def user(request):
if not request.user.is_authenticated():
messages.error(request, "Authentication required to access account information.")
return redirect("/")
u = User.objects.get(username=request.user)
if request.method == "POST":
pform = SetPasswordForm(user=u, data=request.POST)
if pform.is_valid():
pform.save()
messages.success(request, "Password Updated.")
#else:
# messages.warning(request, "Invalid Password.")
mform = UserEmailForm(request.POST)
if mform.is_valid():
m = mform.cleaned_data["email"]
if m != u.email:
u.email = m
u.save()
messages.success(request, "Email Address Updated.")
else:
messages.warning(request, "Invalid Email Address.")
return redirect(".")
#rc = RequestContext(request, {
c = {
'form': QueryForm(),
'authform': AuthenticationForm(),
'passform': SetPasswordForm(request.user),
'emailform': UserEmailForm(instance=u),
'redirect': request.path,
}
#return render_to_response("account.html", rc)
return render(request, "account.html", c)
def password_change(request,
template_name='usuario/perfil/cambiar_clave.html',
current_app=None, extra_context=None, expresion=None, tipo_mensaje=None, mensaje=None, palabra_clave=None):
context = {}
context.update(csrf(request))
# Determinar cuál formulario usar.
# 'Asignar' no necesita contraseña anterior
# 'Cambiar' necesita contraseña anterior
accion = ''
if palabra_clave == 'asignar':
form = SetPasswordForm(user=request.user, data=request.POST or None)
accion = 'cambiada'
elif palabra_clave == 'cambiar':
accion = 'actualizada'
form = PasswordChangeForm(user=request.user, data=request.POST or None)
if form.is_valid():
form.save()
mensaje = u'Contraseña %s exitosamente' %(accion)
tipo_mensaje = 'success'
else:
tipo_mensaje = 'error'
for error in form.errors:
mensaje = form.errors['%s' %(error)].as_text().replace('* ','')
(tipo_mensaje, expresion) = msj_expresion(tipo_mensaje)
context.update({'formulario':form})
context.update({'request':request})
context.update({'mensaje':mensaje})
context.update({'tipo_mensaje':tipo_mensaje})
context.update({'expresion':expresion})
return render_to_response(template_name, context)
def manager_update(request, id=None):
user = User.objects.get(pk=id)
user.save()
if request.method == "POST":
passForm = SetPasswordForm(user=user, data=request.POST)
if passForm.is_valid():
passForm.save()
messages.info(request, f"Password Changed")
return redirect('adminPage')
form = UpdateUserForm(request.POST, instance=user)
if form.is_valid():
data = form.cleaned_data['email']
if "@crowdstrike.com" in data:
form.save()
return redirect('adminPage') #Not sure
else:
msg = 'Please use a crowdstrike email'
form._errors['email'] = form.error_class([msg])
else:
passForm = SetPasswordForm(user=user)
form = UpdateUserForm(instance=user)
context = {'form': form, 'passForm': passForm}
return render(request, 'update_manager.html', context)
def forgot(request):
if request.method == 'POST':
ema = request.POST['email']
if (User.objects.filter(email=ema).exists()):
user = User.objects.get(email=ema)
data = {
'new_password1': request.POST['password'],
'new_password2': request.POST['password2']
}
form = SetPasswordForm(user, data)
if form.is_valid():
form.save()
return render(request, "login.html",
{'message': 'password successfully changed.'})
else:
return render(request, 'resetpassword.html', {
'message':
'Password change unsuccessful. Please try again'
})
else:
return render(
request, "resetpassword.html",
{'message': 'User with specified email doesnot exist'})
else:
return render(request, 'resetpassword.html')
def resetPassword(self, request):
uidb64 = request.POST.get("uidb64")
token = request.POST.get("token")
password1 = request.POST.get("password1")
password2 = request.POST.get("password2")
try:
uid = urlsafe_base64_decode(uidb64)
user = User._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
token_generator = default_token_generator
if user is not None and token_generator.check_token(user, token):
context = {"status": 0}
form = SetPasswordForm(user, request.POST)
if form.is_valid():
user = form.save()
else:
context["status"] = -1
context["errors"] = []
for k, v in form.errors.items():
context["errors"].append(v.as_text())
return HttpResponse(json.dumps(context),
content_type="application/json")
else:
context = {"status": -1}
context["errors"].append(u'密码重置链接已失效')
return HttpResponse(json.dumps(context), status=403)
def resetPassword(request, resetStr):
filter_kwargs = {
'codestr__exact': resetStr,
}
selection = passwordreset.objects.filter(**filter_kwargs)
if len(selection)>0:
slot = selection[0]
user = User.objects.get(username=slot.username)
now = dt.datetime.now()
slottime = slot.requesttime
slottime = slottime.replace(tzinfo=None)
diff = now - slottime
diff_seconds = diff.total_seconds()
if diff_seconds<(60*60*24):
form = SetPasswordForm(user=user)
if request.method=='POST':
form = SetPasswordForm(data=request.POST, user=user)
if form.is_valid():
form.save()
messages.info(request, f"Your password has been changed.")
return redirect('userlogin')
context = {'form': form,
'resetStr':resetStr,}
return render(request, 'registration/resetpassword.html', context)
return redirect('userlogin')
def change_pass(request):
try:
if request.method == "GET":
fb = fb_utils.FBConnect(request.GET.get('code', ''), change_pass)
if fb.userid != request.user.fbprofile.fb_userid:
messages.error(request, "Your facebook account did not" +\
" match the one registered with LitHub.")
return redirect('bookswap.views.my_account')
request.session['fb_password_uuid'] = str(uuid4())
form = SetPasswordForm(user=request.user)
post_uuid = request.POST.get('uuid', '')
if request.method=="POST" and post_uuid and \
post_uuid == request.session["fb_password_uuid"]:
form = SetPasswordForm(request.user, request.POST)
if form.is_valid():
form.save()
request.session['fb_password_uuid'] = ""
messages.success(request, "Your password was "+\
"successfully changed.")
