def form_valid(self, form):
password = form.cleaned_data['password']
request = self.request
user = request.user
if not xmpp_backend.check_password(user.node, user.domain, password=password):
form.add_error('password', _('The password is incorrect.'))
return self.form_invalid(form)
address = request.META['REMOTE_ADDR']
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
send_confirmation_task.delay(
user_pk=user.pk, purpose=PURPOSE_DELETE, language=lang, address=address,
to=user.email, base_url=base_url, hostname=request.site['NAME'])
messages.success(request, _(
'We sent you an email to %(email)s to confirm your request.') %
{'email': user.email, })
user.log(ugettext_noop('Requested deletion of account.'), address)
stat(STAT_DELETE_ACCOUNT)
AddressActivity.objects.log(request, ACTIVITY_SET_EMAIL, note=user.email)
return HttpResponseRedirect(reverse('account:detail'))
def form_valid(self, form):
request = self.request
user = request.user
if not user.created_in_backend:
return self.handle_new_account(request, form)
address = request.META['REMOTE_ADDR']
to = form.cleaned_data['email']
# If REQUIRE_UNIQUE_EMAIL is true, validate uniquenss
qs = User.objects.exclude(pk=user.pk).filter(email=to)
if settings.REQUIRE_UNIQUE_EMAIL and qs.exists():
form.add_error('email', _('Email address is already used by another account.'))
return self.form_invalid(form)
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
fp, key = form.get_gpg_data()
set_email_task.delay(
user_pk=user.pk, to=to, language=lang, address=address, fingerprint=fp, key=key,
base_url=base_url, hostname=request.site['NAME'])
messages.success(request, _(
'We sent you an email to your new email address (%(email)s). Click on the link in it '
'to confirm it.') % {'email': to})
user.log(ugettext_noop('Requested change of email address to %(email)s.'), address,
email=to)
stat(STAT_SET_EMAIL)
AddressActivity.objects.log(request, ACTIVITY_SET_EMAIL, note=to)
return super(SetEmailView, self).form_valid(form)
def get_redirect_url(self, *args, **kwargs):
request = self.request
user = request.user
qs = self.queryset.filter(user=user)
key = get_object_or_404(qs, key=kwargs['key'])
user.email = key.to
# Compute the normalized email address
user.normalized_email = normalize_email(user.email)
user.confirmed = timezone.now()
with transaction.atomic():
# Update list of GPG keys
user.gpg_keys.all().delete()
gpg_keys = key.payload.get('gpg_recv_pub')
if gpg_keys:
add_gpg_key_task.delay(user_pk=user.pk, address=key.address.address, key=gpg_keys)
user.save()
key.delete()
messages.success(request,
_('Confirmed email address change to %(email)s.')
% {'email': user.email, })
user.log(ugettext_noop('Confirmed email address change to %(email)s.'),
request.META['REMOTE_ADDR'], email=key.to)
stat(STAT_SET_EMAIL_CONFIRMED)
return super(ConfirmSetEmailView, self).get_redirect_url()
def form_valid(self, form):
self.ratelimit(self.request)
user = None
try:
user = User.objects.confirmed().get(username=form.cleaned_data['username'])
except User.DoesNotExist:
pass # checked in next branch
if user is None or not xmpp_backend.user_exists(user.node, user.domain):
code = 'not-found'
error = forms.ValidationError(form.fields['username'].error_messages[code], code=code)
form.add_error('username', error)
return self.form_invalid(form)
request = self.request
address = request.META['REMOTE_ADDR']
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
user.log(ugettext_noop('Requested password reset.'), address)
AddressActivity.objects.log(request, ACTIVITY_RESET_PASSWORD, user=user)
stat(STAT_RESET_PASSWORD)
send_confirmation_task.delay(
user_pk=user.pk, purpose=PURPOSE_RESET_PASSWORD, language=lang, address=address,
to=user.email, base_url=base_url, hostname=request.site['NAME'])
return self.render_to_response(self.get_context_data(form=form))
def form_valid(self, form):
key = self.key
if isinstance(key, HttpResponse):
return key
request = self.request
address = request.META['REMOTE_ADDR']
now = timezone.now()
with transaction.atomic():
xmpp_backend.set_password(username=key.user.node, domain=key.user.domain,
password=form.cleaned_data['new_password1'])
xmpp_backend.set_last_activity(key.user.node, key.user.domain, timestamp=now)
key.user.last_activity = now
key.user.log(ugettext_noop('Set new password.'), address)
messages.success(request, _('Successfully changed your password.'))
