def password_reset(request, template):
"""Password reset form.
Based on django.contrib.auth.views. This view sends the email.
"""
if request.method == "POST":
form = PasswordResetForm(request.POST)
was_valid = form.is_valid()
if was_valid:
# TODO: Since we're using Jingo in a way that doesn't
# override the Django template loader, the pw_reset.ltxt
# email template must be a Django template and not a Jinja
# template.
#
# After we switch all the rendering everywhere, we can
# probably change this back. Until then, I'm pretty sure
# this won't get translated.
try_send_email_with_form(
form.save, form, 'email',
use_https=request.is_secure(),
token_generator=default_token_generator,
email_template_name='users/email/pw_reset.ltxt')
# Form may now be invalid if email failed to send.
# PasswordResetForm is invalid iff there is no user with the entered
# email address.
# The condition below ensures we don't leak existence of email address
# _unless_ sending an email fails.
if form.is_valid() or not was_valid:
# Don't leak existence of email addresses.
return HttpResponseRedirect(reverse('users.pw_reset_sent'))
else:
form = PasswordResetForm()
return jingo.render(request, template, {'form': form})
def password_reset(request):
"""Password reset form.
Based on django.contrib.auth.views. This view sends the email.
"""
if request.method == "POST":
form = PasswordResetForm(request.POST)
was_valid = form.is_valid()
if was_valid:
try_send_email_with_form(
form.save, form, 'email',
use_https=request.is_secure(),
token_generator=default_token_generator,
email_template_name='users/email/pw_reset.ltxt')
# Form may now be invalid if email failed to send.
# PasswordResetForm is invalid iff there is no user with the entered
# email address.
# The condition below ensures we don't leak existence of email address
# _unless_ sending an email fails.
if form.is_valid() or not was_valid:
# Don't leak existence of email addresses.
return HttpResponseRedirect(reverse('users.pw_reset_sent'))
else:
form = PasswordResetForm()
return jingo.render(request, 'users/pw_reset_form.html', {'form': form})
def form_valid(self, form):
self.object, new_position = form.save(commit=False)
username = form.cleaned_data['username']
password = form.cleaned_data['password']
self.object.set_password(password)
url = form.cleaned_data['picture']
if url and not str(url).find('Default'):
domain, path = utils.split_url(str(url))
try:
extension = utils.valid_url_extension(str.lower(path))
except not extension:
error = 'File was not a valid image (jpg, jpeg, png, gif)'
form.non_field_errors(error)
try:
pil_image = Image.open(url)
except utils.valid_image_size(pil_image):
form.non_field_errors('Image is too large (> 4mb)')
# saving this for later
# try:
# passed = False
# passed = utils.make_thumbnail(pil_image, domain, path)
# except not passed:
# form.non_field_errors("Couldn't make thumbnail image")
form.save(commit=True)
# automatically login after registering
msg = "Thanks for registering. You are now logged in."
messages.info(self.request, msg)
new_user = authenticate(username=username,
password=password)
if new_user is not None and new_user.is_active:
login(self.request, new_user)
reset_form = PasswordResetForm(self.request.POST)
reset_form.is_valid() # Must trigger validation
# Copied from django/contrib/auth/views.py : password_reset
opts = {
'use_https':
self.request.is_secure(),
'email_template_name':
'registration/activate.html',
'subject_template_name':
'registration/activation_email_subject.txt',
'request': self.request,
# 'html_email_template_name':
# provide an HTML content template if you desire.
}
# This form sends the email on save()
reset_form.save(**opts)
return redirect(self.success_url)
def form_valid(self, form):
# Save form
response = super(UserAdd, self).form_valid(form)
# Send a password recover email
email_form = PasswordResetForm({'email': form.cleaned_data['email']})
email_form.is_valid()
email_form.save(email_template_name='accounts/welcome_email.html')
# send response
return response
def test_unusable_password(self):
user = User.objects.create_user('testuser', '*****@*****.**', 'test')
data = {"email": "*****@*****.**"}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
user.set_unusable_password()
user.save()
form = PasswordResetForm(data)
self.assertFalse(form.is_valid())
self.assertEqual(form["email"].errors,
[_("The user account associated with this e-mail address cannot reset the password.")])
