Exemple #1
0
def activate(request, username="", user="******", token=""):
    user = int(user)

    try:
        user = User.objects.get(pk=user)
        current_activation = user.activation

        # Run checks
        user_ban = Ban.objects.check_ban(username=user.username, email=user.email)
        if user_ban:
            return error_banned(request, user, user_ban)

        if user.activation == User.ACTIVATION_NONE:
            return redirect_message(request, messages.INFO, _("%(username)s, your account is already active.") % {'username': user.username})

        if user.activation == User.ACTIVATION_ADMIN:
            return redirect_message(request, messages.INFO, _("%(username)s, only board administrator can activate your account.") % {'username': user.username})

        if not token or not user.token or user.token != token:
            return redirect_message(request, messages.ERROR, _("%(username)s, your activation link is invalid. Try again or request new activation e-mail.") % {'username': user.username})

        # Activate and sign in our member
        user.activation = User.ACTIVATION_NONE
        sign_user_in(request, user)

        # Update monitor
        User.objects.resync_monitor()

        if current_activation == User.ACTIVATION_CREDENTIALS:
            return redirect_message(request, messages.SUCCESS, _("%(username)s, your account has been successfully reactivated after change of sign-in credentials.") % {'username': user.username})
        else:
            return redirect_message(request, messages.SUCCESS, _("%(username)s, your account has been successfully activated. Welcome aboard!") % {'username': user.username})
    except User.DoesNotExist:
        return error404(request)
Exemple #2
0
def activate(request, username="", user="******", token=""):
    user = int(user)

    try:
        user = User.objects.get(pk=user)
        current_activation = user.activation

        # Run checks
        user_ban = Ban.objects.check_ban(username=user.username, email=user.email)
        if user_ban:
            return error_banned(request, user, user_ban)

        if user.activation == User.ACTIVATION_NONE:
            return redirect_message(request, Message(_("%(username)s, your account is already active.") % {'username': user.username}), 'info')

        if user.activation == User.ACTIVATION_ADMIN:
            return redirect_message(request, Message(_("%(username)s, only board administrator can activate your account.") % {'username': user.username}), 'info')

        if not token or not user.token or user.token != token:
            return redirect_message(request, Message(_("%(username)s, your activation link is invalid. Try again or request new activation e-mail.") % {'username': user.username}), 'error')

        # Activate and sign in our member
        user.activation = User.ACTIVATION_NONE
        sign_user_in(request, user)

        # Update monitor
        User.objects.resync_monitor(request.monitor)

        if current_activation == User.ACTIVATION_CREDENTIALS:
            return redirect_message(request, Message(_("%(username)s, your account has been successfully reactivated after change of sign-in credentials.") % {'username': user.username}), 'success')
        else:
            return redirect_message(request, Message(_("%(username)s, your account has been successfully activated. Welcome aboard!") % {'username': user.username}), 'success')
    except User.DoesNotExist:
        return error404(request)
Exemple #3
0
def form(request):
    if settings.account_activation == "block":
        return redirect_message(
            request, messages.INFO, _("We are sorry but we don't allow new members registrations at this time.")
        )

    message = None
    if request.method == "POST":
        form = UserRegisterForm(request.POST, request=request)
        if form.is_valid():
            need_activation = 0
            if settings.account_activation == "user":
                need_activation = User.ACTIVATION_USER
            if settings.account_activation == "admin":
                need_activation = User.ACTIVATION_ADMIN

            new_user = User.objects.create_user(
                form.cleaned_data["username"],
                form.cleaned_data["email"],
                form.cleaned_data["password"],
                ip=request.session.get_ip(request),
                agent=request.META.get("HTTP_USER_AGENT"),
                activation=need_activation,
                request=request,
            )

            if need_activation == User.ACTIVATION_NONE:
                # Sign in user
                sign_user_in(request, new_user)
                messages.success(
                    request,
                    _("Welcome aboard, %(username)s! Your account has been registered successfully.")
                    % {"username": new_user.username},
                )

            if need_activation == User.ACTIVATION_USER:
                # Mail user activation e-mail
                messages.info(
                    request,
                    _(
                        "%(username)s, your account has been registered, but you will have to activate it before you will be able to sign-in. We have sent you an e-mail with activation link."
                    )
                    % {"username": new_user.username},
                )
                new_user.email_user(
                    request,
                    "users/activation/user",
                    _("Welcome aboard, %(username)s!") % {"username": new_user.username},
                )

            if need_activation == User.ACTIVATION_ADMIN:
                # Require admin activation
                messages.info(
                    request,
                    _(
                        "%(username)s, Your account has been registered, but you won't be able to sign in until board administrator accepts it. We'll notify when this happens. Thank you for your patience!"
                    )
                    % {"username": new_user.username},
                )
                new_user.email_user(
                    request,
                    "users/activation/admin",
                    _("Welcome aboard, %(username)s!") % {"username": new_user.username},
                    {"password": form.cleaned_data["password"]},
                )