return redirect("bookswap.views.my_account")
return render(request, "fbconnect/password_change.html",
{'form':form, 'uuid':request.session["fb_password_uuid"]},)
except ObjectDoesNotExist:
messages.error(request, "Your facebook account was not recognized.")
except ValueError:
messages.error(request, "There was an error getting your " +\
"information from facebook.")
return redirect('bookswap.views.my_account')
def change_password(request,
domain,
login_id,
template="users/partial/reset_password.html"):
# copied from auth's password_change
commcare_user = CommCareUser.get_by_user_id(login_id, domain)
json_dump = {}
if not commcare_user:
raise Http404()
django_user = commcare_user.get_django_user()
if request.method == "POST":
form = SetPasswordForm(user=django_user, data=request.POST)
if form.is_valid() and (request.project.password_format() != 'n' or
request.POST.get('new_password1').isnumeric()):
form.save()
json_dump['status'] = 'OK'
form = SetPasswordForm(user=django_user)
else:
form = SetPasswordForm(user=django_user)
context = _users_context(request, domain)
context.update({
'reset_password_form': form,
})
json_dump['formHTML'] = render_to_string(template, context)
return HttpResponse(json.dumps(json_dump))
def new_password(request, uidb64, token):
if request.method != "POST":
return JsonResponse({"status": 405}, status=405)
user = _get_user_by_uidb64(uidb64)
if user is None or not token_generator.check_token(user, token):
return JsonResponse(
{
"status": 400,
"error": "Invalid activation uid/token"
},
status=400)
data = None
if request.content_type.startswith('application/json'):
data = json.load(request)
else:
data = request.POST
form = SetPasswordForm(user, data=data)
if not form.is_valid():
return JsonResponse(form.errors, status=400)
form.save()
return JsonResponse({"status": 200})
def user_password(request, user_id=None, template="user/password.html"):
user = request.user
if not user.is_superuser:
return render_403(
request,
_('Only superusers have access to the change \
password form.'))
user_edit = get_object_or_404(User, id=user_id)
if request.method == "POST":
form = SetPasswordForm(user=user_edit, data=request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('user-list'))
else:
form = SetPasswordForm(user=user_edit)
return render_to_response(
template,
{
'form': form,
'username': user_edit,
},
context_instance=RequestContext(request),
)
def updateProfile(request):
perm = general_methods.control_access(request)
if not perm:
logout(request)
return redirect('accounts:login')
user = request.user
user_form = DisabledUserForm(request.POST or None, instance=user)
password_form = SetPasswordForm(request.user, request.POST)
if request.method == 'POST':
if password_form.is_valid():
user.set_password(password_form.cleaned_data['new_password1'])
user.save()
update_session_auth_hash(request, user)
messages.success(request, 'Şifre Başarıyla Güncellenmiştir.')
aktif = general_methods.controlGroup(request)
if aktif == "Admin":
log = str(user.get_full_name()) + " admin sifre guncellendi"
log = general_methods.logwrite(request, request.user, log)
return redirect('sbs:admin-profil-guncelle')
elif aktif == "Arsiv":
log = str(
user.get_full_name()) + " arsiv yönetici sifre guncellendi"
log = general_methods.logwrite(request, request.user, log)
return redirect('sbs:evrak-anasayfa')
else:
messages.warning(request, 'Alanları Kontrol Ediniz')
return render(request, 'admin/admin-profil-guncelle.html', {
'user_form': user_form,
'password_form': password_form
})
def post(self, request,username):
# Create a serializer with request.DATA
serializer = self.serializer_class(data=request.DATA)
old_password = request.DATA.get('old_password','')
new_password1 = request.DATA.get('new_password1', '')
new_password2 = request.DATA.get('new_password2', '')
user = authenticate(username=username, password=old_password)
result = {}
result['errCode'] = 10000
result['errDesc'] = errMsg[10000]
if user is None:
result['errCode'] = 10003
result['errDesc'] = errMsg[10003]
return Response(result, status=status.HTTP_200_OK)
if not old_password or not new_password1 or not new_password2:
result['errCode'] = 10018
result['errDesc'] = errMsg[10018]
return Response(result, status=status.HTTP_200_OK)
if serializer.is_valid():
# Construct the SetPasswordForm instance
form = SetPasswordForm(user=user, data=serializer.data)
if form.is_valid():
form.save()
# Return the success message with OK HTTP status
return Response(result, status=status.HTTP_200_OK)
result['errCode'] = 10004
result['errDesc'] = errMsg[10004]
logger.debug(serializer.errors)
return Response(result, status=status.HTTP_200_OK)
def reset_password(request, uidb36, token):
try:
uid_int = base36_to_int(uidb36)
except ValueError:
raise Http404
user = get_object_or_404(User, id=uid_int)
if user and default_token_generator.check_token(user, token):
form = SetPasswordForm(user=user, data=request.POST or None)
if form.is_valid():
user = form.save()
messages.success(request, 'Kata sandi baru anda berhasil disimpan')
return redirect('website:accounts:login')
else:
messages.warning(request, 'Maaf, permintaan atur ulang kata sandi sudah'
'kadaluarsa. Silahkan coba lagi')
return redirect('website:accounts:login')
context = {
'title': 'Atur Ulang',
'form': form,
'page': 'reset-password'
}
return render(request, 'accounts/form.html', context)
def password_reset_confirm(request, uidb36=None, token=None):
token_generator = default_token_generator
try:
uid_int = base36_to_int(uidb36)
user = User.objects.get(id=uid_int)
except (ValueError, User.DoesNotExist):
user = None
if user is not None and token_generator.check_token(user, token):
validlink = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
messages.success(request, _(u'Пароль изменён'))
return redirect('/')
else:
form = SetPasswordForm(None)
else:
validlink = False
form = None
context = {
'form': form,
'validlink': validlink,
}
return render(request, 'account/password_reset_confirm.html', context)
def newpasswordset(request):
if request.user.has_usable_password():
return HttpResponseRedirect(reverse('all-poll'))
else:
try:
if request.method == 'POST':
form = SetPasswordForm(data=request.POST, user=request.user)
if form.is_valid():
form.save()
update_session_auth_hash(request, form.user)
messages.success(request,
f'Password has been set sucessfully')
return HttpResponseRedirect(reverse('all-poll'))
else:
messages.warning(
request,
f'Password is similar to username or is invalid')
return HttpResponseRedirect(reverse('password_new_set'))
else:
form = SetPasswordForm(user=request.user)
context = {
'form': form,
}
return render(request, 'poll/set-new-password.html', context)
except Exception:
messages.warning(
request, f'Some technical error has occured pls try again')
return HttpResponseRedirect(reverse('password_new_set'))
def confirm_reset_password(request, username, confirmation_code):
logout(request)
tagging = RecipientUserTagging.get_or_none(user__username=username)
error = None
if not tagging:
error = "Unknown username"
#elif tagging.is_confirmed:
# error = "Registration is already complete."
elif not tagging.confirm(confirmation_code):
error = "Error confirming confirmation_code %s" % confirmation_code
else:
if request.POST:
form = SetPasswordForm(tagging.user, request.POST)
if form.is_valid():
form.save()
success = tagging.confirm(confirmation_code)
if not success:
return render_response(request, 'procrasdonate/recipient_organizer_pages/account/confirmation_error.html', locals())
user = authenticate(username=username, password=form.cleaned_data['new_password1'])
if user.is_active:
login(request, user)
user.message_set.create(message='Password reset complete!')
return HttpResponseRedirect(reverse('recipient_organizer_dashboard'))
else:
return HttpResponseRedirect(reverse('login'))
form = SetPasswordForm(tagging.user)
instructions = """Enter a new password. It can be whatever you want, but it will
be more secure if you use numbers and uppercase letters in addition to lowercase letters."""
return render_response(request, 'procrasdonate/recipient_organizer_pages/account/confirm.html', locals())
def reset_password_input(request, uid):
""" Reset password and save user model """
try:
user = CustomUser.objects.get(pk=uid)
except CustomUser.DoesNotExist:
return render(request, 'message.html',
{'message': 'User ID is invalid.'})
context = {
'form': SetPasswordForm(user),
'action': '/auth/reset/change/{0}/'.format(uid),
'button_text': 'Change password'
}
context.update(csrf(request))
if request.POST:
new_password = SetPasswordForm(user, request.POST)
if new_password.is_valid():
new_password.save()
return render(
request, 'message.html', {
'message':
'Your password has been set. You may go ahead and sign in now.'
})
else:
context['form'] = new_password
return render(request, 'form.html', context)
class PasswordResetConfirmSerializer(serializers.Serializer):
"""
邮件重置密码
验证用户信息,保存新密码
"""
new_password1 = serializers.CharField(max_length=128)
new_password2 = serializers.CharField(max_length=128)
uid = serializers.CharField()
token = serializers.CharField()
set_password_form_class = SetPasswordForm
_errors = {}
def validate(self, attrs):
try:
uid = force_text(urlsafe_base64_decode(attrs['uid']))
self.user = UserModel._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
raise exceptions.ValidationError({"value_error": "Uid is invalid"})
self.set_password_form = SetPasswordForm(user=self.user, data=attrs)
if not self.set_password_form.is_valid():
raise serializers.ValidationError(self.set_password_form.errors)
if not default_token_generator.check_token(self.user, attrs['token']):
raise exceptions.ValidationError({"value_error": "Token is invalid"})
return attrs
def save(self):
return self.set_password_form.save()
def password_reset_confirm(request, key):
template_name = 'doctor/password_reset_confirm.html'
contexto = {}
reset = get_object_or_404(PasswordReset, key = key)
form = SetPasswordForm(user = reset.user, data = request.POST or None)
if form.is_valid():
MIN_LENGTH = 8
password1 = form.cleaned_data['new_password1']
# At least one letter and one non-letter
first_isalpha = password1[0].isalpha()
if all(c.isalpha() == first_isalpha for c in password1):
messages.success(request,'A senha deve conter pelo menos uma letra e pelo menos um dígito ou "\
"um caractere de pontuação.')
form = SetPasswordForm(user = reset.user, data = request.POST)
# At least MIN_LENGTH long
elif len(password1) < MIN_LENGTH:
messages.success(request,'A senha deve ter %d caracteres no mínimo.' % MIN_LENGTH)
form = SetPasswordForm(user = reset.user, data = request.POST)
else:
form.save()
contexto['success'] = True
messages.success(request,'Sua senha foi criada com sucesso')
contexto['form'] = form
return render(request,template_name,contexto)
def password_reset_confirm(request, uidb36=None, token=None):
token_generator = default_token_generator
try:
uid_int = base36_to_int(uidb36)
user = User.objects.get(id=uid_int)
except (ValueError, User.DoesNotExist):
user = None
if user is not None and token_generator.check_token(user, token):
validlink = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
messages.success(request, _(u'Пароль изменён'))
return redirect('/')
else:
form = SetPasswordForm(None)
else:
validlink = False
form = None
context = {
'form': form,
'validlink': validlink,
}
return render(request, 'account/password_reset_confirm.html', context)
def change_password(request):
if not password_management_enabled():
raise Http404
can_change_password = request.user.has_usable_password()
if can_change_password:
if request.POST:
form = SetPasswordForm(request.user, request.POST)
if form.is_valid():
form.save()
update_session_auth_hash(request, form.user)
messages.success(request, _("Your password has been changed successfully!"))