def test_unusable_password(self):
user = User.objects.create_user('testuser', '*****@*****.**', 'test')
data = {"email": "*****@*****.**"}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
user.set_unusable_password()
user.save()
form = PasswordResetForm(data)
# The form itself is valid, but no email is sent
self.assertTrue(form.is_valid())
form.save()
self.assertEqual(len(mail.outbox), 0)
def save(self, commit=True):
"""
Save the model instance with the correct Auth Group based on the user_level question
"""
instance = super(UserCreationForm, self).save(commit=commit)
random_password = ''.join(random.choice(string.ascii_uppercase + string.digits) for x in range(32))
instance.set_password(random_password)
instance.save()
email_form = PasswordResetForm({'email': self.cleaned_data['email']})
email_form.is_valid()
email_form.save(email_template_name='accounts/welcome_email.html')
return instance
def post(self, request, format=None):
serializer = self.serializer_class(data=request.DATA)
if serializer.is_valid():
# Create PasswordResetForm with the serializer
password_reset_form = PasswordResetForm(data=serializer.data)
if password_reset_form.is_valid():
# Set some values to be used for the send_email method.
opts = {
'use_https': request.is_secure(),
'request': request,
'subject_template_name': self.subject_template_name,
'email_template_name': self.email_template_name,
}
password_reset_form.save(**opts)
# Return the success message with OK HTTP status
return Response(serializer.data)
else:
return Response(password_reset_form.errors,
status=status.HTTP_400_BAD_REQUEST)
# coming this far means there likely was a problem
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
def handle(self, *args, **options):
# We first retrieve all users
accounts = Account.objects.all().filter(is_active=True)
for account in accounts:
password = Account.objects.make_random_password()
account.set_password(password)
account.save()
opts = {
'use_https': True,
'from_email': getattr(settings, 'DEFAULT_FROM_EMAIL'),
'request': None,
'subject_template_name': 'email/authentication/welcome_subject.txt',
'html_email_template_name': 'email/authentication/html_welcome.html',
'email_template_name': 'email/authentication/welcome.html',
'domain_override': getattr(settings, 'SITE_URL'),
'extra_email_context': {
'site_url': getattr(settings, 'SITE_URL'),
'email': account.email,
'password': password
}
}
reset_form = PasswordResetForm(dict(email=account.email))
if not reset_form.is_valid():
print reset_form.errors
raise CommandError("Email not valid: " + account.email)
reset_form.save(**opts)
def post(self, request):
# Create a serializer with request.DATA
serializer = self.serializer_class(data=request.DATA)
result = {'errCode':10000,'errDesc':errMsg[10000]}
if serializer.is_valid():
# Create PasswordResetForm with the serializer
reset_form = PasswordResetForm(data=serializer.data)
if reset_form.is_valid():
# Sett some values to trigger the send_email method.
opts = {
'use_https': request.is_secure(),
'from_email': getattr(settings, 'DEFAULT_FROM_EMAIL'),
'request': request,
}
reset_form.save(**opts)
# Return the success message with OK HTTP status
return Response(result, status=status.HTTP_200_OK)
else:
logger.debug(reset_form._errors)
logger.debug(serializer.errors)
result['errCode']=10009
result['errDesc']=errMsg[10009]
return Response(result, status=status.HTTP_200_OK)
def send_user_password_reset_email(user, request, new_user):
"""
Send a password reset email to the user. The http request object is
also required in order to figure out the URL to include in the email.
