Example #1
0
def password(request):
    """Password change / set form."""
    do_change = False

    if request.method == 'POST':
        change_form = PasswordConfirmForm(request, request.POST)
        do_change = change_form.is_valid()
    else:
        change_form = PasswordConfirmForm(request)

    if request.method == 'POST':
        form = SetPasswordForm(request.user, request.POST)
        if form.is_valid() and do_change:
            # Clear flag forcing user to set password
            redirect_page = '#auth'
            if 'show_set_password' in request.session:
                del request.session['show_set_password']
                redirect_page = ''

            # Change the password
            form.save(request)

            return redirect_profile(redirect_page)
    else:
        form = SetPasswordForm(request.user)

    return render(
        request,
        'accounts/password.html',
        {
            'title': _('Change password'),
            'change_form': change_form,
            'form': form,
        }
    )
Example #2
0
def confirm(request):
    details = request.session.get('reauthenticate')
    if not details:
        return redirect('home')

    # Monkey patch request
    request.user = User.objects.get(pk=details['user_pk'])

    if request.method == 'POST':
        confirm_form = PasswordConfirmForm(request, request.POST)
        if confirm_form.is_valid():
            request.session.pop('reauthenticate')
            request.session['reauthenticate_done'] = True
            return redirect('social:complete', backend=details['backend'])
    else:
        confirm_form = PasswordConfirmForm(request)

    context = {
        'confirm_form': confirm_form,
    }
    context.update(details)

    return render(
        request,
        'accounts/confirm.html',
        context
    )
Example #3
0
def password(request):
    """Password change / set form."""
    do_change = False

    if request.method == 'POST':
        change_form = PasswordConfirmForm(request, request.POST)
        do_change = change_form.is_valid()
    else:
        change_form = PasswordConfirmForm(request)

    if request.method == 'POST':
        form = SetPasswordForm(request.user, request.POST)
        if form.is_valid() and do_change:

            # Clear flag forcing user to set password
            redirect_page = '#auth'
            if 'show_set_password' in request.session:
                del request.session['show_set_password']
                redirect_page = ''

            # Change the password
            user = form.save()

            # Updating the password logs out all other sessions for the user
            # except the current one.
            update_session_auth_hash(request, user)

            # Change key for current session
            request.session.cycle_key()

            messages.success(
                request,
                _('Your password has been changed.')
            )
            notify_account_activity(request.user, request, 'password')
            return redirect_profile(redirect_page)
    else:
        form = SetPasswordForm(request.user)

    return render(
        request,
        'accounts/password.html',
        {
            'title': _('Change password'),
            'change_form': change_form,
            'form': form,
        }
    )
Example #4
0
def user_remove(request):
    if request.method == 'POST':
        confirm_form = PasswordConfirmForm(request, request.POST)
        if confirm_form.is_valid():
            remove_user(request.user)
            logout(request)
            messages.success(
                request,
                _('Your account has been removed.')
            )
            return redirect('home')
    else:
        confirm_form = PasswordConfirmForm(request)

    return render(
        request,
        'accounts/removal.html',
        {
            'confirm_form': confirm_form,
        }
    )
Example #5
0
def confirm(request):
    details = request.session.get('reauthenticate')
    if not details:
        return redirect('home')

    # Monkey patch request
    request.user = User.objects.get(pk=details['user_pk'])

    if request.method == 'POST':
        confirm_form = PasswordConfirmForm(request, request.POST)
        if confirm_form.is_valid():
            session_ratelimit_reset(request)
            request.session.pop('reauthenticate')
            request.session['reauthenticate_done'] = True
            return redirect('social:complete', backend=details['backend'])
    else:
        confirm_form = PasswordConfirmForm(request)

    context = {
        'confirm_form': confirm_form,
    }
    context.update(details)

    return render(request, 'accounts/confirm.html', context)
Example #6
0
def user_remove(request):
    is_confirmation = 'remove_confirm' in request.session
    if is_confirmation:
        if request.method == 'POST':
            remove_user(request.user, request)
            rotate_token(request)
            logout(request)
            messages.success(request, _('Your account has been removed.'))
            return redirect('home')
        confirm_form = EmptyConfirmForm(request)

    elif request.method == 'POST':
        confirm_form = PasswordConfirmForm(request, request.POST)
        if confirm_form.is_valid():
            store_userid(request, remove=True)
            request.GET = {'email': request.user.email}
            return social_complete(request, 'email')
    else:
        confirm_form = PasswordConfirmForm(request)

    return render(request, 'accounts/removal.html', {
        'confirm_form': confirm_form,
        'is_confirmation': is_confirmation,
    })