def activate(request, activation_key):
'''This view displays the account activation page.
**Required arguments**
``activation_key``
The activation key to validate and use for activating the user.
User gets it with his account activation email.
**Templates**
`"authentication/register/activate_done.html"`
Template rendered if an account was activated.
**Context**
``form``
An :class:`django.contrib.auth.forms.AuthenticationForm`
displayed so that a user can immediately login.
`"authentication/register/activate_error.html"`
Template rendered if an account was not activated.
**Context**: none.
'''
from registration.models import RegistrationProfile
activation_key = activation_key.lower() # Normalize before trying anything with it.
user = RegistrationProfile.objects.activate_user(activation_key)
if not user:
return render_to_response2(request, 'authentication/register/activate_error.html')
else:
from django.contrib.auth.forms import AuthenticationForm
form = AuthenticationForm(initial={'username': user.username})
return render_to_response2(request, 'authentication/register/activate_done.html', {'form': form})
def render(request):
if request.method == 'POST':
form = None
source = None
form_input = MarkupInputForm(request.POST)
form_upload = MarkupUploadForm(request.POST, request.FILES)
if form_input.is_valid():
form = form_input
source = form_input.cleaned_data['source']
elif form_upload.is_valid():
form = form_upload
source = request.FILES['file'].read()
if form is not None:
template_name = None
if form.is_markdown():
template_name = 'markup/result-markdown.html'
elif form.is_textile():
template_name = 'markup/result-textile.html'
elif form.is_restructuredtext():
template_name = 'markup/result-restructuredtext.html'
response = render_to_response2(request, template_name, {'source': source})
response.set_cookie(COOKIE_DEFAULT_MARKUP_TYPE, form.cleaned_data['markup_type'])
return response
else:
initial = {}
markup_type = request.COOKIES.get(COOKIE_DEFAULT_MARKUP_TYPE, '')
if markup_type in MarkupForm.MARKUP_TYPES:
initial['markup_type'] = markup_type
form_input = MarkupInputForm(initial=initial)
form_upload = MarkupUploadForm(initial=initial)
return render_to_response2(request, 'markup/source.html', {
'form_input': form_input,
'form_upload': form_upload,
})
def profile(request):
'''The profile page containing
* password change form;
* forms to associate and dissociate OpenID's;
* a button to delete account.
**Authentication restrictions**
If a user that is not logged in tries to visit this page, he will
be redirected to the login page. If he successfully logs in there,
he'll be redirected back here.
**Templates**
`"authentication/profile/profile.html"`
Page template.
**Context**
``form_change_password``
A :class:`django.contrib.auth.forms.SetPasswordForm`.
``form_add_openid_msg``
Form errors for ``form_add_openid`` (see below).
``form_add_openid``
An :class:`django_authopenid.forms.AssociateOpenID`.
``form_delete_openid``
An :class:`authentication.forms.DeleteOpenidForm`.
``form_delete``
An :class:`authentication.forms.DeleteAccountForm`.
`"authentication/profile/password_changed.html"`
Templates rendered after the change password form was submitted and user's
password was successfull changed.
**Context**
``next``
The link for previous page tracking or ``''`` if it is unknown
(i.e., was not passed);
'''
from django.contrib.auth.forms import SetPasswordForm
from django_authopenid.forms import AssociateOpenID
from forms import DeleteOpenidForm, DeleteAccountForm
redirect_to = next = request.GET.get('next')
if not redirect_to or '://' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
next = ''
form_change_password = SetPasswordForm(request.user)
form_add_openid_msg = ''
form_add_openid = AssociateOpenID(request.user)
form_delete_openid = DeleteOpenidForm.new(request.user)
form_delete = DeleteAccountForm()
if request.method == 'POST':
if 'new_password1' in request.POST.keys():
form_change_password = SetPasswordForm(request.user, request.POST)
if form_change_password.is_valid():
request.user.set_password(form_change_password.cleaned_data['new_password1'])
request.user.save()
return render_to_response2(request, 'authentication/profile/password_changed.html', {'next': next})
elif 'openid_url' in request.POST.keys():
form_add_openid = AssociateOpenID(request.user, request.POST)
if form_add_openid.is_valid():
openid_url = form_add_openid.cleaned_data['openid_url']
redirect_url = "%s?%s" % (
request.build_absolute_uri(request.path),
urllib.urlencode({'next': redirect_to, 'openid_url': openid_url})
)
try:
return Overrides.Authopenid.ask_openid(request, openid_url, redirect_url)
except Overrides.Authopenid.OpenidError, e:
form_add_openid_msg = unicode(e)
elif 'openid_url_to_delete' in request.POST.keys():
form_delete_openid = DeleteOpenidForm.process(request.user, request.POST)
else:
form_delete = DeleteAccountForm(request.POST)
if form_delete.is_valid():
request.user.delete()
auth.logout(request)
return HttpResponseRedirect(redirect_to)
def forget_password(request, activation_key):
'''Login a user if a valid activation key is passed.