:param user: CtsUser
:param request: HttpRequest
:param new_user: Whether user is new
"""
# Code copied and adapted from django.contrib.auth.views.password_reset().
form_data = {
'email': user.email,
}
reset_form = PasswordResetForm(form_data)
if reset_form.is_valid():
opts = {
'use_https': request.is_secure(),
'token_generator': PasswordResetTokenGenerator(),
'from_email': None,
'request': request,
}
if new_user:
opts['email_template_name'] = 'accounts/new_account_email.html'
opts['subject_template_name'] = 'accounts/new_account_subject.txt'
else:
opts['email_template_name'] = 'accounts/password_reset_email.html'
opts['subject_template_name'] = 'accounts/password_reset_subject.txt'
reset_form.save(**opts)
def user_password_reset(self, request, id, form_url=''):
from django.contrib.auth.tokens import default_token_generator
from django.contrib.auth.forms import PasswordResetForm
if not self.has_change_permission(request):
raise PermissionDenied
user = get_object_or_404(self.get_queryset(request), pk=id)
post_reset_redirect = urlresolvers.reverse('admin:%s_%s_change' % (self.model._meta.app_label, self.model._meta.model_name), args=(id,))
form = PasswordResetForm({'email': user.email})
if form.is_valid():
opts = {
'use_https': request.is_secure(),
'token_generator': default_token_generator,
'from_email': None,
'email_template_name': 'registration/password_reset_email.html',
'subject_template_name': 'registration/password_reset_subject.txt',
'request': request,
}
opts = dict(opts, domain_override=request.get_host())
form.save(**opts)
msg = ugettext('Password reset link sent.')
messages.success(request, msg)
else:
msg = ugettext('Error ocurred while sending password reset link.')
messages.error(request, msg)
return HttpResponseRedirect(post_reset_redirect)
def send_email(self, request):
try:
reset_form = PasswordResetForm({"email": self.cleaned_data["email"]})
assert reset_form.is_valid()
reset_form.save(
request=request,
from_email="*****@*****.**",
use_https=request.is_secure(),
subject_template_name="bdiadmin/account_creation_subject.txt",
email_template_name="bdiadmin/account_creation_email.html",
)
messages.success(
request,
_("Profile created and mail sent to {0}.").format(
self.cleaned_data["email"]
),
)
except:
messages.warning(
request,
_("Profil created, but unable to send mail to {0}.").format(
self.cleaned_data["email"]
),
)
pass
def password_reset(self, request, queryset):
count = 0
for user in queryset:
# Do the password reset stuff.
form = PasswordResetForm({'email': user.email})
if form.is_valid():
opts = {
'use_https': request.is_secure(),
'token_generator': default_token_generator,
'from_email': 'OpenData Cincy<*****@*****.**>',
'email_template_name': 'registration/password_reset_email.html',
'subject_template_name': 'registration/password_reset_subject.txt',
'request': request,
}
opts = dict(opts, domain_override=request.get_host())
form.save(**opts)
count += 1
if count == 1:
message_bit = '1 user was'
else:
message_bit = '%s users were' % count
self.message_user(request, '%s emailed password reset instructions' % message_bit)
def test_cleaned_data(self):
# Regression test
(user, username, email) = self.create_dummy_user()
data = {"email": email}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
self.assertEqual(form.cleaned_data["email"], email)
def post(self, request):
# Create a serializer with request.DATA
serializer = self.serializer_class(data=request.DATA)
if serializer.is_valid():
# Create PasswordResetForm with the serializer
reset_form = PasswordResetForm(data=serializer.data)
if reset_form.is_valid():
