def password_reset_confirm(request, uidb36=None, token=None):
"""View that checks the hash in a password reset link and presents a
form for entering a new password.
Based on django.contrib.auth.views.
"""
try:
uid_int = base36_to_int(uidb36)
except ValueError:
raise Http404
user = get_object_or_404(User, id=uid_int)
context = {}
if default_token_generator.check_token(user, token):
context['validlink'] = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('users.pw_reset_complete'))
else:
form = SetPasswordForm(None)
else:
context['validlink'] = False
form = None
context['form'] = form
return jingo.render(request, 'users/pw_reset_confirm.html', context)
def put(self, request, *args, **kwargs):
"""
忘记密码
"""
form = SetPasswordForm(request.data)
if not form.is_valid():
return Response({'Detail': form.errors},
status=status.HTTP_400_BAD_REQUEST)
cld = form.cleaned_data
is_valid, error_message = verify_identifying_code(cld)
if not is_valid:
return Response({'Detail': error_message},
status=status.HTTP_400_BAD_REQUEST)
instance = self.get_object_by_username(cld['username_type'],
cld['username'])
if isinstance(instance, Exception):
return Response({'Detail': instance.args},
status=status.HTTP_400_BAD_REQUEST)
serializer = UserSerializer(instance)
try:
serializer.update_password(request, instance, cld)
except Exception as e:
return Response({'Detail': e.args},
status=status.HTTP_400_BAD_REQUEST)
# serializer_response = UserInstanceSerializer(instance)
return Response(serializer.data,
status=status.HTTP_206_PARTIAL_CONTENT)
def test_common_password(self):
form = SetPasswordForm(None,
data={
'new_password1': 'password',
'new_password2': 'password'
})
assert not form.is_valid()
def test_common_password(self):
u = user(save=True)
form = SetPasswordForm(u,
data={
'new_password1': 'password',
'new_password2': 'password',
'old_password': '******'
})
assert not form.is_valid()
def post(self, request):
data = request.POST
userid = request.session.get('id')
datas = data.dict()
datas['userid'] = userid
form = SetPasswordForm(datas)
if form.is_valid():
context = {'sec': '修改成功'}
return render(request, 'users/password.html', context=context)
else:
context = {'formdata': form}
return render(request, 'users/password.html', context=context)
def password_reset_confirm(request, uidb36=None, token=None):
"""View that checks the hash in a password reset link and presents a
form for entering a new password.
It's used on both desktop (ajax) and mobile websites.
"""
try:
uid_int = base36_to_int(uidb36)
except ValueError:
raise Http404
user = get_object_or_404(User, id=uid_int)
context = {}
# Display mobile or desktop version by sniffing user-agent
mobile = is_mobile(request)
if default_token_generator.check_token(user, token):
context['validlink'] = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
if mobile:
return HttpResponseRedirect(reverse('users.mobile_pw_reset_complete'))
else:
return {'status': 'success'}
elif not mobile:
return {'status': 'error',
'errors': dict(form.errors.iteritems())}
else:
form = SetPasswordForm(None)
else:
context['validlink'] = False
form = None
context['form'] = form
if mobile:
return jingo.render(request, 'users/mobile/pw_reset_confirm.html', context)
else:
context.update({'uidb36': uidb36,
'token': token,
'is_pwreset': True,
'is_homepage': True,
'stats': get_global_stats() })
return jingo.render(request, 'desktop/home.html', context)
def handle_password_reset_confirm(request, uidb36, token):
"""Present set password form or perform actual password reset."""
try:
uid_int = base36_to_int(uidb36)
user = User.objects.get(id=uid_int)
except (ValueError, User.DoesNotExist):
raise Http404
if not auth.tokens.default_token_generator.check_token(user, token):
raise Http404
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return form
return SetPasswordForm(None)
def password_reset_confirm(request, uidb36=None, token=None):
"""View that checks the hash in a password reset link and presents a
form for entering a new password.
