def password_reset(request): template_name = 'accounts/password_reset.html' context = {} form = PasswordResetForm(request.POST or None) if form.is_valid(): form.save() context['success'] = True context['form'] = form return render(request, template_name, context)
def password_reset(request): if request.method == 'POST': form = PasswordResetForm(request, request.POST) if form.is_valid(): form.save() return redirect('accounts.password_reset_sent') else: form = PasswordResetForm(request) return render(request, 'accounts/password_reset.j.html', { 'form': form })
def forgot_password(request): if request.method == 'POST': form = PasswordResetForm(request.POST) if form.is_valid(): client = request.session['client'] try: client.send_reset_password_link(form.cleaned_data['email'], form.cleaned_data['first_name']) return HttpResponseRedirect(reverse('forgot_success')) except ValidationError as e: form.add_error(None, e) else: form = PasswordResetForm() return render(request, 'registration/forgot_password.html', {'form': form})
def reset_password_do_reset_password_page(request): form = PasswordResetForm(request.POST or None) if form.is_valid(): token = form.cleaned_data['token'] pass1 = form.cleaned_data['pass1'] # pass2 = form.cleaned_data['pass2'] password_forgot_obj = get_object_or_404(PasswordForgot, token=token) User.objects.filter(id=password_forgot_obj.user_id).update(password=make_password(pass1)) PasswordForgot.objects.filter(token=token).delete() messages.info(request, 'You have successfully reset your password, can login now.') return HttpResponseRedirect(reverse('accounts.views.signin')) return render(request, 'accounts/reset_password_do_reset_password_page.html', { 'form': form, })
def password_reset(request): form = PasswordResetForm(request.POST or None) if form.is_valid(): opts = { 'use_https': request.is_secure(), 'token_generator': default_token_generator, 'from_email': settings.DEFAULT_FROM_EMAIL, 'email_template_name': 'accounts/password_reset_email.html', 'subject_template_name': 'accounts/password_reset_subject.txt', 'request': request } form.save(**opts) messages.success(request, PASSWORD_RESET_MESSAGE) return redirect(reverse('accounts:login')) context = {'form': form} return render(request, 'accounts/password_reset.html', context)
def password_reset_confirm(request, activation_key): user = get_object_or_404(User, activation_key=activation_key) form = PasswordResetForm(request.POST or None) if form.is_valid(): password = form.cleaned_data['password1'] user.set_password(password) user.activation_key = None user.is_active = True user.save() msg = _('Your new password was saved successfully. You can now login ' 'on your account.') messages.success(request, msg) return redirect('login') return { 'form': form, }
def changePassword(request): user = request.user context = {} form = PasswordChangeForm(user) if request.method == 'POST': form = PasswordResetForm(request) if form.is_valid(): form.save() logout(request) messages.info(request, 'Password was updated') return HttpResponseRedirect(reverse('user_login')) context['form'] = form return render(request, 'password_reset.html', context)
def change_password(request): if request.method == "POST": password_reset_form = PasswordResetForm(request.POST) if password_reset_form.is_valid(): if request.user.has_usable_password(): if request.user.check_password(password_reset_form.cleaned_data['old_password']): request.user.set_password(password_reset_form.cleaned_data['new_password']) request.user.save() login(request, request.user) return redirect('accounts:profile') else: password_reset_form.add_error('old_password', 'Incorrect Old Password') else: request.user.set_password(password_reset_form.cleaned_data['new_password']) request.user.save() login(request, request.user) return redirect('accounts:profile') else: password_reset_form = PasswordResetForm() return render(request, 'accounts/change_password.html', {'form': password_reset_form})
def test_get_active_users_works_with_username(self): form = PasswordResetForm() self.assertIn(self.user, form.get_active_users(USERNAME))
def reset(request, id, key): # Make sure user exists and is active, reset key not expired and the provided key is valid try: u = User.objects.get(pk=id) if u.is_active: p = u.get_profile() # Did the request expire? if p.password_reset_date < timezone.now() - timedelta(days=1): return render( request, "accounts/message.html", { 'app': "accounts", 'connotation': "warning", 'message': 'This password reset request has been expired.' }) # Is the key correct? if p.password_reset_key != key: # Avoid too much duplication and details so we show a unified error for incorrect reset key and user not found raise User.DoesNotExist else: # Return a 'disabled account' error message return render( request, "accounts/message.html", { 'app': "accounts", 'connotation': "danger", 'message': "This account has been suspended. This may be caused by either a violation of the Terms of Use or for verification purposes." }) except User.DoesNotExist: return render( request, "accounts/message.html", { 'app': "accounts", 'connotation': "danger", 'message': 'Invalid password reset link.' }) # Validate form and reset password if request.method == 'POST': form = PasswordResetForm(request.POST, instance=u) if form.is_valid(): # For an unknown reason -yet- commenting out the following line has no effect. The password will still be saved. # However, commenting out p.save() below prevent the profile fields from being updated! form.save() p.password_reset_key = "" p.save() u.backend = "django.contrib.auth.backends.ModelBackend" login(request, u) return render( request, "accounts/message.html", { 'app': "accounts", 'connotation': "success", 'message': 'Your password has been reset successfully. <a href="/accounts/login/">Proceed to login</a>.' }) else: form = PasswordResetForm() return render(request, "accounts/reset.html", {'form': form})
def test_form_helper_action_points_to_correct_url(self): url = reverse('accounts:password_reset') form = PasswordResetForm() form.save() self.assertEqual(form.helper.form_action, url)
def test_form_helper_method_is_post(self): form = PasswordResetForm() form.save() self.assertEqual(form.helper.form_method, 'post')
def test_form_helper_exists(self): form = PasswordResetForm() form.save() self.assertIsNotNone(form.helper)
def test_valid_form_sends_email_with_username(self, mock_send_mail): form = PasswordResetForm(data={'email_or_username': USERNAME}) form.save() self.assertTrue(mock_send_mail.called, True)
def test_save_on_empty_form_does_nothing(self, mock_send_mail): form = PasswordResetForm() form.save() self.assertEqual(mock_send_mail.called, False)
def test_clean(self): form = PasswordResetForm({'password1': 'toto', 'password2': 'toto'}) self.assertTrue(form.is_valid())
def test_different_password(self): form = PasswordResetForm({'password1': 'toto', 'password2': 'tata'}) self.assertFalse(form.is_valid())
def test_get_active_users_works_with_email(self): form = PasswordResetForm() self.assertIn(self.user, form.get_active_users(EMAIL))