.get_context_data())
def reset_password(self, request, id):
obj=ResetPasswordRequest.objects.filter(id=id)[0]
if(obj.sent==True):
messages.error(request, 'this request was already entertained')
return HttpResponseRedirect('..')
email = obj.email
print(email)
form = PasswordResetForm(data={'email': email})
form.is_valid()
form.save(email_template_name='registration/password_reset_email.html')
obj.sendEmail()
return HttpResponseRedirect('..')