# Sett some values to trigger the send_email method.
opts = {
'use_https': request.is_secure(),
'from_email': getattr(settings, 'DEFAULT_FROM_EMAIL'),
'request': request,
}
reset_form.save(**opts)
# Return the success message with OK HTTP status
return Response(
{"success": "Password reset e-mail has been sent."},
status=status.HTTP_200_OK)
else:
return Response(reset_form._errors,
status=status.HTTP_400_BAD_REQUEST)
else:
return Response(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
def password_reset(request):
"""
View for entering email of registered player to change password
:param request:
"""
if request.user.is_authenticated():
return HttpResponseRedirect(reverse("index"))
context = {}
if request.method == "POST":
form = PasswordResetForm(request.POST)
if form.is_valid():
opts = {
"use_https": request.is_secure(),
"token_generator": default_token_generator,
"from_email": settings.KASKA_EMAIL,
"email_template_name": "players/email/email_template.html",
"subject_template_name": "players/email/email_subject.txt",
"request": request,
}
try:
Player.objects.get(email__iexact=form.cleaned_data["email"])
except Player.DoesNotExist:
return HttpResponseRedirect(reverse("players:password_reset_no_email"))
else:
form.save(**opts)
return HttpResponseRedirect(reverse("players:password_reset_check_email"))
else:
form = PasswordResetForm()
context.update({"form": form})
return render(request, "players/password_reset/password_reset.html", context)
def forget_password(request,*args,**kwargs):
if request.method == "POST":
form = PasswordResetForm(request.POST)
if form.is_valid():
user=form.get_users(form.cleaned_data['email'])
if user is not None:
user.reset_password_code=make_password(user.username,'reset_password',hasher='pbkdf2_sha256')
subject='password reset'
message='please open the link below to activate your account\n'\
+SITE_URL+'people/'+user.username+'/reset_password_code/'+tokens
user.email_user(subject,message,EMAIL_SENDER)
user.save()
return redirect('/people/reset_password_done/')
else:
username=None
context={'title':'activation','message':'your account has been activated or activation code is out of date'}
redirect('/people/%s/' %username,context)
# return HttpResponseRedirect(post_reset_redirect)
else:
form = PasswordResetForm()
context = {
'form': form,
'title':'Password reset',
}
return render(request, 'people/reset_password.html',context)
def test_save_html_email_template_name(self):
"""
Test the PasswordResetFOrm.save() method with html_email_template_name
parameter specified.
Test to ensure that a multipart email is sent with both text/plain
and text/html parts.
"""
(user, username, email) = self.create_dummy_user()
form = PasswordResetForm({"email": email})
self.assertTrue(form.is_valid())
form.save(html_email_template_name='registration/html_password_reset_email.html')
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(len(mail.outbox[0].alternatives), 1)
message = mail.outbox[0].message()
self.assertEqual(message.get('subject'), 'Custom password reset on example.com')
self.assertEqual(len(message.get_payload()), 2)
self.assertTrue(message.is_multipart())
self.assertEqual(message.get_payload(0).get_content_type(), 'text/plain')
self.assertEqual(message.get_payload(1).get_content_type(), 'text/html')
self.assertEqual(message.get_all('to'), [email])
self.assertTrue(re.match(r'^http://example.com/reset/[\w/-]+', message.get_payload(0).get_payload()))
self.assertTrue(
re.match(r'^<html><a href="http://example.com/reset/[\w/-]+/">Link</a></html>$',
message.get_payload(1).get_payload())
)
def password_reset(request):
post_reset_redirect = reverse('django.contrib.auth.views.password_reset_done')
if request.method == "POST":
form = PasswordResetForm(request.POST)
if form.is_valid():
opts = {
'use_https': request.is_secure(),
'token_generator': default_token_generator,
'from_email': None,
'email_template_name': 'mail/password_reset_body.html',
'subject_template_name': 'mail/password_reset_subject.txt',
'request': request,
}
form.save(**opts)
return JsonResponse({'status': True, 'redirect': post_reset_redirect})
else:
status = False
else:
form = PasswordResetForm()
status = True
context = {
'form': form,
}
if request.is_ajax():
return JsonResponse({'status': status, 'template': render_to_string(
'account/password_reset/reset_form.html', context, context_instance=RequestContext(request))})
return TemplateResponse(request, 'account/password_reset/reset_container.html', context)
def password_reset(request):
''' Attempts to send a password reset e-mail. '''
if request.method != "POST":
raise Http404
# By default, Django doesn't allow Users with is_active = False to reset their passwords,
# but this bites people who signed up a long time ago, never activated, and forgot their
# password. So for their sake, we'll auto-activate a user for whom password_reset is called.
try:
user = User.objects.get(email=request.POST['email'])
user.is_active = True
user.save()
except:
log.exception("Tried to auto-activate user to enable password reset, but failed.")