stat(STAT_RESET_PASSWORD_CONFIRMED)
key.user.backend = settings.AUTHENTICATION_BACKENDS[0]
key.user.save()
login(self.request, key.user)
key.delete()
return super(ConfirmResetPasswordView, self).form_valid(form)
def form_valid(self, form):
key = self.key
if isinstance(key, HttpResponse):
return key
request = self.request
address = request.META['REMOTE_ADDR']
password = form.cleaned_data['new_password1']
with transaction.atomic(), version(comment="email address confirmed"):
key.user.confirmed = timezone.now()
key.user.created_in_backend = True
key.user.save()
if request.user != key.user:
logout(request) # logout any previous user
key.user.backend = settings.AUTHENTICATION_BACKENDS[0]
login(request, key.user)
# Actually create the user on the XMPP server
xmpp_backend.create_user(username=key.user.node, domain=key.user.domain,
password=password, email=key.user.email)
key.user.log(ugettext_noop('Email address %(email)s confirmed.'), address,
email=key.user.email)
# TODO: More meaningful help message on a webchat, usable clients, follow updates, ...
messages.success(request, _(
"Successfully confirmed your email address. You can now use your account."))
stat(STAT_REGISTER_CONFIRMED)
# Delete the registration key
key.delete()
return super(ConfirmRegistrationView, self).form_valid(form)
def form_valid(self, form):
self.ratelimit(self.request)
try:
user = User.objects.filter(confirmed__isnull=False).get(
username=form.cleaned_data['username'])
except User.DoesNotExist:
form.add_error('username', _('User not found.'))
return self.form_invalid(form)
request = self.request
address = request.META['REMOTE_ADDR']
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
user.log(ugettext_noop('Requested password reset.'), address)
AddressActivity.objects.log(request,
ACTIVITY_RESET_PASSWORD,
user=user)
stat(STAT_RESET_PASSWORD)
send_confirmation_task.delay(user_pk=user.pk,
purpose=PURPOSE_RESET_PASSWORD,
language=lang,
address=address,
to=user.email,
base_url=base_url,
hostname=request.site['NAME'])
return self.render_to_response(self.get_context_data(form=form))
def form_valid(self, form):
request = self.request
form.save()
request.user.log(ugettext_noop('Set new password.'), request.META['REMOTE_ADDR'])
AddressActivity.objects.log(request, ACTIVITY_SET_PASSWORD)
stat(STAT_SET_PASSWORD)
messages.success(request, _('Successfully changed your password.'))
return super(SetPasswordView, self).form_valid(form)
def form_valid(self, form):
request = self.request
self.ratelimit(request)
address = request.META['REMOTE_ADDR']
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
with transaction.atomic():
response = super(RegistrationView, self).form_valid(form)
user = self.object
# save default language
user.default_language = lang
user.save()
# log user creation, display help message.
user.log(ugettext_noop('Account created.'), address=address)
AddressActivity.objects.log(request,
ACTIVITY_REGISTER,
user=user,
note=user.email)
stat(STAT_REGISTER)
messages.success(
request,
_("""Successfully created the account %(username)s. A confirmation email was
just sent to the email address you provided (%(email)s). Before you can use
your account, you must click on the confirmation link in that email.""") % {
'username': user.username,
'email': user.email,
})
user.backend = settings.AUTHENTICATION_BACKENDS[0]
login(self.request, user)
task = send_confirmation_task.si(user_pk=user.pk,
purpose=PURPOSE_REGISTER,
language=lang,
address=address,
to=user.email,
base_url=base_url,
hostname=request.site['NAME'])
# Store GPG key if any
fp, key = form.get_gpg_data()
if fp or key:
gpg_task = add_gpg_key_task.si(user_pk=user.pk,
address=address,
fingerprint=fp,
key=key)
task = chain(gpg_task, task)
task.delay()
return response
def form_valid(self, form):
request = self.request
self.ratelimit(request)
address = request.META['REMOTE_ADDR']
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
if BlockedEmail.objects.is_blocked(form.cleaned_data['email']):
BlockedIpAddress.objects.block(address)
raise BlockedException(_('You cannot register with this email address.'))
with transaction.atomic(), version(comment='User created'):
response = super(RegistrationView, self).form_valid(form)
user = self.object
# Compute the normalized email address
user.normalized_email = normalize_email(user.email)
# save default language
user.default_language = lang
user.save()
