def login_view(request): """Log in user.""" csrf_tk = {} csrf_tk.update(csrf(request)) error = False initial = {} # Redirecting user once logged in? if "next" in request.GET: next_page = request.GET["next"] else: next_page = None if request.method == "POST": form = LoginForm(request.POST) username = request.POST["username"] password = request.POST["password"] user = authenticate(username=username, password=password) if user is not None: profile = get_object_or_404(Profile, user=user) if user.is_active: if profile.can_read_now(): login(request, user) request.session["get_token"] = generate_token() if "remember" not in request.POST: request.session.set_expiry(0) profile.last_ip_address = get_client_ip(request) profile.save() # redirect the user if needed try: return redirect(next_page) except: return redirect(reverse("homepage")) else: messages.error(request, _(u"Vous n'êtes pas autorisé à vous connecter " u"sur le site, vous avez été banni par un " u"modérateur.")) else: messages.error(request, _(u"Vous n'avez pas encore activé votre compte, " u"vous devez le faire pour pouvoir vous " u"connecter sur le site. Regardez dans vos " u"mails : {}.").format(user.email)) else: messages.error(request, _(u"Les identifiants fournis ne sont pas valides.")) initial = {'username': username} form = LoginForm(initial=initial) if next_page is not None: form.helper.form_action += "?next=" + next_page csrf_tk["error"] = error csrf_tk["form"] = form csrf_tk["next_page"] = next_page return render(request, "member/login.html", {"form": form, "csrf_tk": csrf_tk})
def test_missing_password_form(self): data = { 'username': '******', 'password': '', 'remember': True } form = LoginForm(data=data) self.assertFalse(form.is_valid())
def test_valid_login_form(self): data = { 'username': '******', 'password': '******', 'remember': True } form = LoginForm(data=data) self.assertTrue(form.is_valid())
def activate_account(request): """Activate an account with a token.""" try: token = request.GET["token"] except KeyError: return redirect(reverse("homepage")) token = get_object_or_404(TokenRegister, token=token) usr = token.user # User can't confirm their request if their account is already active if usr.is_active: return render(request, "member/register/token_already_used.html") # User can't confirm their request if it is too late if datetime.now() > token.date_end: return render(request, "member/register/token_failed.html", {"token": token}) usr.is_active = True usr.save() # Send welcome message bot = get_object_or_404(User, username=settings.ZDS_APP["member"]["bot_account"]) msg = render_to_string( "member/messages/account_activated.md", { "username": usr.username, "site_name": settings.ZDS_APP["site"]["literal_name"], "library_url": settings.ZDS_APP["site"]["url"] + reverse("publication:list"), "opinions_url": settings.ZDS_APP["site"]["url"] + reverse("opinion:list"), "forums_url": settings.ZDS_APP["site"]["url"] + reverse("cats-forums-list"), }, ) send_mp( bot, [usr], _("Bienvenue sur {}").format(settings.ZDS_APP["site"]["literal_name"]), _("Le manuel du nouveau membre"), msg, send_by_mail=False, leave=True, direct=False, hat=get_hat_from_settings("moderation"), ) token.delete() # Create an alert for the staff if it's a new provider if usr.email: provider = usr.email.split("@")[-1].lower() if ( not NewEmailProvider.objects.filter(provider=provider).exists() and not User.objects.filter(email__iendswith=f"@{provider}").exclude(pk=usr.pk).exists() ): NewEmailProvider.objects.create(user=usr, provider=provider, use=NEW_ACCOUNT) form = LoginForm(initial={"username": usr.username}) return render(request, "member/register/token_success.html", {"usr": usr, "form": form})