return redirect('wagtailadmin_account')
else:
form = SetPasswordForm(request.user)
else:
form = None
return render(request, 'wagtailadmin/account/change_password.html', {
'form': form,
'can_change_password': can_change_password,
})
def test_password_whitespace_not_stripped(self):
user = User.objects.get(username="******")
data = {"new_password1": " password ", "new_password2": " password "}
form = SetPasswordForm(user, data)
self.assertTrue(form.is_valid())
self.assertEqual(form.cleaned_data["new_password1"], data["new_password1"])
self.assertEqual(form.cleaned_data["new_password2"], data["new_password2"])
def post(self, request):
form = SetPasswordForm(request.user, request.POST)
if not form.is_valid():
pass
user = form.save()
update_session_auth_hash(request, user)
return redirect('articles:article-list')
def mutate(cls, _, info, **kwargs):
data = {
'uid': kwargs.get('uid'),
'token': kwargs.get('token'),
'new_password1': kwargs.get('password'),
'new_password2': kwargs.get('password')
}
try:
uid = force_text(uid_decoder(data['uid']))
user = User.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
raise ValueError('The uid is not valid.')
form = SetPasswordForm(user=user, data=data)
if not form.is_valid() or not token_generator.check_token(user, data['token']):
raise ValueError("The token is not valid.")
form.save()
change_password_confirmation.send(sender=User, user=user, request=info.context)
token = get_token(user, info.context)
payload = get_payload(token, info.context)
return cls(user=user, token=token, payload=payload)
def password_reset_confirm(request, uidb36=None, token=None):
"""View that checks the hash in a password reset link and presents a
form for entering a new password.
Based on django.contrib.auth.views.
"""
try:
uid_int = base36_to_int(uidb36)
except ValueError:
raise Http404
user = get_object_or_404(User, id=uid_int)
context = {}
if default_token_generator.check_token(user, token):
context['validlink'] = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('users.pw_reset_complete'))
else:
form = SetPasswordForm(None)
else:
context['validlink'] = False
form = None
context['form'] = form
return render(request, 'users/pw_reset_confirm.html', context)
def reset_view(request, user_id, pwreset_key):
try:
user = Account.objects.get(id=user_id)
except Account.DoesNotExist:
user = None
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
user.pwreset = False
user.save()
return render(request, 'accounts/reset_success.html')
context = {
'form': form,
}
return render(request, 'accounts/set_pass.html', context)
if user is not None:
if pwreset_key == user.pwreset_key and user.pwreset:
if timezone.now() > user.pwreset_expires:
baseurl = settings.SITE_BASE_URL + "/accounts/new_activation_link/"
context = {
'user_id': user.id,
'baseurl': baseurl,
}
return render(request, 'accounts/pwkey_expired.html', context)
else:
form = SetPasswordForm(user)
context = {
'form': form,
}
return render(request, 'accounts/set_pass.html', context)
return render(request, 'accounts/error.html')
def profile(request):
"""
Shows a user's profile page, where they can set various options on their account.
"""
password_form = SetPasswordForm(request.user)
profile_form = ''
current_org = request.session['current_org'] if 'current_org' in request.session.keys() else ''
if current_org:
profile = UserProfile.objects.get(user=request.user, org=current_org)
profile_form = ProfileForm(instance=profile)
if request.method == 'POST':
if 'password' in request.POST: # changing password
password_form = SetPasswordForm(request.user, request.POST)
if password_form.is_valid():
password_form.save()
request.user.message_set.create(message="s|Your password was successfully changed.")
return HttpResponseRedirect(reverse('profile'))
else:
request.user.message_set.create(message="e|There was a problem with your submission. Refer to the messages below and try again.")
elif 'profile' in request.POST: # changing prefs
profile_form = ProfileForm(request.POST, instance=profile)
if profile_form.is_valid():
profile_form.save()
request.user.message_set.create(message="s|Your profile was successfully saved.")
return render_to_response( 'profile.html', {
'password_form': password_form,
'profile_form': profile_form,
'current_org': current_org
}, context_instance=RequestContext(request))
def user_password(request):
name = _("Update Password")
if request.method == 'POST':
form = SetPasswordForm(request.user, request.POST)
if form.is_valid():
form.save()
messages.success(request, _("Password successfully updated."))
return HttpResponseRedirect(reverse('home'))
else:
# The form is invalid
messages.error(
request, _("Please correct the errors in the form."))
return render(request,
'djmongo/console/generic/bootstrapform.html',
{'form': form,
'name': name,
})
# this is a GET
context = {'name': name,
'form': SetPasswordForm(user=request.user)
}
return render(request, 'djmongo/console/generic/bootstrapform.html',
context)
def change_password(request):
if request.method == "POST":
form = SetPasswordForm(user=request.user, data=request.POST)
if form.is_valid():
form.save()
callback_js = "$('#ModalChangePassword').modal('hide');"
return HttpResponse(
json.dumps({
'result': 'success',
'callback_js': callback_js
}))
else:
response = {}
for k in form.errors:
response[k] = form.errors[k][0]
return HttpResponse(
json.dumps({
'response': response,
'result': 'error'
}))
else:
form = SetPasswordForm(user=request.user)
return render(request, 'account/modal_change_password.html',
{'form': form})
def post(self, request, **kwargs):
""" Reset learner password using passed token and new credentials """
reset_status = False
uidb36 = kwargs.get('uidb36')
token = kwargs.get('token')
has_required_values, uid_int = self._check_token_has_required_values(uidb36, token)
if not has_required_values:
AUDIT_LOG.exception("Invalid password reset confirm token")
return Response({'reset_status': reset_status})
request.data._mutable = True # lint-amnesty, pylint: disable=protected-access
request.data['new_password1'] = normalize_password(request.data['new_password1'])
request.data['new_password2'] = normalize_password(request.data['new_password2'])
password = request.data['new_password1']
try:
user = User.objects.get(id=uid_int)
if not default_token_generator.check_token(user, token):
AUDIT_LOG.exception("Token validation failed")
return Response({'reset_status': reset_status})
validate_password(password, user=user)
form = SetPasswordForm(user, request.data)
if form.is_valid():
form.save()
reset_status = True
if 'is_account_recovery' in request.GET:
try:
old_primary_email = user.email
user.email = user.account_recovery.secondary_email
user.account_recovery.delete()
# emit an event that the user changed their secondary email to the primary email
tracker.emit(
SETTING_CHANGE_INITIATED,
{
"setting": "email",
"old": old_primary_email,
"new": user.email,
"user_id": user.id,
}
)
user.save()
except ObjectDoesNotExist:
err = 'Account recovery process initiated without AccountRecovery instance for user {username}'
log.error(err.format(username=user.username))
send_password_reset_success_email(user, request)
except ValidationError as err:
AUDIT_LOG.exception("Password validation failed")
error_status = {
'reset_status': reset_status,
'err_msg': ' '.join(err.messages)
}
return Response(error_status)
except Exception: # pylint: disable=broad-except
AUDIT_LOG.exception("Setting new password failed")
return Response({'reset_status': reset_status})
def change_password(request):
can_change_password = request.user.has_usable_password()
if can_change_password:
if request.POST:
form = SetPasswordForm(request.user, request.POST)
if form.is_valid():
form.save()
if django.VERSION >= (1, 7):
from django.contrib.auth import update_session_auth_hash
update_session_auth_hash(request, form.user)
messages.success(request, _("Your password has been changed successfully!"))