form = PasswordResetForm(request.POST)
if form.is_valid():
form.save(use_https=request.is_secure(),
from_email=settings.DEFAULT_FROM_EMAIL,
request=request,
domain_override=request.get_host())
return HttpResponse(json.dumps({'success': True,
'value': render_to_string('registration/password_reset_done.html', {})}))
else:
return HttpResponse(json.dumps({'success': False,
'error': 'Invalid e-mail'}))
def test_cleaned_data(self):
# Regression test
user = User.objects.create_user("jsmith3", "*****@*****.**", "test123")
data = {'email':'*****@*****.**'}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
self.assertEqual(form.cleaned_data['email'], u'*****@*****.**')
def test_nonexistant_email(self):
# Test nonexistant email address. This should not fail because it would
# expose information about registered users.
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
self.assertEqual(len(mail.outbox), 0)
def test_nonexistant_email(self):
# Test nonexistant email address
data = {'email':'*****@*****.**'}
form = PasswordResetForm(data)
self.assertFalse(form.is_valid())
self.assertEqual(form.errors,
{'email': [u"That e-mail address doesn't have an associated user account. Are you sure you've registered?"]})
def test_nonexistant_email(self):
# Test nonexistant email address
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertFalse(form.is_valid())
self.assertEqual(form.errors,
{'email': [force_text(form.error_messages['unknown'])]})
def add_profile(request):
if request.method == 'POST':
profile_formset = ProfileFormset(request.POST)
if profile_formset.is_valid():
user_added = False
for form in profile_formset:
if form.cleaned_data:
username = form.cleaned_data['username']
first_name = form.cleaned_data['first_name']
last_name = form.cleaned_data['last_name']
email = form.cleaned_data['email']
password = generate_random_id()
new_user = create_profile(username, email, password, first_name, last_name)
activate_profile(new_user.profile)
new_user.profile.send_welcome_email(request)
user_added = True
reset_form = PasswordResetForm({'email': email})
assert reset_form.is_valid()
reset_form.save(
request=request,
use_https=request.is_secure(),
email_template_name='profiles/reset_password.txt',
)
if user_added:
messages.success(request, _('The profiles have been created'))
profile_formset = ProfileFormset()
else:
messages.warning(request, _('Please check the fields below for error'))
else:
profile_formset = ProfileFormset()
return render(request, 'profiles/add_profile.html', {'profile_formset': profile_formset,})
def passwordReset(self, request, **kwargs):
self.method_check(request, allowed=['post'])
postData = simplejson.loads(request.raw_post_data)
key = postData['token']
user = getUserByKey(key)
if user is not None:
if user.is_active:
data = {'email': user.email}
resetForm = PasswordResetForm(data)
if resetForm.is_valid():
resetForm.save()
return self.create_response(request,{'status':OK,
'message': 'check your email for instructions'})
else:
return self.create_response(request,
{'status': SYSTEM_ERROR,
'message': 'form not valid'})
else:
return self.create_response(request, {'status':FORBIDDEN,
'message':'Account disabled'})
else:
return self.create_response(request, {'status': UNAUTHORIZED,
'error': 'User does not exists'})
def testValidUser(self):
data = {
'email': '*****@*****.**',
}
form = PasswordResetForm(data)
self.assertEqual(form.is_valid(), False)
self.assertEqual(form["email"].errors, [u"That e-mail address doesn't have an associated user account. Are you sure you've registered?"])
def request_password_change(email, orig_host, is_secure):
"""Email a single-use link for performing a password reset.
Users must confirm the password change before we update their information.
