class ChangePasswordForm(Form):
class Meta:
title = gettext('Change password')
@staticmethod
def actions__submit__post_handler(form, request, **_):
if form.is_valid():
user = request.user
user.set_password(form.fields.new_password.value)
user.save()
return HttpResponseRedirect('..')
current_password = Field.password(is_valid=current_password__is_valid, display_name=gettext('Current password'))
new_password = Field.password(is_valid=new_password__is_valid, display_name=gettext('New password'))
confirm_password = Field.password(is_valid=confirm_password__is_valid, display_name=gettext('Confirm password'))
class ResetPasswordForm(Form):
reset_code = Field(
is_valid=lambda parsed_data, **_:
(parsed_data is not None, 'Invalid reset password code'),
parse=parse)
new_password = Field.password()
confirm_password = Field.password(
is_valid=lambda parsed_data, **_: (parsed_data == request.POST.get(
'new_password'), 'Passwords do not match'))
class Meta:
title = 'Reset password'
def actions__submit__post_handler(form, **_):
if form.is_valid():
reset_code = form.fields.reset_code.value
reset_code.user.set_password(
form.fields.new_password.value)
login(request, reset_code.user)
reset_code.delete()
return HttpResponseRedirect('/')
class LoginForm(Form):
username = Field()
password = Field.password()
next = Field.hidden(initial=request.GET.get('next', '/'))
class Meta:
title = 'Login'
def actions__submit__post_handler(form, **_):
if 'user' in form.extra:
login(request, form.extra.user)
return HttpResponseRedirect(form.fields['next'].value
or '/')
def is_valid(self):
if not super(LoginForm, self).is_valid():
return False
username = self.fields['username'].value
password = self.fields['password'].value
if username and password:
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
return False
self.extra.user = user
if authenticate(request=request,
username=username,
password=password):
return True
try:
username = User.objects.get(username=username)
if b64encode(sha1(password.encode()).digest()).decode(
) == user.password:
user.set_password(password) # upgrade password
user.save()
authenticate(request=request,
username=username,
password=password)
except User.DoesNotExist:
pass
return False
class LoginForm(Form):
username = Field(display_name=gettext('Username'))
password = Field.password(display_name=gettext('Password'))
class Meta:
title = gettext('Login')
@staticmethod
def actions__submit__post_handler(form, **_):
if form.is_valid():
user = auth.authenticate(
username=form.fields.username.value,
password=form.fields.password.value,
)
if user is not None:
request = form.get_request()
auth.login(request, user)
return HttpResponseRedirect(request.GET.get('next', '/'))
form.add_error(gettext('Unknown username or password'))
