def activate(request, username="", user="******", token=""):
user = int(user)
try:
user = User.objects.get(pk=user)
current_activation = user.activation
# Run checks
user_ban = check_ban(username=user.username, email=user.email)
if user_ban:
return error_banned(request, user, user_ban)
if user.activation == User.ACTIVATION_NONE:
return error403(request, Message(request, "users/activation/not_required", extra={"user": user}))
if user.activation == User.ACTIVATION_ADMIN:
return error403(request, Message(request, "users/activation/only_by_admin", extra={"user": user}))
if not token or not user.token or user.token != token:
return error403(request, Message(request, "users/invalid_confirmation_link", extra={"user": user}))
# Activate and sign in our member
user.activation = User.ACTIVATION_NONE
sign_user_in(request, user)
# Update monitor
request.monitor["users_inactive"] = request.monitor["users_inactive"] - 1
if current_activation == User.ACTIVATION_CREDENTIALS:
request.messages.set_flash(
Message(request, "users/activation/credentials", extra={"user": user}), "success"
)
else:
request.messages.set_flash(Message(request, "users/activation/new", extra={"user": user}), "success")
return redirect(reverse("index"))
except User.DoesNotExist:
return error404(request)
def activate(request, username="", user="******", token=""):
user = int(user)
try:
user = User.objects.get(pk=user)
current_activation = user.activation
# Run checks
user_ban = check_ban(username=user.username, email=user.email)
if user_ban:
return error_banned(request, user, user_ban)
if user.activation == User.ACTIVATION_NONE:
return error403(
request,
Message(request,
'users/activation/not_required',
extra={'user': user}))
if user.activation == User.ACTIVATION_ADMIN:
return error403(
request,
Message(request,
'users/activation/only_by_admin',
extra={'user': user}))
if not token or not user.token or user.token != token:
return error403(
request,
Message(request,
'users/invalid_confirmation_link',
extra={'user': user}))
# Activate and sign in our member
user.activation = User.ACTIVATION_NONE
sign_user_in(request, user)
# Update monitor
request.monitor[
'users_inactive'] = request.monitor['users_inactive'] - 1
if current_activation == User.ACTIVATION_CREDENTIALS:
request.messages.set_flash(
Message(request,
'users/activation/credentials',
extra={'user': user}), 'success')
else:
request.messages.set_flash(
Message(request, 'users/activation/new', extra={'user': user}),
'success')
return redirect(reverse('index'))
except User.DoesNotExist:
return error404(request)
def register(request):
if request.settings['account_activation'] == 'block':
return error403(request, Message(request, 'users/registration/registrations_off'))
message = None
if request.method == 'POST':
form = UserRegisterForm(request.POST, request=request)
if form.is_valid():
need_activation = 0
if request.settings['account_activation'] == 'user':
need_activation = User.ACTIVATION_USER
if request.settings['account_activation'] == 'admin':
need_activation = User.ACTIVATION_ADMIN
new_user = User.objects.create_user(
form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
ip=request.session.get_ip(request),
activation=need_activation,
request=request
)
if need_activation == User.ACTIVATION_NONE:
# No need for activation, sign in user
sign_user_in(request, new_user)
request.messages.set_flash(Message(request, 'users/activation/none', extra={'user':new_user}), 'success')
if need_activation == User.ACTIVATION_USER:
# Mail user activation e-mail
request.messages.set_flash(Message(request, 'users/registration/activation_user', extra={'user':new_user}), 'info')
new_user.email_user(
request,
'users/activation/user',
_("Welcome aboard, %(username)s!" % {'username': new_user.username}),
)
if need_activation == User.ACTIVATION_ADMIN:
# Require admin activation
request.messages.set_flash(Message(request, 'users/registration/activation_admin', extra={'user':new_user}), 'info')
new_user.email_user(
request,
'users/activation/admin',
_("Welcome aboard, %(username)s!" % {'username': new_user.username}),
{'password': form.cleaned_data['password']}
)
return redirect(reverse('index'))
else:
message = Message(request, form.non_field_errors()[0])
if request.settings['registrations_jams']:
SignInAttempt.objects.register_attempt(request.session.get_ip(request))