Args:
email (string): An email address
orig_host (string): An originating host, extracted from a request with get_host
is_secure (Boolean): Whether the request was made with HTTPS
Returns:
None
Raises:
AccountUserNotFound
AccountRequestError
"""
# Binding data to a form requires that the data be passed as a dictionary
# to the Form class constructor.
form = PasswordResetForm({'email': email})
# Validate that an active user exists with the given email address.
if form.is_valid():
# Generate a single-use link for performing a password reset
# and email it to the user.
form.save(
from_email=settings.DEFAULT_FROM_EMAIL,
domain_override=orig_host,
use_https=is_secure
)
else:
# No active user with the provided email address exists.
raise AccountUserNotFound
def passwordReset(request):
if request.method == "POST":
password_reset = PasswordResetForm(request.POST)
if password_reset.is_valid():
email_ID = password_reset.cleaned_data['email']
existing_user = User.objects.filter(Q(email=email_ID))
if existing_user.exists():
print("HI")
def test_cleaned_data(self):
(user, username, email) = self.create_dummy_user()
data = {'email': email}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
form.save(domain_override='example.com')
self.assertEqual(form.cleaned_data['email'], email)
self.assertEqual(len(mail.outbox), 1)
def test_cleaned_data(self):
(user, username, email) = self.create_dummy_user()
data = {'email': email}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
form.save(domain_override='example.com')
self.assertEqual(form.cleaned_data['email'], email)
self.assertEqual(len(mail.outbox), 1)
def test_cleaned_data(self):
# Regression test
user = User.objects.create_user("jsmith3", "*****@*****.**",
"test123")
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
self.assertEqual(form.cleaned_data['email'], u'*****@*****.**')
def test_inactive_user(self):
#tests that inactive user cannot
#receive password reset email
(user, username, email) = self.create_dummy_user()
user.is_active = False
user.save()
form = PasswordResetForm({'email': email})
self.assertFalse(form.is_valid())
def test_nonexistant_email(self):
# Test nonexistant email address
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertFalse(form.is_valid())
self.assertEqual(
form.errors,
{'email': [force_text(form.error_messages['unknown'])]})
def esqueci_senha(request):
if request.method == "POST":
form_esqueci = PasswordResetForm(request.POST)
if form_esqueci.is_valid():
form_esqueci.save(subject_template_name="", email_template_name="usuario/email-esqueci.html", from_email="")
messages.add_message(request, messages.INFO, 'Um e-mail com instruções para alteração de senha foi enviado.')
form_esqueci = PasswordResetForm()
return render(request, 'usuario/esqueci-senha.html', {'form_esqueci': form_esqueci})
def view_register(request):
if request.method == 'POST':
user_form = UserBootstrapForm(data=request.POST)
if user_form.is_valid():
# check to see if this email address is unique
if User.objects.filter(email=request.POST['email']):
user_form.add_error(
'email', 'A user with that email address '
'already exists.')
return render(request, 'pdata_app/generic_form.html', {
'form': user_form,
'page_title': 'Create Account'
})
# Create a database object from the user's form data
user = user_form.save(commit=False)
# Set a random password so that the email address can be verified
user.set_password(User.objects.make_random_password())
user.save()
# This form only requires the "email" field, so will validate.
reset_form = PasswordResetForm(request.POST)
reset_form.is_valid() # Must trigger validation
# Copied from django/contrib/auth/views.py : password_reset
opts = {
'use_https': True,
'email_template_name':
'pdata_app/register_user_email_message.html',
'subject_template_name':
'pdata_app/register_user_email_subject.html',
'request': request,
'from_email': '*****@*****.**'
}
# This form sends the email on save()
reset_form.save(**opts)
return redirect('register_success')
else:
user_form = UserBootstrapForm()
# Render the template depending on the context.
return render(request, 'pdata_app/generic_form.html', {
'form': user_form,
'page_title': 'Create Account'
})
def send_password_reset_email(request):
pw_form = PasswordResetForm(request.POST)
if pw_form.is_valid():
pw_form.save(subject_template_name='email-reset-password-subject.txt',
email_template_name='empty.html',
html_email_template_name='email-reset-password.djhtml',
request=request)
return HttpResponse('email sent')
return HttpResponseBadRequest('Email Inválido')
def password_reset(request):
"""Automatically sends a password-reset email to the currently logged in user"""
form = PasswordResetForm(data={"email": request.user.email})
if form.is_valid():
form.save(request=request)
return redirect("password_reset_done")
else:
messages.error(request, form.errors)
return redirect("userprofile")
def test_custom_email_subject(self):
template_path = os.path.join(os.path.dirname(__file__), 'templates')
with self.settings(TEMPLATE_DIRS=(template_path,)):
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
form.save()
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].subject, u'Custom password reset on example.com')
def send_password_reset(self, request, queryset):
for user in queryset:
try:
validate_email(user.email)
form = PasswordResetForm(data={"email": user.email})
form.is_valid()
form.save(
email_template_name="accounts/password_forced_reset_email.html",
extra_email_context={"full_name": user.full_name},
)
self.message_user(request, _("Succesfully sent password reset email."))