def activate_account(request): """Activate an account with a token.""" try: token = request.GET['token'] except KeyError: return redirect(reverse('homepage')) token = get_object_or_404(TokenRegister, token=token) usr = token.user # User can't confirm their request if their account is already active if usr.is_active: return render(request, 'member/register/token_already_used.html') # User can't confirm their request if it is too late if datetime.now() > token.date_end: return render(request, 'member/register/token_failed.html', {'token': token}) usr.is_active = True usr.save() # Send welcome message bot = get_object_or_404(User, username=settings.ZDS_APP['member']['bot_account']) msg = render_to_string( 'member/messages/account_activated.md', { 'username': usr.username, 'tutorials_url': settings.ZDS_APP['site']['url'] + reverse('publication:list') + '?type=tutorial', 'articles_url': settings.ZDS_APP['site']['url'] + reverse('publication:list') + '?type=article', 'opinions_url': settings.ZDS_APP['site']['url'] + reverse('opinion:list'), 'members_url': settings.ZDS_APP['site']['url'] + reverse('member-list'), 'forums_url': settings.ZDS_APP['site']['url'] + reverse('cats-forums-list'), 'site_name': settings.ZDS_APP['site']['literal_name'] } ) send_mp(bot, [usr], _('Bienvenue sur {}').format(settings.ZDS_APP['site']['literal_name']), _('Le manuel du nouveau membre'), msg, False, True, False, hat=get_hat_from_settings('moderation')) token.delete() # Create an alert for the staff if it's a new provider if usr.email: provider = usr.email.split('@')[-1].lower() if not NewEmailProvider.objects.filter(provider=provider).exists() \ and not User.objects.filter(email__iendswith='@{}'.format(provider)) \ .exclude(pk=usr.pk).exists(): NewEmailProvider.objects.create(user=usr, provider=provider, use=NEW_ACCOUNT) form = LoginForm(initial={'username': usr.username}) return render(request, 'member/register/token_success.html', {'usr': usr, 'form': form})
def active_account(request): """Active token for a user.""" try: token = request.GET["token"] except KeyError: return redirect(reverse("homepage")) token = get_object_or_404(TokenRegister, token=token) usr = token.user # User can't confirm his request if he is already activated. if usr.is_active: return render(request, "member/register/token_already_used.html") # User can't confirm his request if it is too late. if datetime.now() > token.date_end: return render(request, "member/register/token_failed.html", {"token": token}) usr.is_active = True usr.save() # send register message bot = get_object_or_404(User, username=settings.ZDS_APP['member']['bot_account']) msg = render_to_string( 'member/messages/active_account.md', { 'username': usr.username, 'tutorials_url': settings.ZDS_APP['site']['url'] + reverse("tutorial:list"), 'articles_url': settings.ZDS_APP['site']['url'] + reverse("article:list"), 'members_url': settings.ZDS_APP['site']['url'] + reverse("member-list"), 'forums_url': settings.ZDS_APP['site']['url'] + reverse('cats-forums-list'), 'site_name': settings.ZDS_APP['site']['litteral_name'] }) send_mp( bot, [usr], _(u"Bienvenue sur {}").format( settings.ZDS_APP['site']['litteral_name']), _(u"Le manuel du nouveau membre"), msg, False, True, False) token.delete() form = LoginForm(initial={'username': usr.username}) return render(request, "member/register/token_success.html", { "usr": usr, "form": form })
def active_account(request): """Active token for a user.""" try: token = request.GET["token"] except KeyError: return redirect(reverse("zds.pages.views.home")) token = get_object_or_404(TokenRegister, token=token) usr = token.user # User can't confirm his request if he is already activated. if usr.is_active: return render(request, "member/register/token_already_used.html") # User can't confirm his request if it is too late. if datetime.now() > token.date_end: return render(request, "member/register/token_failed.html", {"token": token}) usr.is_active = True usr.save() # send register message bot = get_object_or_404(User, username=settings.ZDS_APP['member']['bot_account']) msg = _( u'Bonjour **{username}**,' u'\n\n' u'Ton compte a été activé, et tu es donc officiellement ' u'membre de la communauté de {site_name}.' u'\n\n' u'{site_name} est une communauté dont le but est de diffuser des ' u'connaissances au plus grand nombre.' u'\n\n' u'Sur ce site, tu trouveras un ensemble de [tutoriels]({tutorials_url}) dans ' u'plusieurs domaines et plus particulièrement autour de l\'informatique ' u'et des sciences. Tu y retrouveras aussi des [articles]({articles_url}) ' u'traitant de sujets d\'actualité ou non, qui, tout comme les tutoriels, ' u'sont écrits par des [membres]({members_url}) de la communauté. ' u'Pendant tes lectures et ton apprentissage, si jamais tu as des ' u'questions à poser, tu retrouveras sur les [forums]({forums_url}) des personnes ' u'prêtes à te filer un coup de main et ainsi t\'éviter de passer ' u'plusieurs heures sur un problème.' u'\n\n' u'L\'ensemble du contenu disponible sur le site est et sera toujours gratuit, ' u'car la communauté de {site_name} est attachée aux valeurs du libre ' u'partage et désire apporter le savoir à tout le monde quels que soient ses moyens.' u'\n\n' u'En espérant que tu te plairas ici, ' u'je te laisse maintenant faire un petit tour.' u'\n\n' u'Clem\'') \ .format(username=usr.username, tutorials_url=settings.ZDS_APP['site']['url'] + reverse("zds.tutorial.views.index"), articles_url=settings.ZDS_APP['site']['url'] + reverse("zds.article.views.index"), members_url=settings.ZDS_APP['site']['url'] + reverse("member-list"), forums_url=settings.ZDS_APP['site']['url'] + reverse('cats-forums-list'), site_name=settings.ZDS_APP['site']['litteral_name']) send_mp( bot, [usr], _(u"Bienvenue sur {}").format( settings.ZDS_APP['site']['litteral_name']), _(u"Le manuel du nouveau membre"), msg, True, True, False, ) token.delete() form = LoginForm(initial={'username': usr.username}) return render(request, "member/register/token_success.html", { "usr": usr, "form": form })
def login_view(request): """Log in user.""" csrf_tk = {} csrf_tk.update(csrf(request)) error = False initial = {} # Redirecting user once logged in? if 'next' in request.GET: next_page = request.GET['next'] else: next_page = None if request.method == 'POST': form = LoginForm(request.POST) username = request.POST['username'] password = request.POST['password'] user = authenticate(username=username, password=password) if user is not None: profile = get_object_or_404(Profile, user=user) if user.is_active: if profile.can_read_now(): login(request, user) request.session['get_token'] = generate_token() if 'remember' not in request.POST: request.session.set_expiry(0) profile.last_ip_address = get_client_ip(request) profile.save() # redirect the user if needed try: return redirect(next_page) except: return redirect(reverse('homepage')) else: messages.error( request, _(u'Vous n\'êtes pas autorisé à vous connecter ' u'sur le site, vous avez été banni par un ' u'modérateur.')) else: messages.error( request, _(u'Vous n\'avez pas encore activé votre compte, ' u'vous devez le faire pour pouvoir vous ' u'connecter sur le site. Regardez dans vos ' u'mails : {}.').format(user.email)) else: messages.error(request, _(u'Les identifiants fournis ne sont pas valides.')) initial = {'username': username} form = LoginForm(initial=initial) if next_page is not None: form.helper.form_action += '?next=' + next_page csrf_tk['error'] = error csrf_tk['form'] = form csrf_tk['next_page'] = next_page return render(request, 'member/login.html', { 'form': form, 'csrf_tk': csrf_tk })
def test_missing_password_form(self): data = {"username": "******", "password": "", "remember": True} form = LoginForm(data=data) self.assertFalse(form.is_valid())
def test_valid_login_form(self): data = {"username": "******", "password": "******", "remember": True} form = LoginForm(data=data) self.assertTrue(form.is_valid())
def login_view(request): """Logs user in.""" next_page = request.GET.get('next', '/') if next_page in [reverse('member-login'), reverse('register-member'), reverse('member-logout')]: next_page = '/' csrf_tk = {'next_page': next_page} csrf_tk.update(csrf(request)) error = False if request.method != 'POST': form = LoginForm() else: form = LoginForm(request.POST) if form.is_valid(): username = form.cleaned_data['username'] password = form.cleaned_data['password'] user = authenticate(username=username, password=password) if user is None: initial = {'username': username} if User.objects.filter(username=username).exists(): messages.error( request, _( 