# Have we jammed our account?
if SignInAttempt.objects.is_jammed(request.session.get_ip(request)):
request.jam.expires = timezone.now()
return redirect(reverse('register'))
else:
form = UserRegisterForm(request=request)
return request.theme.render_to_response('users/register.html',
{
'message': message,
'form': FormLayout(form),
'hide_signin': True,
},
context_instance=RequestContext(request));
def signin(request):
message = request.messages.get_message('security')
if request.method == 'POST':
form = SignInForm(
request.POST,
show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'],
request=request
)
if form.is_valid():
try:
# Configure correct auth and redirect links
if request.firewall.admin:
auth_method = auth_admin
success_redirect = reverse(site.get_admin_index())
else:
auth_method = auth_forum
success_redirect = reverse('index')
# Authenticate user
user = auth_method(
request,
form.cleaned_data['user_email'],
form.cleaned_data['user_password'],
)
if not request.firewall.admin and request.settings['sessions_hidden'] and form.cleaned_data['user_stay_hidden']:
request.session.hidden = True
sign_user_in(request, user, request.session.hidden)
remember_me_token = False
if not request.firewall.admin and request.settings['remember_me_allow'] and form.cleaned_data['user_remember_me']:
remember_me_token = get_random_string(42)
remember_me = Token(
id=remember_me_token,
user=user,
created=timezone.now(),
accessed=timezone.now(),
hidden=request.session.hidden
)
remember_me.save()
if remember_me_token:
request.cookie_jar.set('TOKEN', remember_me_token, True)
request.messages.set_flash(Message(request, 'security/signed_in', extra={'user': user}), 'success', 'security')
return redirect(success_redirect)
except AuthException as e:
message = Message(request, e.type, extra={'user':e.user, 'ban':e.ban})
message.type = 'error'
# If not in Admin, register failed attempt
if not request.firewall.admin and e.type == auth.CREDENTIALS:
SignInAttempt.objects.register_attempt(request.session.get_ip(request))
# Have we jammed our account?
if SignInAttempt.objects.is_jammed(request.settings, request.session.get_ip(request)):
request.jam.expires = timezone.now()
return redirect(reverse('sign_in'))
else:
message = Message(request, form.non_field_errors()[0])
message.type = 'error'
else:
form = SignInForm(
show_remember_me=not request.firewall.admin and request.settings['remember_me_allow'],
show_stay_hidden=not request.firewall.admin and request.settings['sessions_hidden'],
request=request
)
return request.theme.render_to_response('signin.html',
{
'message': message,
'form': FormLayout(form, [
(
None,
[('user_email', {'attrs': {'placeholder': _("Enter your e-mail")}}), ('user_password', {'has_value': False, 'placeholder': _("Enter your password")})]
),
(
None,
['user_remember_me', 'user_stay_hidden'],
),
]),
'hide_signin': True,
},
context_instance=RequestContext(request));
def register(request):
if request.settings['account_activation'] == 'block':
return error403(
request, Message(request, 'users/registration/registrations_off'))
message = None
if request.method == 'POST':
form = UserRegisterForm(request.POST, request=request)
if form.is_valid():
need_activation = 0
if request.settings['account_activation'] == 'user':
need_activation = User.ACTIVATION_USER
if request.settings['account_activation'] == 'admin':
need_activation = User.ACTIVATION_ADMIN
new_user = User.objects.create_user(
form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
ip=request.session.get_ip(request),
activation=need_activation,
request=request)
if need_activation == User.ACTIVATION_NONE:
# No need for activation, sign in user
sign_user_in(request, new_user)
request.messages.set_flash(
Message(request,
'users/activation/none',
extra={'user': new_user}), 'success')
if need_activation == User.ACTIVATION_USER:
# Mail user activation e-mail
request.messages.set_flash(
Message(request,
'users/registration/activation_user',
extra={'user': new_user}), 'info')
new_user.email_user(
request,
'users/activation/user',
_("Welcome aboard, %(username)s!" %
{'username': new_user.username}),
)
if need_activation == User.ACTIVATION_ADMIN:
# Require admin activation
request.messages.set_flash(
Message(request,
'users/registration/activation_admin',
extra={'user': new_user}), 'info')
new_user.email_user(
request, 'users/activation/admin',
_("Welcome aboard, %(username)s!" %
{'username': new_user.username}),
{'password': form.cleaned_data['password']})
return redirect(reverse('index'))
else:
message = Message(request, form.non_field_errors()[0])
if request.settings['registrations_jams']:
SignInAttempt.objects.register_attempt(
request.session.get_ip(request))
# Have we jammed our account?
if SignInAttempt.objects.is_jammed(
request.session.get_ip(request)):
request.jam.expires = timezone.now()
return redirect(reverse('register'))
else:
form = UserRegisterForm(request=request)
return request.theme.render_to_response(
'users/register.html', {
'message': message,
'form': FormLayout(form),
'hide_signin': True,
},
context_instance=RequestContext(request))