return redirect('wagtailadmin_account')
else:
form = SetPasswordForm(request.user)
else:
form = None
return render(request, 'wagtailadmin/account/change_password.html', {
'form': form,
'can_change_password': can_change_password,
})
def password_reset_confirm(request, key):
try:
reset = PasswordReset.objects.get(key=key)
user = reset.user
except PasswordReset.DoesNotExist:
user = None
if user is not None:
validlink = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
reset.delete()
return redirect('accounts.password_reset_done')
else:
form = SetPasswordForm(None)
else:
validlink = False
form = None
return render(request, 'accounts/password_reset_confirm.j.html', {
'validlink': validlink,
'form': form
})
def password_reset_confirm(request, uidb36=None, token=None):
"""View that checks the hash in a password reset link and presents a
form for entering a new password.
Based on django.contrib.auth.views.
"""
try:
uid_int = base36_to_int(uidb36)
except ValueError:
raise Http404
user = get_object_or_404(User, id=uid_int)
context = {}
if default_token_generator.check_token(user, token):
context['validlink'] = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse('users.pw_reset_complete'))
else:
form = SetPasswordForm(None)
else:
context['validlink'] = False
form = None
context['form'] = form
return render(request, 'users/pw_reset_confirm.html', context)
def password_reset_confirm(request, uidb64=None, token=None):
if request.user.is_authenticated():
return HttpResponseRedirect(reverse("index"))
context = {}
UserModel = get_user_model()
assert uidb64 is not None and token is not None
try:
uid = force_text(urlsafe_base64_decode(uidb64))
user = UserModel._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
valid_link = True
title = _("Enter new password")
if request.method == "POST":
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return HttpResponseRedirect(reverse("players:password_reset_complete"))
else:
form = SetPasswordForm(user)
else:
valid_link = False
title = _("Password reset failed")
form = None
context.update({"form": form, "title": title, "valid_link": valid_link})
context.update({"request": request})
return render(request, "players/password_reset/confirm.html", context)
def set_password(request):
# This shows the signup form and displays errors
if request.method == 'POST':
# This form has been filled in by the user
form = SetPasswordForm(request.user, request.POST)
if form.is_valid():
form.save()
logger.debug('Set password for ' + request.user.email)
# Set a message and redirect
# Django logs the user out after successful password set :( WTF
# Crazy hack: http://stackoverflow.com/questions/15192808/django-automatic-login-after-user-registration-1-4
request.user.backend = "django.contrib.auth.backends.ModelBackend"
auth_login(request, request.user)
message = "Your password has been set!"
messages.add_message(request, messages.SUCCESS, message)
logger.debug(message)
return redirect('accounts:profile')
else:
# initial, empty form
form = SetPasswordForm(user=request.user)
context = {
'form': form,
}
return render(request, 'registration/password_set_form.html', context)
def password_reset_confirm(request, uidb36=None, token=None):
"""
View that checks the hash in a password reset link and presents a
form for entering a new password.
"""
assert uidb36 is not None and token is not None # checked by URLconf
post_reset_redirect = reverse('django.contrib.auth.views.password_reset_complete')
try:
uid_int = base36_to_int(uidb36)
user = User.objects.get(pk=uid_int)
except (ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
validlink = True
if request.method == 'POST':
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
return JsonResponse({'status': True, 'redirect': post_reset_redirect})
else:
status = False
else:
form = SetPasswordForm(None)
status = True
else:
raise Http404
context = {'form': form, 'validlink': validlink, 'uidb36': uidb36, 'token': token}
if request.is_ajax():
return JsonResponse({'status': status, 'template': render_to_string(
'account/password_reset/confirm_form.html', context, context_instance=RequestContext(request))})
return TemplateResponse(request, 'account/password_reset/confirm_container.html', context)
def profileupdate(request):
## profile update form
if request.method == 'POST' and 'profileupdate' in request.POST:
profileform = ProfileUpdateForm(request.POST, request.FILES, instance=request.user)
if profileform.is_valid():
profileform.save()
messages.success(request, 'Profile details updated')
return HttpResponseRedirect(reverse('profile-update'))
else:
profileform = ProfileUpdateForm(instance=request.user)
## password change form
if request.method == 'POST' and 'passwordchange' in request.POST:
passwordform = SetPasswordForm(request.user, request.POST)
if passwordform.is_valid():
passwordform.save()
messages.success(request, 'Password changed')
return HttpResponseRedirect(reverse('profile-update') + '#body')
else:
passwordform = SetPasswordForm(request.user)
return render(request, 'accounts/update.html', {
'profileform': profileform,
'passwordform': passwordform,
})
def change_password(request):
if not password_management_enabled():
raise Http404
can_change_password = request.user.has_usable_password()
if can_change_password:
if request.POST:
form = SetPasswordForm(request.user, request.POST)
if form.is_valid():
form.save()
update_session_auth_hash(request, form.user)
messages.success(request, _("Your password has been changed successfully!"))