'Le mot de passe saisi est incorrect. ' 'Cliquez sur le lien « Mot de passe oublié ? » ' 'si vous ne vous en souvenez plus.' ) ) else: messages.error( request, _( 'Ce nom d’utilisateur est inconnu. ' 'Si vous ne possédez pas de compte, ' 'vous pouvez vous inscrire.' ) ) form = LoginForm(initial=initial) if next_page is not None: form.helper.form_action += '?next=' + next_page csrf_tk['error'] = error csrf_tk['form'] = form return render(request, 'member/login.html', { 'form': form, 'csrf_tk': csrf_tk }) profile = get_object_or_404(Profile, user=user) if not user.is_active: messages.error( request, _( 'Vous n\'avez pas encore activé votre compte, ' 'vous devez le faire pour pouvoir vous ' 'connecter sur le site. Regardez dans vos ' 'mails : {}.' ).format(user.email) ) elif not profile.can_read_now(): messages.error( request, _( 'Vous n\'êtes pas autorisé à vous connecter ' 'sur le site, vous avez été banni par un ' 'modérateur.' ) ) else: login(request, user) request.session['get_token'] = generate_token() if 'remember' not in request.POST: request.session.set_expiry(0) profile.last_ip_address = get_client_ip(request) profile.save() # Redirect the user if needed. # Set the cookie for Clem smileys. # (For people switching account or clearing cookies # after a browser session.) try: response = redirect(resolve(next_page).url_name) except NoReverseMatch: response = redirect(next_page) except Resolver404: response = redirect(reverse('homepage')) set_old_smileys_cookie(response, profile) return response if next_page is not None: form.helper.form_action += '?next=' + next_page csrf_tk['error'] = error csrf_tk['form'] = form return render(request, 'member/login.html', { 'form': form, 'csrf_tk': csrf_tk })
def login_view(request): """Logs user in.""" next_page = request.GET.get("next", "/") if next_page in [ reverse("member-login"), reverse("register-member"), reverse("member-logout") ]: next_page = "/" csrf_tk = {"next_page": next_page} csrf_tk.update(csrf(request)) error = False if request.method != "POST": form = LoginForm() else: form = LoginForm(request.POST) if form.is_valid(): username = form.cleaned_data["username"] password = form.cleaned_data["password"] user = authenticate(username=username, password=password) if user is None: initial = {"username": username} if User.objects.filter(username=username).exists(): messages.error( request, _("Le mot de passe saisi est incorrect. " "Cliquez sur le lien « Mot de passe oublié ? » " "si vous ne vous en souvenez plus."), ) else: messages.error( request, _("Ce nom d’utilisateur est inconnu. " "Si vous ne possédez pas de compte, " "vous pouvez vous inscrire."), ) form = LoginForm(initial=initial) if next_page is not None: form.helper.form_action += "?next=" + next_page csrf_tk["error"] = error csrf_tk["form"] = form return render(request, "member/login.html", { "form": form, "csrf_tk": csrf_tk }) profile = get_object_or_404(Profile, user=user) if not user.is_active: messages.error( request, _("Vous n'avez pas encore activé votre compte, " "vous devez le faire pour pouvoir vous " "connecter sur le site. Regardez dans vos " "mails : {}.").format(user.email), ) elif not profile.can_read_now(): messages.error( request, _("Vous n'êtes pas autorisé à vous connecter " "sur le site, vous avez été banni par un " "modérateur."), ) else: login(request, user) request.session["get_token"] = generate_token() if "remember" not in request.POST: request.session.set_expiry(0) profile.last_ip_address = get_client_ip(request) profile.save() # Redirect the user if needed. # Set the cookie for Clem smileys. # (For people switching account or clearing cookies # after a browser session.) try: response = redirect(resolve(next_page).url_name) except NoReverseMatch: response = redirect(next_page) except Resolver404: response = redirect(reverse("homepage")) return response if next_page is not None: form.helper.form_action += "?next=" + next_page csrf_tk["error"] = error csrf_tk["form"] = form return render(request, "member/login.html", { "form": form, "csrf_tk": csrf_tk, "next_page": next_page })