Ejemplo n.º 1
0
def reset(request, username="", user="******", token=""):
    user = int(user)
    try:
        user = User.objects.get(pk=user)
        user_ban = Ban.objects.check_ban(username=user.username, email=user.email)
        
        if user_ban:
            return error_banned(request, user, user_ban)
        
        if user.activation != User.ACTIVATION_NONE:
            return redirect_message(request, Message(_("%(username)s, your account has to be activated in order for you to be able to request new password.") % {'username': user.username}), 'info')
        
        if not token or not user.token or user.token != token:
            return redirect_message(request, Message(_("%(username)s, request confirmation link is invalid. Please request new confirmation link.") % {'username': user.username}), 'error')
        
        new_password = random_string(6)
        user.token = None
        user.set_password(new_password)
        user.save(force_update=True)
        
        # Logout signed in and kill remember me tokens
        Session.objects.filter(user=user).update(user=None)
        Token.objects.filter(user=user).delete()
        
        # Set flash and mail new password
        user.email_user(
                        request,
                        'users/password/new',
                        _("Your New Password"),
                        {'password': new_password}
                        )
        
        return redirect_message(request, Message(_("%(username)s, your password has been changed with new one that was sent to %(email)s.") % {'username': user.username, 'email': user.email}), 'success')
    except User.DoesNotExist:
        return error404(request)
Ejemplo n.º 2
0
Archivo: views.py Proyecto: xyzz/Misago
def activate(request, username="", user="******", token=""):
    user = int(user)

    try:
        user = User.objects.get(pk=user)
        current_activation = user.activation

        # Run checks
        user_ban = Ban.objects.check_ban(username=user.username, email=user.email)
        if user_ban:
            return error_banned(request, user, user_ban)

        if user.activation == User.ACTIVATION_NONE:
            return redirect_message(request, Message(_("%(username)s, your account is already active.") % {'username': user.username}), 'info')

        if user.activation == User.ACTIVATION_ADMIN:
            return redirect_message(request, Message(_("%(username)s, only board administrator can activate your account.") % {'username': user.username}), 'info')

        if not token or not user.token or user.token != token:
            return redirect_message(request, Message(_("%(username)s, your activation link is invalid. Try again or request new activation e-mail.") % {'username': user.username}), 'error')

        # Activate and sign in our member
        user.activation = User.ACTIVATION_NONE
        sign_user_in(request, user)

        # Update monitor
        User.objects.resync_monitor(request.monitor)

        if current_activation == User.ACTIVATION_CREDENTIALS:
            return redirect_message(request, Message(_("%(username)s, your account has been successfully reactivated after change of sign-in credentials.") % {'username': user.username}), 'success')
        else:
            return redirect_message(request, Message(_("%(username)s, your account has been successfully activated. Welcome aboard!") % {'username': user.username}), 'success')
    except User.DoesNotExist:
        return error404(request)
Ejemplo n.º 3
0
def form(request):
    message = None
    
    if request.method == 'POST':
        form = UserResetPasswordForm(request.POST, request=request)
        
        if form.is_valid():
            user = form.found_user
            user_ban = Ban.objects.check_ban(username=user.username, email=user.email)
            
            if user_ban:
                return error_banned(request, user, user_ban)
            elif user.activation != User.ACTIVATION_NONE:
                return redirect_message(request, Message(_("%(username)s, your account has to be activated in order for you to be able to request new password.") % {'username': user.username}), 'info')
            
            user.token = random_string(12)
            user.save(force_update=True)
            user.email_user(
                            request,
                            'users/password/confirm',
                            _("Confirm New Password Request")
                            )
            
            return redirect_message(request, Message(_("%(username)s, new password request confirmation has been sent to %(email)s.") % {'username': user.username, 'email': user.email}), 'info')
        else:
            message = Message(form.non_field_errors()[0], 'error')
    else:
        form = UserResetPasswordForm(request=request)
    return request.theme.render_to_response('reset_password.html',
                                            {
                                             'message': message,
                                             'form': FormLayout(form),
                                            },
                                            context_instance=RequestContext(request));
Ejemplo n.º 4
0
Archivo: views.py Proyecto: xyzz/Misago
def form(request):
    message = None
    if request.method == 'POST':
        form = UserSendActivationMailForm(request.POST, request=request)
        if form.is_valid():
            user = form.found_user
            user_ban = Ban.objects.check_ban(username=user.username, email=user.email)

            if user_ban:
                return error_banned(request, user, user_ban)

            if user.activation == User.ACTIVATION_NONE:
                return redirect_message(request, Message(_("%(username)s, your account is already active.") % {'username': user.username}), 'info')