**Required arguments**
``activation_key``
The activation key taken by the user from a forget-password email.
**Templates**
`"authentication/login/forget_password/activate.html"`
Page template.
**Context**
``key_invalid``
Set to ``True`` if the supplied key is invalid (expired, etc.),
otherwise set to ``False``.
``account_disabled``
Set to ``True`` if the account user tries to login to with this
activation key is disabled, otherwise set to ``False``. Do not
check this variable if ``key_invalid`` is ``True``.
``user``
If the user successfully logged in, this variable is set to the
:class:`~django.contrib.auth.models.User` object corresponding to the
user. If ``key_invalid`` or ``account_disabled`` is ``True``, this
variable is set to ``None``.
'''
key_invalid = False
account_disabled = False
user = None
activation_key = activation_key.lower() # Normalize before trying anything with it.
user = LoginEmail.objects.activate(activation_key)
if user is None:
key_invalid = True
else:
if not user.is_active:
account_disabled = True
else:
#
# We **must** authenticate the user before calling ``login`` (see
# `Calling authenticate() first <http://docs.djangoproject.com/en/dev/topics/auth/#how-to-log-a-user-in>`__
# note in Django documentation).
#
# As the standard authentication backend always takes user's password
# and we (and the user itself) do not know it, the only way to log
# the user in is to write our own unsafe authentication backend
# that considers an username to be enough.
#
#
# **NOTE**: The user object returned can be not exactly equal to the
# "previous" object we got from ``LoginEmail.object.activate``.
# Actually, Django adds ``backend`` attribute on the object, so
# calling ``login`` with the "previous" object will lead to an error.
#
user = auth.authenticate(username=user.username)
auth.login(request, user)
return render_to_response2(request, 'authentication/login/forget_password/activate.html', {
'key_invalid': key_invalid,
'account_disabled': account_disabled,
'user': user,
})
def register(request):
'''This view displays the registration page.
**Templates**
`"authentication/register/register.html"`
Template of the page.
**Context**
``form``
An :class:`authentication.forms.RegistrationForm`.
`"authentication/register/email_*.txt"`
Templates for subject and body of account activation emails.
**Context**
``username``
Username.
``sitename``
Site name (set in admin).
``activation_key``
Activation key.
``expiry_date``
Activation key expiry date.
`"authentication/register/email_*.html"`
Templates of pages displayed after an account activation email was sent
or if an error occured during it.
**Context**
``next``
The link for previous page tracking or ``''`` if it is unknown
(i.e., was not passed);
``error``
(only for `"authentication/register/email_error.html"` template)
description of the error occured.
'''
from registration.models import RegistrationProfile
from registration.views import register as registration_register
from forms import RegistrationForm
form_class = RegistrationForm
template_name = 'authentication/register/register.html'
redirect_to = next = request.GET.get('next')
if not redirect_to or '://' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
next = ''
if request.method == 'POST':
form = form_class(data=request.POST, files=request.FILES)
if form.is_valid():
user = form.save()
# Send email
activation_key = RegistrationProfile.objects.get(user=user).activation_key
expiry_date = datetime.date.today() + datetime.timedelta(
days=settings.ACCOUNT_ACTIVATION_DAYS-1)
templatename = 'email_sent'
context = {'next': next}
try:
send_mail(user, request,
subject_template='authentication/register/email_subject.txt',
message_template='authentication/register/email.txt',
context={
'username': user.username,
'sitename': Site.objects.get_current().name,
'activation_key': activation_key,
'expiry_date': expiry_date,
})
except NoEmailException, e:
# This must never occur
raise e
except SMTPException, e:
templatename = 'email_error'
context['error'] = unicode(e)
templatename = 'authentication/register/' + templatename + '.html'
return render_to_response2(request, templatename, context)
def login(request):
'''Replacement for :meth:`django_authopenid.views.signin` written
to supply the ``forget-password`` form to the template.
This view displays the login page containing
* OpenID login form;
* traditional login form;
* forget-password form;
* a link to the registration page.
**Templates**
`"authentication/login/login.html"`
Template of the login page.
**Context**
``msg``
Form errors for ``form1`` (see below).
``form1``
An :class:`authentication.forms.OpenidLoginForm`.
``form2``
An :class:`django.contrib.auth.forms.AuthenticationForm`.