return redirect('wagtailadmin_account')
else:
form = SetPasswordForm(request.user)
else:
form = None
return render(request, 'wagtailadmin/account/change_password.html', {
'form': form,
'can_change_password': can_change_password,
})
def reset_password(request):
if request.user.is_authenticated():
return HttpResponse(status=400)
uidb36 = request.POST['uidb36']
token = request.POST['token']
try:
uid_int = base36_to_int(uidb36)
user = User.objects.get(id=uid_int)
except (ValueError, ObjectDoesNotExist):
user = None
if user is not None and default_token_generator.check_token(user, token):
form = SetPasswordForm(user, request.POST)
if form.is_valid():
form.save()
user = auth.authenticate(
username=user.username,
password=request.POST['new_password1'])
auth.login(request, user)
return HttpResponse(JSON_SUCCESS)
else:
return get_json_errors(form.errors)
else:
return HttpResponse(status=400)
def resetpassword(self,request):
uidb64 = self.request.POST.get("uidb64","")
token = self.request.POST.get("token","")
password1 = self.request.POST.get("password1","")
password2 = self.request.POST.get("password2","")
try:
uid = urlsafe_base64_decode(uidb64)
user = User.objects.get(id=uid)
except (TypeError,ValueError,OverflowError,User.DoesNotExist):
user = None
token_generator = default_token_generator
if user is not None and token_generator.check_token(user,token):
form = SetPasswordForm(user,request.POST)
error = []
if form.is_valid():
user = form.save()
else:
#如果表单不正确,保存错误到errors列表中
for k,v in form.errors.items():
errors.append(v.as_text())
else:
return HttpResponse("密码重设失败!\n密码重置链接无效,可能因为它已使用。可以请求一次新的密码重设.",status=403)
def resetpassword(self, request):
uidb64 = self.request.POST.get("uidb64", "")
token = self.request.POST.get("token", "")
password1 = self.request.POST.get("password1", "")
password2 = self.request.POST.get("password2", "")
try:
uid = urlsafe_base64_decode(uidb64)
user = User.objects.get(id=uid)
except (TypeError, ValueError, OverflowError, User.DoesNotExist):
user = None
token_generator = default_token_generator
if user is not None and token_generator.check_token(user, token):
form = SetPasswordForm(user, request.POST)
error = []
if form.is_valid():
user = form.save()
else:
#如果表单不正确,保存错误到errors列表中
for k, v in form.errors.items():
errors.append(v.as_text())
else:
return HttpResponse("密码重设失败!\n密码重置链接无效,可能因为它已使用。可以请求一次新的密码重设.",
status=403)
def updateProfile(request):
perm = general_methods.control_access(request)
if not perm:
logout(request)
return redirect('accounts:login')
user = request.user
user_form = DisabledUserForm(request.POST or None, instance=user)
password_form = SetPasswordForm(request.user, request.POST)
if request.method == 'POST':
if password_form.is_valid():
user.set_password(password_form.cleaned_data['new_password1'])
user.save()
update_session_auth_hash(request, user)
messages.success(request, 'Şifre Başarıyla Güncellenmiştir.')
return redirect('wushu:admin-profil-guncelle')
else:
messages.warning(request, 'Alanları Kontrol Ediniz')
return render(request, 'admin/admin-profil-guncelle.html', {
'user_form': user_form,
'password_form': password_form
})
def resetpassword(self, request):
uidb64 = self.request.POST.get("uidb64", "")
token = self.request.POST.get("token", "")
password1 = self.request.POST.get("password1", "")
password2 = self.request.POST.get("password2", "")
try:
uid = urlsafe_base64_decode(uidb64)
user = VmaigUser._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, VmaigUser.DoesNotExist):
user = None
token_generator = default_token_generator
if user is not None and token_generator.check_token(user, token):
form = SetPasswordForm(user, request.POST)
errors = []
if form.is_valid():
user = form.save()
else:
#如果表单不正确,保存错误到errors列表中
for k, v in form.errors.items():
#v.as_text() 详见django.forms.util.ErrorList 中
errors.append(v.as_text())
mydict = {"errors": errors}
return HttpResponse(json.dumps(mydict),
content_type="application/json")
else:
logger.error(u'[UserControl]用户重置密码连接错误:[%s]/[%s]' % (uid64, token))
return HttpResponse("密码重设失败!\n密码重置链接无效,可能是因为它已使用。可以请求一次新的密码重置.",
status=403)
def account_verified(request):
group = Group.objects.get(name='verified')
if group in request.user.groups.all():
messages.error(request, 'This account has already been verified')
return redirect('index')
else:
if request.method == 'POST':
form = SetPasswordForm(request.user, request.POST)
if form.is_valid():
user = form.save()
update_session_auth_hash(request, user) # Important!
# the user should be added to the People object of data inventory
# user_instance = User.objects.get(pk=user.id) #for some reason, the create() method does not want to accept the user instance
# new_person = inventory_models.Person.objects.create(
# user=user_instance,
# full_name="{}, {}".format(user.last_name, user.first_name),
# organization_id=6
# )
user.groups.add(group)
messages.success(request,
'Your password was successfully updated!')