except ValidationError:
self.message_user(
request,
_("User does not have a valid email address"),
level="error",
)
def form_valid(self, form):
form.register_user()
email = form.cleaned_data['email']
password_reset = PasswordResetForm({'email': email})
if password_reset.is_valid():
password_reset.save(request=self.request)
return super(RegisterAccount, self).form_valid(form)
def PassReset(request):
if request.method == 'POST':
email = request.POST.get('email')
form = PasswordResetForm(request.POST)
if form.is_valid():
form.save(request=request)
return render(request, 'pages/emailSent.html', {'email': email})
return render(request, 'pages/forgotPassword.html')
def test_user_email_domain_unicode_collision(self):
User.objects.create_user("mike123", "*****@*****.**", "test123")
User.objects.create_user("mike456", "mike@ıxample.org", "test123")
data = {"email": "mike@ıxample.org"}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
form.save()
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].to, ["mike@ıxample.org"])
def send_password_reset(request, user_id):
user = get_object_or_404(User, id=user_id)
form = PasswordResetForm({'email': user.email})
if form.is_valid():
form.save(email_template_name="auto_password_reset_email.html")
messages.success(request, "Password reset email sent.")
return HttpResponseRedirect(
reverse('participant_overview', args=(user.id, )))
def test_nonexistent_email(self):
"""
Test nonexistent email address. This should not fail because it would
expose information about registered users.
"""
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
self.assertEqual(len(mail.outbox), 0)
def test_user_email_domain_unicode_collision(self):
User.objects.create_user('mike123', '*****@*****.**', 'test123')
User.objects.create_user('mike456', 'mike@ıxample.org', 'test123')
data = {'email': 'mike@ıxample.org'}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
form.save()
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].to, ['mike@ıxample.org'])
def test_custom_email_field(self):
email = '*****@*****.**'
CustomEmailField.objects.create_user('test name', 'test password', email)
form = PasswordResetForm({'email': email})
self.assertTrue(form.is_valid())
form.save()
self.assertEqual(form.cleaned_data['email'], email)
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].to, [email])
def new_user(request):
add_user_success = False
if request.method == 'GET':
profile_form = UserProfileForm()
return render_to_response("accountmanagement/account/add_user.html",
{'profile_form': profile_form},
context_instance=RequestContext(request))
if request.method == 'POST':
manager = get_database_manager(request.user)
org = get_organization(request)
form = UserProfileForm(organization=org, data=request.POST)
if form.is_valid():
username = form.cleaned_data.get('username')
if not form.errors:
user = User.objects.create_user(username, username, 'test123')
user.first_name = form.cleaned_data['full_name']
group = Group.objects.filter(name="Project Managers")
user.groups.add(group[0])
user.save()
mobile_number = form.cleaned_data['mobile_phone']
ngo_user_profile = NGOUserProfile(
user=user,
title=form.cleaned_data['title'],
mobile_phone=mobile_number,
org_id=org.org_id)
ngo_user_profile.reporter_id = make_user_as_a_datasender(
manager=manager,
organization=org,
current_user_name=user.get_full_name(),
mobile_number=mobile_number,
email=username)
ngo_user_profile.save()
associate_user_with_existing_project(
manager, ngo_user_profile.reporter_id)
reset_form = PasswordResetForm({"email": username})
if reset_form.is_valid():
send_email_to_data_sender(reset_form.users_cache[0],
request.LANGUAGE_CODE,
request=request,
type="created_user",
organization=org)
name = form.cleaned_data.get("full_name")
form = UserProfileForm()
add_user_success = True
detail_dict = dict({"Name": name})
UserActivityLog().log(request,
action=ADDED_USER,
detail=json.dumps(detail_dict))
return render_to_response("accountmanagement/account/add_user.html", {
'profile_form': form,
'add_user_success': add_user_success
},
context_instance=RequestContext(request))
def forgotpassword_view(request, form=None):
if request.method == 'POST':
form = PasswordResetForm(request.POST)
if form.is_valid():
