def form_valid(self, form): password = form.cleaned_data['password'] request = self.request user = request.user if not xmpp_backend.check_password(user.node, user.domain, password=password): form.add_error('password', _('The password is incorrect.')) return self.form_invalid(form) address = request.META['REMOTE_ADDR'] lang = request.LANGUAGE_CODE base_url = '%s://%s' % (request.scheme, request.get_host()) send_confirmation_task.delay( user_pk=user.pk, purpose=PURPOSE_DELETE, language=lang, address=address, to=user.email, base_url=base_url, hostname=request.site['NAME']) messages.success(request, _( 'We sent you an email to %(email)s to confirm your request.') % {'email': user.email, }) user.log(ugettext_noop('Requested deletion of account.'), address) stat(STAT_DELETE_ACCOUNT) AddressActivity.objects.log(request, ACTIVITY_SET_EMAIL, note=user.email) return HttpResponseRedirect(reverse('account:detail'))
def form_valid(self, form): request = self.request user = request.user if not user.created_in_backend: return self.handle_new_account(request, form) address = request.META['REMOTE_ADDR'] to = form.cleaned_data['email'] # If REQUIRE_UNIQUE_EMAIL is true, validate uniquenss qs = User.objects.exclude(pk=user.pk).filter(email=to) if settings.REQUIRE_UNIQUE_EMAIL and qs.exists(): form.add_error('email', _('Email address is already used by another account.')) return self.form_invalid(form) lang = request.LANGUAGE_CODE base_url = '%s://%s' % (request.scheme, request.get_host()) fp, key = form.get_gpg_data() set_email_task.delay( user_pk=user.pk, to=to, language=lang, address=address, fingerprint=fp, key=key, base_url=base_url, hostname=request.site['NAME']) messages.success(request, _( 'We sent you an email to your new email address (%(email)s). Click on the link in it ' 'to confirm it.') % {'email': to}) user.log(ugettext_noop('Requested change of email address to %(email)s.'), address, email=to) stat(STAT_SET_EMAIL) AddressActivity.objects.log(request, ACTIVITY_SET_EMAIL, note=to) return super(SetEmailView, self).form_valid(form)
def get_redirect_url(self, *args, **kwargs): request = self.request user = request.user qs = self.queryset.filter(user=user) key = get_object_or_404(qs, key=kwargs['key']) user.email = key.to # Compute the normalized email address user.normalized_email = normalize_email(user.email) user.confirmed = timezone.now() with transaction.atomic(): # Update list of GPG keys user.gpg_keys.all().delete() gpg_keys = key.payload.get('gpg_recv_pub') if gpg_keys: add_gpg_key_task.delay(user_pk=user.pk, address=key.address.address, key=gpg_keys) user.save() key.delete() messages.success(request, _('Confirmed email address change to %(email)s.') % {'email': user.email, }) user.log(ugettext_noop('Confirmed email address change to %(email)s.'), request.META['REMOTE_ADDR'], email=key.to) stat(STAT_SET_EMAIL_CONFIRMED) return super(ConfirmSetEmailView, self).get_redirect_url()
def form_valid(self, form): self.ratelimit(self.request) user = None try: user = User.objects.confirmed().get(username=form.cleaned_data['username']) except User.DoesNotExist: pass # checked in next branch if user is None or not xmpp_backend.user_exists(user.node, user.domain): code = 'not-found' error = forms.ValidationError(form.fields['username'].error_messages[code], code=code) form.add_error('username', error) return self.form_invalid(form) request = self.request address = request.META['REMOTE_ADDR'] lang = request.LANGUAGE_CODE base_url = '%s://%s' % (request.scheme, request.get_host()) user.log(ugettext_noop('Requested password reset.'), address) AddressActivity.objects.log(request, ACTIVITY_RESET_PASSWORD, user=user) stat(STAT_RESET_PASSWORD) send_confirmation_task.delay( user_pk=user.pk, purpose=PURPOSE_RESET_PASSWORD, language=lang, address=address, to=user.email, base_url=base_url, hostname=request.site['NAME']) return self.render_to_response(self.get_context_data(form=form))
def form_valid(self, form): key = self.key if isinstance(key, HttpResponse): return key request = self.request address = request.META['REMOTE_ADDR'] now = timezone.now() with transaction.atomic(): xmpp_backend.set_password(username=key.user.node, domain=key.user.domain, password=form.cleaned_data['new_password1']) xmpp_backend.set_last_activity(key.user.node, key.user.domain, timestamp=now) key.user.last_activity = now key.user.log(ugettext_noop('Set new password.'), address) messages.success(request, _('Successfully changed your password.')) stat(STAT_RESET_PASSWORD_CONFIRMED) key.user.backend = settings.AUTHENTICATION_BACKENDS[0] key.user.save() login(self.request, key.user) key.delete() return super(ConfirmResetPasswordView, self).form_valid(form)