# log user creation, display help message.
user.log(ugettext_noop('Account created.'), address=address)
AddressActivity.objects.log(request, ACTIVITY_REGISTER, user=user, note=user.email)
stat(STAT_REGISTER)
messages.success(request, _(
"""Successfully created the account %(username)s. A confirmation email was
just sent to the email address you provided (%(email)s). Before you can use
your account, you must click on the confirmation link in that email.""") % {
'username': user.username,
'email': user.email,
})
user.backend = settings.AUTHENTICATION_BACKENDS[0]
login(self.request, user)
task = send_confirmation_task.si(
user_pk=user.pk, purpose=PURPOSE_REGISTER, language=lang, address=address,
to=user.email, base_url=base_url, hostname=request.site['NAME'])
# Store GPG key if any
fp, key = form.get_gpg_data()
if fp or key:
gpg_task = add_gpg_key_task.si(
user_pk=user.pk, address=address, fingerprint=fp, key=key)
task = chain(gpg_task, task)
task.delay()
return response
def form_valid(self, form):
request = self.request
address = request.META['REMOTE_ADDR']
user = request.user
password = form.cleaned_data['password']
xmpp_backend.set_password(username=user.node,
domain=user.domain,
password=password)
user.log(ugettext_noop('Set new password.'), address)
AddressActivity.objects.log(request, ACTIVITY_SET_PASSWORD)
stat(STAT_SET_PASSWORD)
messages.success(request, _('Successfully changed your password.'))
return super(SetPasswordView, self).form_valid(form)
def handle_new_account(self, request, form):
self.ratelimit(request)
user = request.user
address = request.META['REMOTE_ADDR']
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
with transaction.atomic():
request.user.email = form.cleaned_data['email']
request.user.save()
# Remove existing confirmation keys for different email addresses, otherwise the user might be
# able to get a confirmed address with the old key, but the new address is already set above
Confirmation.objects.filter(
user=user,
purpose=PURPOSE_REGISTER).exclude(to=user.email).delete()
# log user creation, display help message.
user.log(ugettext_noop('Resent confirmation.'), address=address)
AddressActivity.objects.log(request,
ACTIVITY_RESEND_CONFIRMATION,
user=user,
note=user.email)
stat(STAT_RESEND_CONFIRMATION)
messages.success(
request,
_("Resent confirmation email to %(email)s.") %
{'email': user.email})
task = send_confirmation_task.si(user_pk=user.pk,
purpose=PURPOSE_REGISTER,
language=lang,
address=address,
to=user.email,
base_url=base_url,
hostname=request.site['NAME'])
# Store GPG key if any
fp, key = form.get_gpg_data()
if fp or key:
gpg_task = add_gpg_key_task.si(user_pk=user.pk,
address=address,
fingerprint=fp,
key=key)
task = chain(gpg_task, task)
task.delay()
return HttpResponseRedirect(reverse('account:detail'))
def handle_new_account(self, request, form):
self.ratelimit(request)
user = request.user
address = request.META['REMOTE_ADDR']
lang = request.LANGUAGE_CODE
base_url = '%s://%s' % (request.scheme, request.get_host())
fp, key = form.get_gpg_data()
with transaction.atomic():
request.user.email = form.cleaned_data['email']
# Compute the normalized email address
request.user.normalized_email = normalize_email(user.email)
request.user.save()
# Remove existing confirmation keys for different email addresses, otherwise the user might be
# able to get a confirmed address with the old key, but the new address is already set above
Confirmation.objects.filter(user=user, purpose=PURPOSE_REGISTER).exclude(to=user.email).delete()
# If the user has not set any keys, remove them before sending.
if not fp and not key:
user.gpg_keys.all().delete()
# log user creation, display help message.
user.log(ugettext_noop('Resent confirmation.'), address=address)
AddressActivity.objects.log(request, ACTIVITY_RESEND_CONFIRMATION, user=user, note=user.email)
stat(STAT_RESEND_CONFIRMATION)
messages.success(request, _("Resent confirmation email to %(email)s.") % {'email': user.email})
task = send_confirmation_task.si(
user_pk=user.pk, purpose=PURPOSE_REGISTER, language=lang, address=address,
to=user.email, base_url=base_url, hostname=request.site['NAME'])
# Store GPG key if any
if fp or key:
# TODO: If the user is not confirmed yet and a key is added, this does not seem to work
gpg_task = add_gpg_key_task.si(
user_pk=user.pk, address=address, fingerprint=fp, key=key)
task = chain(gpg_task, task)
# User has not set a new GPG key, so we remove any keys
task.delay()
return HttpResponseRedirect(reverse('account:detail'))
def form_valid(self, form):
password = form.cleaned_data['password']
request = self.request
user = request.user
# Check the password of the user again
if not xmpp_backend.check_password(user.node, user.domain, password=password):
form.add_error('password', _('The password is incorrect.'))
return self.form_invalid(form)
# Verify the confirmation key
key = get_object_or_404(self.queryset.filter(user=user), key=self.kwargs['key'])
# Log the user out, delete data
logout(request)
xmpp_backend.remove_user(user.node, user.domain)
key.delete()
user.delete()
stat(STAT_DELETE_ACCOUNT_CONFIRMED)
return HttpResponseRedirect(reverse('blog:home'))
def form_invalid(self, form):
self.ratelimit(self.request)
stat(STAT_FAILED_LOGIN)
return super(LoginView, self).form_invalid(form)