            User.objects.resync_monitor()
            return redirect(reverse("index"))
        else:
            message = Message(form.non_field_errors()[0], messages.ERROR)
            if settings.registrations_jams:
                SignInAttempt.objects.register_attempt(request.session.get_ip(request))
            # Have we jammed our account?
            if SignInAttempt.objects.is_jammed(request.session.get_ip(request)):
                request.jam.expires = timezone.now()
                return redirect(reverse("register"))
    else:
        form = UserRegisterForm(request=request)
    return render_to_response(
        "register.html",
        {"message": message, "form": form, "hide_signin": True},
        context_instance=RequestContext(request),
    )
Exemple #4
0
def form(request):
    if request.settings['account_activation'] == 'block':
        return redirect_message(
            request,
            Message(
                _("We are sorry but we don't allow new members registrations at this time."
                  )), 'info')

    message = None
    if request.method == 'POST':
        form = UserRegisterForm(request.POST, request=request)
        if form.is_valid():
            need_activation = 0
            if request.settings['account_activation'] == 'user':
                need_activation = User.ACTIVATION_USER
            if request.settings['account_activation'] == 'admin':
                need_activation = User.ACTIVATION_ADMIN

            new_user = User.objects.create_user(
                form.cleaned_data['username'],
                form.cleaned_data['email'],
                form.cleaned_data['password'],
                ip=request.session.get_ip(request),
                agent=request.META.get('HTTP_USER_AGENT'),
                activation=need_activation,
                request=request)

            if need_activation == User.ACTIVATION_NONE:
                # Sign in user
                sign_user_in(request, new_user)
                request.messages.set_flash(
                    Message(
                        _("Welcome aboard, %(username)s! Your account has been registered successfully."
                          ) % {'username': new_user.username}), 'success')

            if need_activation == User.ACTIVATION_USER:
                # Mail user activation e-mail
                request.messages.set_flash(
                    Message(
                        _("%(username)s, your account has been registered, but you will have to activate it before you will be able to sign-in. We have sent you an e-mail with activation link."
                          ) % {'username': new_user.username}), 'info')
                new_user.email_user(
                    request,
                    'users/activation/user',
                    _("Welcome aboard, %(username)s!") %
                    {'username': new_user.username},
                )

            if need_activation == User.ACTIVATION_ADMIN:
                # Require admin activation
                request.messages.set_flash(
                    Message(
                        _("%(username)s, Your account has been registered, but you won't be able to sign in until board administrator accepts it. We'll notify when this happens. Thank you for your patience!"
                          ) % {'username': new_user.username}), 'info')
                new_user.email_user(
                    request, 'users/activation/admin',
                    _("Welcome aboard, %(username)s!") %
                    {'username': new_user.username},
                    {'password': form.cleaned_data['password']})

            User.objects.resync_monitor(request.monitor)
            return redirect(reverse('index'))
        else:
            message = Message(form.non_field_errors()[0], 'error')
            if request.settings['registrations_jams']:
                SignInAttempt.objects.register_attempt(
                    request.session.get_ip(request))
            # Have we jammed our account?
            if SignInAttempt.objects.is_jammed(
                    request.settings, request.session.get_ip(request)):
                request.jam.expires = timezone.now()
                return redirect(reverse('register'))
    else:
        form = UserRegisterForm(request=request)
    return request.theme.render_to_response(
        'register.html', {
            'message': message,
            'form': FormLayout(form),
            'hide_signin': True,
        },
        context_instance=RequestContext(request))
Exemple #5
0
def form(request):
    if request.settings['account_activation'] == 'block':
       return redirect_message(request, Message(_("We are sorry but we don't allow new members registrations at this time.")), 'info')
    
    message = None
    if request.method == 'POST':
        form = UserRegisterForm(request.POST, request=request)
        if form.is_valid():
            need_activation = 0
            if request.settings['account_activation'] == 'user':
                need_activation = User.ACTIVATION_USER
            if request.settings['account_activation'] == 'admin':
                need_activation = User.ACTIVATION_ADMIN
                
            new_user = User.objects.create_user(
                                                form.cleaned_data['username'],
                                                form.cleaned_data['email'],
                                                form.cleaned_data['password'],
                                                ip=request.session.get_ip(request),
                                                agent=request.META.get('HTTP_USER_AGENT'),
                                                activation=need_activation,
                                                request=request
                                                )
                        