def form_valid(self, form): key = self.key if isinstance(key, HttpResponse): return key request = self.request address = request.META['REMOTE_ADDR'] password = form.cleaned_data['new_password1'] with transaction.atomic(), version(comment="email address confirmed"): key.user.confirmed = timezone.now() key.user.created_in_backend = True key.user.save() if request.user != key.user: logout(request) # logout any previous user key.user.backend = settings.AUTHENTICATION_BACKENDS[0] login(request, key.user) # Actually create the user on the XMPP server xmpp_backend.create_user(username=key.user.node, domain=key.user.domain, password=password, email=key.user.email) key.user.log(ugettext_noop('Email address %(email)s confirmed.'), address, email=key.user.email) # TODO: More meaningful help message on a webchat, usable clients, follow updates, ... messages.success(request, _( "Successfully confirmed your email address. You can now use your account.")) stat(STAT_REGISTER_CONFIRMED) # Delete the registration key key.delete() return super(ConfirmRegistrationView, self).form_valid(form)
def form_valid(self, form): self.ratelimit(self.request) try: user = User.objects.filter(confirmed__isnull=False).get( username=form.cleaned_data['username']) except User.DoesNotExist: form.add_error('username', _('User not found.')) return self.form_invalid(form) request = self.request address = request.META['REMOTE_ADDR'] lang = request.LANGUAGE_CODE base_url = '%s://%s' % (request.scheme, request.get_host()) user.log(ugettext_noop('Requested password reset.'), address) AddressActivity.objects.log(request, ACTIVITY_RESET_PASSWORD, user=user) stat(STAT_RESET_PASSWORD) send_confirmation_task.delay(user_pk=user.pk, purpose=PURPOSE_RESET_PASSWORD, language=lang, address=address, to=user.email, base_url=base_url, hostname=request.site['NAME']) return self.render_to_response(self.get_context_data(form=form))
def form_valid(self, form): request = self.request form.save() request.user.log(ugettext_noop('Set new password.'), request.META['REMOTE_ADDR']) AddressActivity.objects.log(request, ACTIVITY_SET_PASSWORD) stat(STAT_SET_PASSWORD) messages.success(request, _('Successfully changed your password.')) return super(SetPasswordView, self).form_valid(form)
def form_valid(self, form): request = self.request self.ratelimit(request) address = request.META['REMOTE_ADDR'] lang = request.LANGUAGE_CODE base_url = '%s://%s' % (request.scheme, request.get_host()) with transaction.atomic(): response = super(RegistrationView, self).form_valid(form) user = self.object # save default language user.default_language = lang user.save() # log user creation, display help message. user.log(ugettext_noop('Account created.'), address=address) AddressActivity.objects.log(request, ACTIVITY_REGISTER, user=user, note=user.email) stat(STAT_REGISTER) messages.success( request, _("""Successfully created the account %(username)s. A confirmation email was just sent to the email address you provided (%(email)s). Before you can use your account, you must click on the confirmation link in that email.""") % { 'username': user.username, 'email': user.email, }) user.backend = settings.AUTHENTICATION_BACKENDS[0] login(self.request, user) task = send_confirmation_task.si(user_pk=user.pk, purpose=PURPOSE_REGISTER, language=lang, address=address, to=user.email, base_url=base_url, hostname=request.site['NAME']) # Store GPG key if any fp, key = form.get_gpg_data() if fp or key: gpg_task = add_gpg_key_task.si(user_pk=user.pk, address=address, fingerprint=fp, key=key) task = chain(gpg_task, task) task.delay() return response
def form_valid(self, form): request = self.request self.ratelimit(request) address = request.META['REMOTE_ADDR'] lang = request.LANGUAGE_CODE base_url = '%s://%s' % (request.scheme, request.get_host()) if BlockedEmail.objects.is_blocked(form.cleaned_data['email']): BlockedIpAddress.objects.block(address) raise BlockedException(_('You cannot register with this email address.')) with transaction.atomic(), version(comment='User created'): response = super(RegistrationView, self).form_valid(form) user = self.object # Compute the normalized email address user.normalized_email = normalize_email(user.email) # save default language user.default_language = lang user.save() # log user creation, display help message. user.log(ugettext_noop('Account created.'), address=address) AddressActivity.objects.log(request, ACTIVITY_REGISTER, user=user, note=user.email) stat(STAT_REGISTER) messages.success(request, _( """Successfully created the account %(username)s. A confirmation email was just sent to the email address you provided (%(email)s). Before you can use your account, you must click on the confirmation link in that email.""") % { 'username': user.username, 'email': user.email, }) user.backend = settings.AUTHENTICATION_BACKENDS[0] login(self.request, user) task = send_confirmation_task.si( user_pk=user.pk, purpose=PURPOSE_REGISTER, language=lang, address=address, to=user.email, base_url=base_url, hostname=request.site['NAME']) # Store GPG key if any fp, key = form.get_gpg_data() if fp or key: gpg_task = add_gpg_key_task.si( user_pk=user.pk, address=address, fingerprint=fp, key=key) task = chain(gpg_task, task) task.delay() return response