``form_forget_password``
An :class:`authentication.forms.RegisteredUserForm` to enter username.
``next``
The link for previous page tracking or ``""`` if it is unknown
(i.e., was not passed).
`"authentication/login/forget_password/email_*.txt"`
Templates for subject and body of forget-password emails.
**Context**
``username``
Username.
``sitename``
Site name (set in admin).
``activation_key``
Activation key.
``expiry_date``
Activation key expiry date.
`"authentication/login/forget_password/email_*.html"`
Templates of pages displayed after a login email was sent or
if an error occured during it.
**Context**
``next``
The link for previous page tracking or ``''`` if it is unknown
(i.e., was not passed);
``error``
(only for `"authentication/login/forget_password/email_error.html"` template)
description of the error occured.
'''
from django.contrib.auth.forms import AuthenticationForm
from forms import OpenidLoginForm, RegisteredUserForm
template_name = 'authentication/login/login.html'
openid_form = OpenidLoginForm
auth_form = AuthenticationForm
redirect_to = next = request.GET.get('next')
if not redirect_to or '://' in redirect_to:
redirect_to = settings.LOGIN_REDIRECT_URL
next = ''
form1_msg = ''
form1 = openid_form()
form2 = auth_form()
form_forget_password = RegisteredUserForm()
if request.POST:
if 'openid_url' in request.POST.keys():
form1 = openid_form(data=request.POST)
if form1.is_valid():
openid_url = form1.cleaned_data['openid_url']
#
# Unfortunately, Django does not provide a way to assign form
# errors here. That's why we have to pass errors from OpenID
# processing to separate ``msg`` template context variable.
#
# Another solution would be to move the calls below
# to the ``clean`` method of the class ``form1`` belongs to.
# The calls are not related to form processing at all, so
# this solution is even more ugly. Also, it would require
# much of monkey patching inside :mod:`django_authopenid`.
#
redirect_url = "%s?%s" % (
#
# Here we send ``openid_url`` GET parameter in order
# to be able to restore ``openid_url`` form field value
# if an error occurs and we'll render the same forms again.
#
# As we pass URL of this page to OpenID provider as
# ``complete_url`` (see ``ask_openid`` call below), we will
# get in this view function again after the user confirms his
# identity on his OpenID provider's page. In order to know
# whether to check GET parameters the provider sent back to us,
# we must know whether we get to this view function at user's
# will or from an OpenID provider. This is the second purpose
# of the ``openid_url`` GET parameter: if it is present,
# we got from a provider.
#
request.build_absolute_uri(request.path),
urllib.urlencode({'next': redirect_to, 'openid_url': openid_url})
)
try:
return Overrides.Authopenid.ask_openid(request, openid_url, redirect_url)
except Overrides.Authopenid.OpenidError, e:
form1_msg = unicode(e)
elif 'password' in request.POST.keys():
# perform normal Django authentification
form2 = auth_form(data=request.POST)
if form2.is_valid():
auth.login(request, form2.get_user())
if request.session.test_cookie_worked():
request.session.delete_test_cookie()
return HttpResponseRedirect(redirect_to)
else:
# forget password
form_forget_password = RegisteredUserForm(request.POST)
if form_forget_password.is_valid():
user = form_forget_password.user()
email = LoginEmail.objects.create_email(user)
templatename = 'email_sent'
context = {'next': next}
try:
send_mail(user, request,
subject_template='authentication/login/forget_password/email_subject.txt',
message_template='authentication/login/forget_password/email.txt',
context=email.prepare_send())
except NoEmailException:
templatename = 'email_none'
except SMTPException, e:
templatename = 'email_error'
context['error'] = unicode(e)
templatename = 'authentication/login/forget_password/' + templatename + '.html'
return render_to_response2(request, templatename, context)
urllib.urlencode({ 'next': next }),
))
else:
user = rel.user
if user.is_active:
user = auth.authenticate(username=user.username)
auth.login(request, user)
return HttpResponseRedirect(redirect_to)
else:
form1_msg = _('This account is disabled.')
form1 = openid_form(initial={'openid_url': openid.openid})
return render_to_response2(request, template_name, {
'msg': form1_msg,
'form1': form1,
'form2': form2,
'form_forget_password': form_forget_password,
'next': redirect_to,
})
class Registration:
'''Modified view functions from :mod:`django-registration`.'''
#
# Replacement for ``registration.views.register``.
#
# Use custom form instead of ``registration.forms.RegistrationForm`` and
# send email manually, as I consider indication of expiration date
# more convenient than indication of amount of activation days.
# We can't do such arithmetic directly in the template, and
# writing a template tag for this is ugly.