return redirect('index')
else:
form = SetPasswordForm(request.user)
return render(request, 'registration/account_verified.html',
{'form': form})
def update(request, id):
user = User.objects.get(id=id)
if request.POST:
user_form = UserForm(request.POST, instance=user)
setpassword_form = SetPasswordForm(user, request.POST)
new_password1 = request.POST.get('new_password1', '')
new_password2 = request.POST.get('new_password2', '')
if not new_password1 and not new_password2:
if user_form.is_valid():
user_form.save()
return HttpResponseRedirect(reverse('account_index'))
else:
if user_form.is_valid() and setpassword_form.is_valid():
user_form.save()
setpassword_form.save()
return HttpResponseRedirect(reverse('account_index'))
else:
user_form = UserForm(instance=user)
setpassword_form = SetPasswordForm(user)
return {
'user_form':user_form,
'setpassword_form':setpassword_form,
'id':id
}
def reset_password_new_user(request, uidb36, token):
"""
Checks the link the user clicked and prompts for a new password
:param request: the standard request given by Django
:param uidb36: the id's hash
:param token: token created dynamically
"""
try:
uid_int = base36_to_int(uidb36)
user = User.objects.get(pk=uid_int)
except (ValueError, OverflowError, User.DoesNotExist):
user = None
if user is not None and not user.has_usable_password() \
and default_token_generator.check_token(user, token):
validlink = True
if request.method == "POST":
form = SetPasswordForm(user, request.POST)
if form.is_valid():
user = form.save()
user.is_active = True
user.save()
user.backend = 'django.contrib.auth.backends.ModelBackend'
login(request, user)
return HttpResponseRedirect(reverse('index'))
else:
form = SetPasswordForm(None)
else:
validlink = False
form = None
return render(request, 'registration/reset_password_complete.html', {
'form': form,
'validlink': validlink
})
def test_password_verification(self):
# The two new passwords do not match.
user = User.objects.get(username="******")
data = {"new_password1": "abc123", "new_password2": "abc"}
form = SetPasswordForm(user, data)
self.assertFalse(form.is_valid())
self.assertEqual(form["new_password2"].errors, [force_unicode(form.error_messages["password_mismatch"])])
def reset_password(request, hash):
"""Perform a password change.
If the request method is set to GET and the hash matches a form
will be displayed to the user allowing the password change.
If the request method is POST the user password will be changed
to the newly set data.
"""
profile = get_object_or_404(UserProfile, verification_hash=hash)
user = profile.user
form = SetPasswordForm(profile.user)
template_data = {"form": form, "hash": hash}
if request.method == "GET":
return render_to_response("account_change_password.html", template_data, RequestContext(request))
form = SetPasswordForm(user, request.POST)
template_data.update({"form": form})
if not form.is_valid():
return render_to_response("account_change_password.html", template_data, RequestContext(request))
profile.verification_hash = "verified"
profile.save()
user.set_password(form.cleaned_data.get("new_password1"))
user.save()
template_data.update({"msg": _(u"Password changed successfully!"), "msg_css_class": "success"})
return render_to_response("account_message.html", template_data, RequestContext(request))
def post(self, request, *args, **kwargs):
"""
request associate profile
"""
response_data = {}
response_data['status'] = True
if request.is_ajax():
user_id = request.POST.get('user_id')
try:
if request.POST.get('associate'):
user = User.objects.get(id=user_id)
else:
store_user = StoreAccountProfile.objects.get(id=user_id)
user = User.objects.get(id=store_user.user.id)
password_form = SetPasswordForm(user, request.POST)
if password_form.is_valid():
password = password_form.cleaned_data.get('new_password1')
user.set_password(password)
user.save()
else:
response_data['status'] = False
response_data['errors'] = password_form.errors
except User.DoesNotExist:
response_data['status'] = False
return HttpResponse(json.dumps(response_data), content_type="application/json")
def resetpassword(self, request):
uidb64 = self.request.POST.get("uidb64", "")
token = self.request.POST.get("token", "")
password1 = self.request.POST.get("password1", "")
password2 = self.request.POST.get("password2", "")
try:
uid = urlsafe_base64_decode(uidb64)
user = JoklinUser._default_manager.get(pk=uid)
except (TypeError, ValueError, OverflowError, JoklinUser.DoesNotExist):
user = None
token_generator = default_token_generator
if user is not None and token_generator.check_token(user, token):
form = SetPasswordForm(user, request.POST)
errors = []
if form.is_valid():
user = form.save()
else:
# 如果表单不正确,保存错误到errors列表中
for k, v in form.errors.items():
# v.as_text() 详见django.forms.util.ErrorList 中
errors.append(v.as_text())
mydict = {"errors": errors}
return HttpResponse(json.dumps(mydict), content_type="application/json")
else:
logger.error(u"[UserControl]用户重置密码连接错误:[{}]/[{}]".format(uid64, token))
return HttpResponse(u"密码重设失败!\n密码重置链接无效,可能是因为它已使用。可以请求一次新的密码重置.", status=403)
def confirm_reset_password(request, username, confirmation_code):
logout(request)
tagging = RecipientUserTagging.get_or_none(user__username=username)
error = None
if not tagging:
error = "Unknown username"
#elif tagging.is_confirmed:
# error = "Registration is already complete."
elif not tagging.confirm(confirmation_code):
error = "Error confirming confirmation_code %s" % confirmation_code
else:
if request.POST:
form = SetPasswordForm(tagging.user, request.POST)
if form.is_valid():
form.save()
success = tagging.confirm(confirmation_code)
if not success:
return render_response(request, 'procrasdonate/recipient_organizer_pages/account/confirmation_error.html', locals())
user = authenticate(username=username, password=form.cleaned_data['new_password1'])
if user.is_active:
login(request, user)
user.message_set.create(message='Password reset complete!')
return HttpResponseRedirect(reverse('recipient_organizer_dashboard'))
else:
return HttpResponseRedirect(reverse('login'))
form = SetPasswordForm(tagging.user)
instructions = """Enter a new password. It can be whatever you want, but it will
be more secure if you use numbers and uppercase letters in addition to lowercase letters."""