            if need_activation == User.ACTIVATION_NONE:
                # Sign in user
                sign_user_in(request, new_user)
                request.messages.set_flash(Message(_("Welcome aboard, %(username)s! Your account has been registered successfully.") % {'username': new_user.username}), 'success')
                
            if need_activation == User.ACTIVATION_USER:
                # Mail user activation e-mail
                request.messages.set_flash(Message(_("%(username)s, your account has been registered, but you will have to activate it before you will be able to sign-in. We have sent you an e-mail with activation link.") % {'username': new_user.username}), 'info')
                new_user.email_user(
                                    request,
                                    'users/activation/user',
                                    _("Welcome aboard, %(username)s!") % {'username': new_user.username},
                                    )
                
            if need_activation == User.ACTIVATION_ADMIN:
                # Require admin activation
                request.messages.set_flash(Message(_("%(username)s, Your account has been registered, but you won't be able to sign in until board administrator accepts it. We'll notify when this happens. Thank you for your patience!") % {'username': new_user.username}), 'info')
                new_user.email_user(
                                    request,
                                    'users/activation/admin',
                                    _("Welcome aboard, %(username)s!") % {'username': new_user.username},
                                    {'password': form.cleaned_data['password']}
                                    )
            
            User.objects.resync_monitor(request.monitor)
            return redirect(reverse('index'))
        else:
            message = Message(form.non_field_errors()[0], 'error')
            if request.settings['registrations_jams']:
                SignInAttempt.objects.register_attempt(request.session.get_ip(request))
            # Have we jammed our account?
            if SignInAttempt.objects.is_jammed(request.settings, request.session.get_ip(request)):
                request.jam.expires = timezone.now()
                return redirect(reverse('register'))
    else:
        form = UserRegisterForm(request=request)
    return request.theme.render_to_response('register.html',
                                            {
                                             'message': message,
                                             'form': FormLayout(form),
                                             'hide_signin': True, 
                                            },
                                            context_instance=RequestContext(request));
def run(request, user):
	return sign_user_in(request, user)
	
Exemple #7
0
def signin(request):
    message = request.messages.get_message('security')
    bad_password = False
    not_active = False
    banned_account = False

    if request.method == 'POST':
        form = SignInForm(
                          request.POST,
                          show_remember_me=not request.firewall.admin and settings.remember_me_allow,
                          request=request
                          )

        if form.is_valid():
            try:
                # Configure correct auth and redirect links
                if request.firewall.admin:
                    auth_method = auth_admin
                    success_redirect = reverse(site.get_admin_index())
                else:
                    auth_method = auth_forum
                    success_redirect = reverse('index')

                # Authenticate user
                user = auth_method(
                                  request,
                                  form.cleaned_data['user_email'],
                                  form.cleaned_data['user_password'],
                                  )

                sign_user_in(request, user)
                remember_me_token = False

                if not request.firewall.admin and settings.remember_me_allow and form.cleaned_data['user_remember_me']:
                    remember_me_token = random_string(42)
                    remember_me = Token(
                                        id=remember_me_token,
                                        user=user,
                                        created=timezone.now(),
                                        accessed=timezone.now(),
                                        )
                    remember_me.save()
                if remember_me_token:
                    request.cookiejar.set('TOKEN', remember_me_token, True)
                messages.success(request, _("Welcome back, %(username)s!") % {'username': user.username}, 'security')
                return redirect(success_redirect)
            except AuthException as e:
                message = Message(e.error, messages.ERROR)
                bad_password = e.password
                banned_account = e.ban
                not_active = e.activation

                # If not in Admin, register failed attempt
                if not request.firewall.admin and e.type == auth.CREDENTIALS:
                    SignInAttempt.objects.register_attempt(request.session.get_ip(request))

                    # Have we jammed our account?
                    if SignInAttempt.objects.is_jammed(request.session.get_ip(request)):
                        request.jam.expires = timezone.now()
                        return redirect(reverse('sign_in'))
        else:
            message = Message(form.non_field_errors()[0], messages.ERROR)
    else:
        form = SignInForm(
                          show_remember_me=not request.firewall.admin and settings.remember_me_allow,
                          request=request
                          )
    return render_to_response('signin.html',
                              {
                              'message': message,
                              'bad_password': bad_password,
                              'banned_account': banned_account,
                              'not_active': not_active,
                              'form': form,
                              'hide_signin': True,
                              },
                              context_instance=RequestContext(request));