            if user.activation == User.ACTIVATION_ADMIN:
                return redirect_message(request, Message(_("%(username)s, only board administrator can activate your account.") % {'username': user.username}), 'info')

            user.email_user(
                            request,
                            'users/activation/resend',
                            _("Account Activation"),
                            )
            return redirect_message(request, Message(_("%(username)s, e-mail containing new activation link has been sent to %(email)s.") % {'username': user.username, 'email': user.email}), 'success')
        else:
            message = Message(form.non_field_errors()[0], 'error')
    else:
        form = UserSendActivationMailForm(request=request)
    return request.theme.render_to_response('resend_activation.html',
                                            {
                                             'message': message,
                                             'form': FormLayout(form),
                                            },
                                            context_instance=RequestContext(request));
Ejemplo n.º 5
0
def reset(request, username="", user="******", token=""):
    user = int(user)
    try:
        user = User.objects.get(pk=user)
        user_ban = Ban.objects.check_ban(username=user.username,
                                         email=user.email)

        if user_ban:
            return error_banned(request, user, user_ban)

        if user.activation != User.ACTIVATION_NONE:
            return redirect_message(
                request,
                Message(
                    _("%(username)s, your account has to be activated in order for you to be able to request new password."
                      ) % {'username': user.username}), 'info')

        if not token or not user.token or user.token != token:
            return redirect_message(
                request,
                Message(
                    _("%(username)s, request confirmation link is invalid. Please request new confirmation link."
                      ) % {'username': user.username}), 'error')

        new_password = random_string(6)
        user.token = None
        user.set_password(new_password)
        user.save(force_update=True)

        # Logout signed in and kill remember me tokens
        Session.objects.filter(user=user).update(user=None)
        Token.objects.filter(user=user).delete()

        # Set flash and mail new password
        user.email_user(request, 'users/password/new', _("Your New Password"),
                        {'password': new_password})

        return redirect_message(
            request,
            Message(
                _("%(username)s, your password has been changed with new one that was sent to %(email)s."
                  ) % {
                      'username': user.username,
                      'email': user.email
                  }), 'success')
    except User.DoesNotExist:
        return error404(request)
Ejemplo n.º 6
0
def form(request):
    message = None

    if request.method == 'POST':
        form = UserResetPasswordForm(request.POST, request=request)

        if form.is_valid():
            user = form.found_user
            user_ban = Ban.objects.check_ban(username=user.username,
                                             email=user.email)

            if user_ban:
                return error_banned(request, user, user_ban)
            elif user.activation != User.ACTIVATION_NONE:
                return redirect_message(
                    request,
                    Message(
                        _("%(username)s, your account has to be activated in order for you to be able to request new password."
                          ) % {'username': user.username}), 'info')

            user.token = random_string(12)
            user.save(force_update=True)
            user.email_user(request, 'users/password/confirm',
                            _("Confirm New Password Request"))

            return redirect_message(
                request,
                Message(
                    _("%(username)s, new password request confirmation has been sent to %(email)s."
                      ) % {
                          'username': user.username,
                          'email': user.email
                      }), 'info')
        else:
            message = Message(form.non_field_errors()[0], 'error')
    else:
        form = UserResetPasswordForm(request=request)
    return request.theme.render_to_response(
        'reset_password.html', {
            'message': message,
            'form': FormLayout(form),
        },
        context_instance=RequestContext(request))
Ejemplo n.º 7
0
Archivo: views.py Proyecto: xyzz/Misago
def form(request):
    if request.settings['account_activation'] == 'block':
        return redirect_message(
            request,
            Message(
                _("We are sorry but we don't allow new members registrations at this time."
                  )), 'info')

    message = None
    if request.method == 'POST':
        form = UserRegisterForm(request.POST, request=request)
        if form.is_valid():
            need_activation = 0
            if request.settings['account_activation'] == 'user':
                need_activation = User.ACTIVATION_USER
            if request.settings['account_activation'] == 'admin':
                need_activation = User.ACTIVATION_ADMIN

            new_user = User.objects.create_user(
                form.cleaned_data['username'],
                form.cleaned_data['email'],
                form.cleaned_data['password'],
                ip=request.session.get_ip(request),
                agent=request.META.get('HTTP_USER_AGENT'),
                activation=need_activation,
                request=request)

            if need_activation == User.ACTIVATION_NONE:
                # Sign in user
                sign_user_in(request, new_user)
                request.messages.set_flash(
                    Message(
                        _("Welcome aboard, %(username)s! Your account has been registered successfully."
                          ) % {'username': new_user.username}), 'success')

