def lost(request, next_page, recovery_page, mail_template_name='accounts/recovery_mail.txt', form_template_name='accounts/recovery_form.html', sent_template_name='accounts/recovery_mail_sent.html'): error = None if request.POST: user = get_user(request.POST.get('username')) if not user: error = "Incorrect username." if not error: # Password recovery works via a special kind of session # which is transmitted over e-mail, rather than via a # cookie. Create a session which includes the username # this request was generated for. key = Session.objects.get_new_session_key() expire_date = datetime.datetime.now() + datetime.timedelta(hours=12) Session.objects.save(key, { 'account_recovery_session': True, 'username': user.username, }, expire_date) send_mail_to_user(user, mail_template_name, request = request, recovery_path = recovery_page % key) return render_to_response(sent_template_name) return render_to_response(form_template_name, RequestContext(request, {'error': error}))
def save(self): if not self.errors: # XXX Compatibility with Django 0.96 and 1.0 formdata = getattr(self, "cleaned_data", getattr(self, "clean_data", None)) d = dict((k, v.encode("utf8")) for k, v in formdata.iteritems()) try: user = auth.models.User.objects.create_user( d['username'], d['email'], d['password1']) return user except: # We check for duplicate users here instead of clean, since it's # possible that two users could race for a name. if get_user(username=d['username']): self.errors['username'] = \ forms.util.ErrorList(["Sorry, this username is taken."]) else: raise
def save(self): if not self.errors: formdata = self.cleaned_data d = dict((k, v.encode("utf8")) for k, v in formdata.iteritems()) try: user = auth.models.User.objects.create_user(d['username'], d['email'], d['password1']) user.first_name = d['first_name'] user.last_name = d['last_name'] user.save() return user except: # We check for duplicate users here instead of clean, since it's # possible that two users could race for a name. if get_user(username=d['username']): self.errors['username'] = \ forms.util.ErrorList(["Sorry, this username is taken."]) else: raise
def save(self): if not self.errors: # XXX Compatibility with Django 0.96 and 1.0 formdata = getattr(self, "cleaned_data", getattr(self, "clean_data", None)) d = dict((k, v.encode("utf8")) for k, v in formdata.iteritems()) try: user = auth.models.User.objects.create_user(d['username'], d['email'], d['password1']) return user except: # We check for duplicate users here instead of clean, since it's # possible that two users could race for a name. if get_user(username=d['username']): self.errors['username'] = \ forms.util.ErrorList(["Sorry, this username is taken."]) else: raise
def reset(request, key, next_page, form_template_name='accounts/reset_password.html', error_template_name='accounts/recovery_key_error.html'): session = get_recovery_session(key) if not session: return render_to_response(error_template_name, RequestContext(request)) user = get_user(session.get('username')) if request.POST: form = ResetPasswordForm(request.POST) form.full_clean() validate_test_cookie(form, request) if not form.errors: # XXX Compatibility with Django 0.96 and 1.0 formdata = getattr(form, "cleaned_data", getattr(form, "clean_data", None)) user.set_password(formdata['password1']) user.save() # Try to log in using the new password loginError = internal_login(request, user.username, formdata['password1']) if loginError: # This might happen if the account is deactivated. form.errors['submit'] = forms.util.ErrorList([loginError]) else: # We're in successfully. Expire the recovery session. Session.objects.save(key, None, datetime.datetime.now()) return HttpResponseRedirect(next_page) else: form = None request.session.set_test_cookie() return render_to_response(form_template_name, RequestContext(request, { 'form_path': request.path, 'username': user.username, 'form': form, }))