def form_valid(self, form): request = self.request address = request.META['REMOTE_ADDR'] user = request.user password = form.cleaned_data['password'] xmpp_backend.set_password(username=user.node, domain=user.domain, password=password) user.log(ugettext_noop('Set new password.'), address) AddressActivity.objects.log(request, ACTIVITY_SET_PASSWORD) stat(STAT_SET_PASSWORD) messages.success(request, _('Successfully changed your password.')) return super(SetPasswordView, self).form_valid(form)
def handle_new_account(self, request, form): self.ratelimit(request) user = request.user address = request.META['REMOTE_ADDR'] lang = request.LANGUAGE_CODE base_url = '%s://%s' % (request.scheme, request.get_host()) with transaction.atomic(): request.user.email = form.cleaned_data['email'] request.user.save() # Remove existing confirmation keys for different email addresses, otherwise the user might be # able to get a confirmed address with the old key, but the new address is already set above Confirmation.objects.filter( user=user, purpose=PURPOSE_REGISTER).exclude(to=user.email).delete() # log user creation, display help message. user.log(ugettext_noop('Resent confirmation.'), address=address) AddressActivity.objects.log(request, ACTIVITY_RESEND_CONFIRMATION, user=user, note=user.email) stat(STAT_RESEND_CONFIRMATION) messages.success( request, _("Resent confirmation email to %(email)s.") % {'email': user.email}) task = send_confirmation_task.si(user_pk=user.pk, purpose=PURPOSE_REGISTER, language=lang, address=address, to=user.email, base_url=base_url, hostname=request.site['NAME']) # Store GPG key if any fp, key = form.get_gpg_data() if fp or key: gpg_task = add_gpg_key_task.si(user_pk=user.pk, address=address, fingerprint=fp, key=key) task = chain(gpg_task, task) task.delay() return HttpResponseRedirect(reverse('account:detail'))
def handle_new_account(self, request, form): self.ratelimit(request) user = request.user address = request.META['REMOTE_ADDR'] lang = request.LANGUAGE_CODE base_url = '%s://%s' % (request.scheme, request.get_host()) fp, key = form.get_gpg_data() with transaction.atomic(): request.user.email = form.cleaned_data['email'] # Compute the normalized email address request.user.normalized_email = normalize_email(user.email) request.user.save() # Remove existing confirmation keys for different email addresses, otherwise the user might be # able to get a confirmed address with the old key, but the new address is already set above Confirmation.objects.filter(user=user, purpose=PURPOSE_REGISTER).exclude(to=user.email).delete() # If the user has not set any keys, remove them before sending. if not fp and not key: user.gpg_keys.all().delete() # log user creation, display help message. user.log(ugettext_noop('Resent confirmation.'), address=address) AddressActivity.objects.log(request, ACTIVITY_RESEND_CONFIRMATION, user=user, note=user.email) stat(STAT_RESEND_CONFIRMATION) messages.success(request, _("Resent confirmation email to %(email)s.") % {'email': user.email}) task = send_confirmation_task.si( user_pk=user.pk, purpose=PURPOSE_REGISTER, language=lang, address=address, to=user.email, base_url=base_url, hostname=request.site['NAME']) # Store GPG key if any if fp or key: # TODO: If the user is not confirmed yet and a key is added, this does not seem to work gpg_task = add_gpg_key_task.si( user_pk=user.pk, address=address, fingerprint=fp, key=key) task = chain(gpg_task, task) # User has not set a new GPG key, so we remove any keys task.delay() return HttpResponseRedirect(reverse('account:detail'))
def form_valid(self, form): password = form.cleaned_data['password'] request = self.request user = request.user # Check the password of the user again if not xmpp_backend.check_password(user.node, user.domain, password=password): form.add_error('password', _('The password is incorrect.')) return self.form_invalid(form) # Verify the confirmation key key = get_object_or_404(self.queryset.filter(user=user), key=self.kwargs['key']) # Log the user out, delete data logout(request) xmpp_backend.remove_user(user.node, user.domain) key.delete() user.delete() stat(STAT_DELETE_ACCOUNT_CONFIRMED) return HttpResponseRedirect(reverse('blog:home'))
def form_invalid(self, form): self.ratelimit(self.request) stat(STAT_FAILED_LOGIN) return super(LoginView, self).form_invalid(form)