Example #1
0
def password_reset(request):
    template_name = 'accounts/password_reset.html'
    context = {}
    form = PasswordResetForm(request.POST or None)
    if form.is_valid():
        form.save()
        context['success'] = True
    context['form'] = form
    return render(request, template_name, context)
Example #2
0
def password_reset(request):
    if request.method == 'POST':
        form = PasswordResetForm(request, request.POST)
        if form.is_valid():
            form.save()
            return redirect('accounts.password_reset_sent')
    else:
        form = PasswordResetForm(request)
    return render(request, 'accounts/password_reset.j.html', {
        'form': form
    })
Example #3
0
def password_reset(request):
    form = PasswordResetForm(request.POST or None)
    if form.is_valid():
        opts = {
            'use_https': request.is_secure(),
            'token_generator': default_token_generator,
            'from_email': settings.DEFAULT_FROM_EMAIL,
            'email_template_name': 'accounts/password_reset_email.html',
            'subject_template_name': 'accounts/password_reset_subject.txt',
            'request': request
        }
        form.save(**opts)
        messages.success(request, PASSWORD_RESET_MESSAGE)
        return redirect(reverse('accounts:login'))
    context = {'form': form}
    return render(request, 'accounts/password_reset.html', context)
def reset(request, id, key):
    # Make sure user exists and is active, reset key not expired and the provided key is valid
    try:
        u = User.objects.get(pk=id)

        if u.is_active:
            p = u.get_profile()

            # Did the request expire?
            if p.password_reset_date < timezone.now() - timedelta(days=1):
                return render(
                    request, "accounts/message.html", {
                        'app': "accounts",
                        'connotation': "warning",
                        'message':
                        'This password reset request has been expired.'
                    })

            # Is the key correct?
            if p.password_reset_key != key:
                # Avoid too much duplication and details so we show a unified error for incorrect reset key and user not found
                raise User.DoesNotExist
        else:
            # Return a 'disabled account' error message
            return render(
                request, "accounts/message.html", {
                    'app':
                    "accounts",
                    'connotation':
                    "danger",
                    'message':
                    "This account has been suspended. This may be caused by either a violation of the Terms of Use or for verification purposes."
                })
    except User.DoesNotExist:
        return render(
            request, "accounts/message.html", {
                'app': "accounts",
                'connotation': "danger",
                'message': 'Invalid password reset link.'
            })

    # Validate form and reset password
    if request.method == 'POST':
        form = PasswordResetForm(request.POST, instance=u)
        if form.is_valid():
            # For an unknown reason -yet- commenting out the following line has no effect.  The password will still be saved.
            # However, commenting out p.save() below prevent the profile fields from being updated!
            form.save()

            p.password_reset_key = ""
            p.save()

            u.backend = "django.contrib.auth.backends.ModelBackend"
            login(request, u)

            return render(
                request, "accounts/message.html", {
                    'app':
                    "accounts",
                    'connotation':
                    "success",
                    'message':
                    'Your password has been reset successfully. <a href="/accounts/login/">Proceed to login</a>.'
                })
    else:
        form = PasswordResetForm()

    return render(request, "accounts/reset.html", {'form': form})
 def test_form_helper_action_points_to_correct_url(self):
     url = reverse('accounts:password_reset')
     form = PasswordResetForm()
     form.save()
     self.assertEqual(form.helper.form_action, url)
 def test_form_helper_method_is_post(self):
     form = PasswordResetForm()
     form.save()
     self.assertEqual(form.helper.form_method, 'post')
 def test_form_helper_exists(self):
     form = PasswordResetForm()
     form.save()
     self.assertIsNotNone(form.helper)
 def test_valid_form_sends_email_with_username(self, mock_send_mail):
     form = PasswordResetForm(data={'email_or_username': USERNAME})
     form.save()
     self.assertTrue(mock_send_mail.called, True)
 def test_save_on_empty_form_does_nothing(self, mock_send_mail):
     form = PasswordResetForm()
     form.save()
     self.assertEqual(mock_send_mail.called, False)