            if need_activation == User.ACTIVATION_USER:
                # Mail user activation e-mail
                request.messages.set_flash(
                    Message(
                        _("%(username)s, your account has been registered, but you will have to activate it before you will be able to sign-in. We have sent you an e-mail with activation link."
                          ) % {'username': new_user.username}), 'info')
                new_user.email_user(
                    request,
                    'users/activation/user',
                    _("Welcome aboard, %(username)s!") %
                    {'username': new_user.username},
                )

            if need_activation == User.ACTIVATION_ADMIN:
                # Require admin activation
                request.messages.set_flash(
                    Message(
                        _("%(username)s, Your account has been registered, but you won't be able to sign in until board administrator accepts it. We'll notify when this happens. Thank you for your patience!"
                          ) % {'username': new_user.username}), 'info')
                new_user.email_user(
                    request, 'users/activation/admin',
                    _("Welcome aboard, %(username)s!") %
                    {'username': new_user.username},
                    {'password': form.cleaned_data['password']})

            User.objects.resync_monitor(request.monitor)
            return redirect(reverse('index'))
        else:
            message = Message(form.non_field_errors()[0], 'error')
            if request.settings['registrations_jams']:
                SignInAttempt.objects.register_attempt(
                    request.session.get_ip(request))
            # Have we jammed our account?
            if SignInAttempt.objects.is_jammed(
                    request.settings, request.session.get_ip(request)):
                request.jam.expires = timezone.now()
                return redirect(reverse('register'))
    else:
        form = UserRegisterForm(request=request)
    return request.theme.render_to_response(
        'register.html', {
            'message': message,
            'form': FormLayout(form),
            'hide_signin': True,
        },
        context_instance=RequestContext(request))
Ejemplo n.º 8
0
def form(request):
    if request.settings['account_activation'] == 'block':
       return redirect_message(request, Message(_("We are sorry but we don't allow new members registrations at this time.")), 'info')
    
    message = None
    if request.method == 'POST':
        form = UserRegisterForm(request.POST, request=request)
        if form.is_valid():
            need_activation = 0
            if request.settings['account_activation'] == 'user':
                need_activation = User.ACTIVATION_USER
            if request.settings['account_activation'] == 'admin':
                need_activation = User.ACTIVATION_ADMIN
                
            new_user = User.objects.create_user(
                                                form.cleaned_data['username'],
                                                form.cleaned_data['email'],
                                                form.cleaned_data['password'],
                                                ip=request.session.get_ip(request),
                                                agent=request.META.get('HTTP_USER_AGENT'),
                                                activation=need_activation,
                                                request=request
                                                )
                        
            if need_activation == User.ACTIVATION_NONE:
                # Sign in user
                sign_user_in(request, new_user)
                request.messages.set_flash(Message(_("Welcome aboard, %(username)s! Your account has been registered successfully.") % {'username': new_user.username}), 'success')
                
            if need_activation == User.ACTIVATION_USER:
                # Mail user activation e-mail
                request.messages.set_flash(Message(_("%(username)s, your account has been registered, but you will have to activate it before you will be able to sign-in. We have sent you an e-mail with activation link.") % {'username': new_user.username}), 'info')
                new_user.email_user(
                                    request,
                                    'users/activation/user',
                                    _("Welcome aboard, %(username)s!") % {'username': new_user.username},
                                    )
                
            if need_activation == User.ACTIVATION_ADMIN:
                # Require admin activation
                request.messages.set_flash(Message(_("%(username)s, Your account has been registered, but you won't be able to sign in until board administrator accepts it. We'll notify when this happens. Thank you for your patience!") % {'username': new_user.username}), 'info')
                new_user.email_user(
                                    request,
                                    'users/activation/admin',
                                    _("Welcome aboard, %(username)s!") % {'username': new_user.username},
                                    {'password': form.cleaned_data['password']}
                                    )
            
            User.objects.resync_monitor(request.monitor)
            return redirect(reverse('index'))
        else:
            message = Message(form.non_field_errors()[0], 'error')
            if request.settings['registrations_jams']:
                SignInAttempt.objects.register_attempt(request.session.get_ip(request))
            # Have we jammed our account?
            if SignInAttempt.objects.is_jammed(request.settings, request.session.get_ip(request)):
                request.jam.expires = timezone.now()
                return redirect(reverse('register'))
    else:
        form = UserRegisterForm(request=request)
    return request.theme.render_to_response('register.html',
                                            {
                                             'message': message,
                                             'form': FormLayout(form),
                                             'hide_signin': True, 
                                            },
                                            context_instance=RequestContext(request));