return render_response(request, 'procrasdonate/recipient_organizer_pages/account/confirm.html', locals())
def mutate_and_get_payload(cls, input, request, info):
errors = []
UserModel = User._meta.model
try:
# urlsafe_base64_decode() decodes to bytestring on Python 3
uid = force_text(urlsafe_base64_decode(input.get('uidb64')))
user = UserModel.objects.get(pk=uid)
except (TypeError, ValueError, OverflowError, UserModel.DoesNotExist):
user = None
if user and default_token_generator.check_token(user, input.get('token')):
form = SetPasswordForm(user=user, data=input)
if form.is_valid():
user = form.save(commit=False)
user.save(request=request)
# workarout to re authenticate the user
# when as change the user on the DB it gets disconected
user.backend = settings.DEFAULT_AUTHENTICATION_BACKENDS
auth_login(request, user)
else:
errors = form_erros(form, errors)
else:
errors.append(Error(
code='password_reset_incorrect_token',
message=_('Password reset failed')
))
return PasswordResetComplete(errors=errors)
def change_pass(request):
code = request.GET.get('code', '')
if code:
try:
uid = fb_utils.get_userid(code, change_pass)
if uid != request.user.fbprofile.fb_userid:
messages.error(request, "Your facebook account did not" +\
" match the one registered with LitHub.")
return redirect('bookswap.views.my_account')
form = SetPasswordForm(user=request.user)
if request.method=="POST":
form = SetPasswordForm(request.user, request.POST)
if form.is_valid():
form.save()
messages.success(request, "Your password was "+\
"successfully changed.")
return redirect("bookswap.views.my_account")
return render(request, "fbconnect/password_change.html",
{'form':form},)
except ObjectDoesNotExist:
return redirect('bookswap.views.my_account')
except ValueError:
return render(request, "fbconnect/code_error.html")
else:
messages.error(request, "There was an error getting your " +\
"information from facebook.")
return redirect('django.contrib.auth.views.login')
def new_password(request, activation_key):
"""
Display form for recovering password
**Context**
set password Form
**Template:**
:template:`new_password.html`
"""
try:
embigo_user = EmbigoUser.objects.get(activation_key=activation_key)
if embigo_user.key_expires > timezone.now() and embigo_user.hash_type == "PASSWORD_HASH":
if request.method == 'POST':
form = SetPasswordForm(embigo_user.user, request.POST)
if form.is_valid():
embigo_user.activation_key = None
embigo_user.save()
form.save()
context = {'message': "Twoje hasło zostało zmienione"}
return render(request, 'confirmation.html', context)
else:
form = SetPasswordForm(embigo_user.user)
context = {'form': form}
return render(request, 'new_password.html', context)
else:
context = {'message': "Błąd, podany link jest nieaktywny."}
except ObjectDoesNotExist:
context = {'message': "Błąd, podany link jest nieaktywny."}
return render(request, 'confirmation.html', context)
def confirm_email(request, key):
"""Confirm Email
receives a key and tries to confirm it
if the key is valid, reload the page with a form to set their passwords
when the user submits the password, set it as key's owner password, confirm the key and login the user
"""
# Get the key's owner
manager = EmailManager.find_key(key)
# If the key does not exist or was already used, redirect to index and tell them that
if not manager or manager.is_active:
messages.add_message(request, messages.SUCCESS,
'Chave de ativação inválida ou já usada.')
return redirect(index)
# If the user is submitting their new passwords(POST)
if request.method == 'POST':
# Load the data
form = SetPasswordForm(manager.user, request.POST)
# If the password is valid
if form.is_valid():
# try to confirm the key
user = EmailManager.confirm(key)
# if the key was confirmed
if user.is_active:
form = SetPasswordForm(user, request.POST)
form.is_valid()
form.save()
# Login the new user and validate their accounts
login(request, user)
messages.add_message(request, messages.SUCCESS,
'Sua conta foi ativada com sucesso!')
return redirect(profile)
# if the key was not confirmed
else:
messages.add_message(request, messages.SUCCESS,
'Não foi possível confirmar seu email!')
# If the user just clicked the activation link, generate a password form
else:
form = SetPasswordForm(manager.user)
return render(request, 'maro_auth/set_password.html', {
'form': form,
'key': key
})
class Edit(generic.edit.UpdateView):
"""
User profile editing
"""
template_name = 'identity/edit.html'
form_class = UserEditForm
success_url = reverse_lazy('homepage')
model = Identity
@method_decorator(never_cache)
@method_decorator(login_required)
def dispatch(self, request, *args, **kwargs):
return super(Edit, self).dispatch(request, *args, **kwargs)
def get(self, request, *args, **kwargs):
self.password_form = SetPasswordForm(user=request.user)
return super(Edit, self).get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
self.object = self.get_object()
forms_valid = True
change_password = False
form = self.get_form(self.get_form_class())
if not form.is_valid():
forms_valid = False
if self.request.POST.get('new_password1'):
change_password = True
self.password_form = SetPasswordForm(
data=request.POST, user=request.user)
if not self.password_form.is_valid():
forms_valid = False
else:
self.password_form = SetPasswordForm(user=request.user)
if forms_valid:
form.save()
if change_password:
self.password_form.save()
self.notifications_form.save()
return HttpResponseRedirect(self.get_success_url())
else:
return self.render_to_response(
self.get_context_data(form=form))
def get_object(self):
return self.request.user
def get_context_data(self, **kwargs):
return super(Edit, self).get_context_data(
password_form=self.password_form,
notifications_form=self.notifications_form,
**kwargs
)
def test_success(self):
user = User.objects.get(username='******')
data = {
'new_password1': 'abc123',
'new_password2': 'abc123',
}
form = SetPasswordForm(user, data)
self.assertTrue(form.is_valid())
def post(self, request, **kwargs):
user_token = request.GET.get('user_token')
user = get_object_or_404(MyUser, id=user_token)
form = SetPasswordForm(user)
if form.is_valid():
form.save()
login(request, user)
return redirect('/profile/')
def test_success(self):
user = User.objects.get(username='******')
data = {
'new_password1': 'abc123',
'new_password2': 'abc123',
}
form = SetPasswordForm(user, data)
self.assertTrue(form.is_valid())
def test_correct_password(self):
form = SetPasswordForm(user=self.user,
data={
"new_password1": "1pasSword#",
"new_password2": "1pasSword#"
})
self.assertTrue(form.is_valid())