# user = form.save()
# update_session_auth_hash(request, user) # Important!
# messages.success(request, 'Your password was successfully updated!')
return redirect('forgotpassword_view')
form = PasswordResetForm()
return render(request, 'forgotpassword.html', {'form': form})
def ipasswordreset(request):
if request.method == "POST":
fm = PasswordResetForm(request.POST)
if fm.is_valid():
fm.save(from_email=mediclick1 @ gmail.com)
else:
fm = PasswordResetForm()
return render(request, "ipasswordreset.html", {'form': fm})
def perform_create(self, serializer):
instance = serializer.save()
form = PasswordResetForm({"email": instance.email})
assert form.is_valid()
form.save(
request=self.request,
use_https=True,
from_email=settings.DEFAULT_FROM_EMAIL,
email_template_name="accounts/password_setup_email.html",
)
def send_email_invitation(self, request, queryset):
for user in queryset:
reset_form = PasswordResetForm({'email': user.email}, request.POST)
assert reset_form.is_valid()
reset_form.save(
#subject_template_name='templates/emails/account_creation_subject.txt',
#email_template_name='templates/emails/invitation_email.html',
request=request)
self.message_user(request, 'Email invitation successfully sent')
def send_password_email_to_user(self, request):
user = CustomUser.objects.get(username=request.POST['username'])
form = PasswordResetForm({'email': user.email})
if form.is_valid():
form.save(request=request,
use_https=False,
from_email="*****@*****.**",
email_template_name=
'registration/password_reset_email_admin.html')
def test_custom_email_field(self):
email = "*****@*****.**"
CustomEmailField.objects.create_user("test name", "test password",
email)
form = PasswordResetForm({"email": email})
self.assertTrue(form.is_valid())
form.save()
self.assertEqual(form.cleaned_data["email"], email)
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].to, [email])
def send_password_reset(self, user_email, request):
form = PasswordResetForm({'email': user_email})
if form.is_valid():
form.save(request=request,
from_email=settings.DEFAULT_FROM_EMAIL,
use_https=True)
return True
else:
return False
def password_reset(request):
if request.method == 'POST':
form = PasswordResetForm(request.user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('morepractice:thanks'))
else:
form = PasswordResetForm(request.user)
return render(request, 'morepractice/password_reset.html', {'form': form})
def signup(request):
if request.method == "POST":
form = SignUpForm(request.POST)
if form.is_valid():
new_user = User.objects.create_user(**form.cleaned_data)
password = PasswordResetForm(request.POST)
password.is_valid()
opts = {
'use_https': request.is_secure(),
'email_template_name':
'registration/password_reset_email.html',
'token_generator': default_token_generator,
'request': request,
}
password.save(**opts)
return redirect("signup-mail-sent")
else:
form = SignUpForm()
return render(request, "registration/signup.html", {"form": form})
def test_custom_email_subject(self):
data = {'email': '*****@*****.**'}
form = PasswordResetForm(data)
self.assertTrue(form.is_valid())
# Since we're not providing a request object, we must provide a
# domain_override to prevent the save operation from failing in the
# potential case where contrib.sites is not installed. Refs #16412.
form.save(domain_override='example.com')
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].subject, 'Custom password reset on example.com')
def save(self, request):
user = super(AddUserForm, self).save(commit=False)
user.set_password(get_random_string(1024))
user.save()
prf = PasswordResetForm({"email": user.email})
if prf.is_valid():
prf.save(request=request, use_https=True,
email_template_name='registration/invitation_email.html',
subject_template_name='registration/invitation_subject.txt')
return user