Based on django.contrib.auth.views.
"""
try:
uid_int = base36_to_int(uidb36)
except ValueError:
raise Http404
user = get_object_or_404(User, id=uid_int)
context = {}
if default_token_generator.check_token(user, token):
context['validlink'] = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('users.pw_reset_complete'))
else:
form = SetPasswordForm(None)
else:
context['validlink'] = False
form = None
context['form'] = form
return jingo.render(request, 'users/pw_reset_confirm.html', context)
def get(self, request, uidb64, token):
"""
Presents user login
:param request: HttpRequest object with request data
:return: HttpResponse object with response data
"""
confirm_pwd_form = SetPasswordForm()
context = {"form": confirm_pwd_form}
return render(request, "users/confirm_password.html", context)
def set_password(request):
if request.method == 'GET':
form = SetPasswordForm()
status_message = None
elif request.method == 'POST':
form = SetPasswordForm(request.POST)
if form.is_valid():
user = Profile.objects.filter(
phone=request.session.get('phone', '')).first()
user.user.set_password(form.cleaned_data.get('password'))
user.user.save()
return HttpResponseRedirect(reverse('login'))
else:
status_message = form.errors.get('password', '')
return render(request, 'enter-password.html', {
'form': form,
'status_message': status_message
})
def password_reset_confirm(request, uidb36=None, token=None):
"""View that checks the hash in a password reset link and presents a
form for entering a new password.
It's used on both desktop (ajax) and mobile websites.
"""
try:
uid_int = base36_to_int(uidb36)
except ValueError:
raise Http404
user = get_object_or_404(User, id=uid_int)
context = {}
# Display mobile or desktop version by sniffing user-agent
mobile = is_mobile(request)
if default_token_generator.check_token(user, token):
context['validlink'] = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
if mobile:
return HttpResponseRedirect(
reverse('users.mobile_pw_reset_complete'))
else:
return {'status': 'success'}
elif not mobile:
return {
'status': 'error',
'errors': dict(form.errors.iteritems())
}
else:
form = SetPasswordForm(None)
else:
context['validlink'] = False
form = None
context['form'] = form
if mobile:
return jingo.render(request, 'users/mobile/pw_reset_confirm.html',
context)
else:
context.update({
'uidb36': uidb36,
'token': token,
'is_pwreset': True,
'is_homepage': True,
'stats': get_global_stats()
})
return jingo.render(request, 'desktop/home.html', context)
def post(self, request, uidb64=None, token=None):
"""
View that checks the hash in a password reset link and presents a
form for entering a new password.
"""
UserModel = get_user_model()
form = SetPasswordForm(request.POST)
assert uidb64 is not None and token is not None # checked by URLconf
try:
uid = urlsafe_base64_decode(uidb64)
user = UserModel._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(
user, token):
if form.is_valid():
new_password = form.cleaned_data['new_password2']
user.set_password(new_password)
user.save()
form = SetPasswordForm()
messages = _(u'La contraseña ha sido actualizada.')
context = {"messages": messages, "form": form}
return render(request, "users/reset_password.html", context)
else:
messages = _(u'No se ha podido actualizar la contraseña.')
form = SetPasswordForm(request.POST)
context = {"messages": messages, "form": form}
return render(request, "users/reset_password.html", context)
else:
messages = _(
u'Este link para reiniciar la contraseña ya no es válido.')
form = SetPasswordForm(request.POST)
context = {"messages": messages, "form": form}
return render(request, "users/reset_password.html", context)
def test_common_password(self):
u = user(save=True)
form = SetPasswordForm(u, data={'new_password1': 'password',
'new_password2': 'password',
'old_password': '******'})
assert not form.is_valid()
def test_common_password(self):
form = SetPasswordForm(None, data={'new_password1': 'password',
'new_password2': 'password'})
assert not form.is_valid()
