def activate(request, username="", user="******", token=""):
user = int(user)
try:
user = User.objects.get(pk=user)
current_activation = user.activation
# Run checks
user_ban = Ban.objects.check_ban(username=user.username, email=user.email)
if user_ban:
return error_banned(request, user, user_ban)
if user.activation == User.ACTIVATION_NONE:
return redirect_message(request, messages.INFO, _("%(username)s, your account is already active.") % {'username': user.username})
if user.activation == User.ACTIVATION_ADMIN:
return redirect_message(request, messages.INFO, _("%(username)s, only board administrator can activate your account.") % {'username': user.username})
if not token or not user.token or user.token != token:
return redirect_message(request, messages.ERROR, _("%(username)s, your activation link is invalid. Try again or request new activation e-mail.") % {'username': user.username})
# Activate and sign in our member
user.activation = User.ACTIVATION_NONE
sign_user_in(request, user)
# Update monitor
User.objects.resync_monitor()
if current_activation == User.ACTIVATION_CREDENTIALS:
return redirect_message(request, messages.SUCCESS, _("%(username)s, your account has been successfully reactivated after change of sign-in credentials.") % {'username': user.username})
else:
return redirect_message(request, messages.SUCCESS, _("%(username)s, your account has been successfully activated. Welcome aboard!") % {'username': user.username})
except User.DoesNotExist:
return error404(request)
def activate(request, username="", user="******", token=""):
user = int(user)
try:
user = User.objects.get(pk=user)
current_activation = user.activation
# Run checks
user_ban = Ban.objects.check_ban(username=user.username, email=user.email)
if user_ban:
return error_banned(request, user, user_ban)
if user.activation == User.ACTIVATION_NONE:
return redirect_message(request, Message(_("%(username)s, your account is already active.") % {'username': user.username}), 'info')
if user.activation == User.ACTIVATION_ADMIN:
return redirect_message(request, Message(_("%(username)s, only board administrator can activate your account.") % {'username': user.username}), 'info')
if not token or not user.token or user.token != token:
return redirect_message(request, Message(_("%(username)s, your activation link is invalid. Try again or request new activation e-mail.") % {'username': user.username}), 'error')
# Activate and sign in our member
user.activation = User.ACTIVATION_NONE
sign_user_in(request, user)
# Update monitor
User.objects.resync_monitor(request.monitor)
if current_activation == User.ACTIVATION_CREDENTIALS:
return redirect_message(request, Message(_("%(username)s, your account has been successfully reactivated after change of sign-in credentials.") % {'username': user.username}), 'success')
else:
return redirect_message(request, Message(_("%(username)s, your account has been successfully activated. Welcome aboard!") % {'username': user.username}), 'success')
except User.DoesNotExist:
return error404(request)
def form(request):
if settings.account_activation == "block":
return redirect_message(
request, messages.INFO, _("We are sorry but we don't allow new members registrations at this time.")
)
message = None
if request.method == "POST":
form = UserRegisterForm(request.POST, request=request)
if form.is_valid():
need_activation = 0
if settings.account_activation == "user":
need_activation = User.ACTIVATION_USER
if settings.account_activation == "admin":
need_activation = User.ACTIVATION_ADMIN
new_user = User.objects.create_user(
form.cleaned_data["username"],
form.cleaned_data["email"],
form.cleaned_data["password"],
ip=request.session.get_ip(request),
agent=request.META.get("HTTP_USER_AGENT"),
activation=need_activation,
request=request,
)
if need_activation == User.ACTIVATION_NONE:
# Sign in user
sign_user_in(request, new_user)
messages.success(
request,
_("Welcome aboard, %(username)s! Your account has been registered successfully.")
% {"username": new_user.username},
)
if need_activation == User.ACTIVATION_USER:
# Mail user activation e-mail
messages.info(
request,
_(
"%(username)s, your account has been registered, but you will have to activate it before you will be able to sign-in. We have sent you an e-mail with activation link."
)
% {"username": new_user.username},
)
new_user.email_user(
request,
"users/activation/user",
_("Welcome aboard, %(username)s!") % {"username": new_user.username},
)
if need_activation == User.ACTIVATION_ADMIN:
# Require admin activation
messages.info(
request,
_(
"%(username)s, Your account has been registered, but you won't be able to sign in until board administrator accepts it. We'll notify when this happens. Thank you for your patience!"
)
% {"username": new_user.username},
)
new_user.email_user(
request,
"users/activation/admin",
_("Welcome aboard, %(username)s!") % {"username": new_user.username},
{"password": form.cleaned_data["password"]},
)
User.objects.resync_monitor()
return redirect(reverse("index"))
else:
message = Message(form.non_field_errors()[0], messages.ERROR)
if settings.registrations_jams:
SignInAttempt.objects.register_attempt(request.session.get_ip(request))
# Have we jammed our account?
if SignInAttempt.objects.is_jammed(request.session.get_ip(request)):
request.jam.expires = timezone.now()
return redirect(reverse("register"))
else:
form = UserRegisterForm(request=request)
return render_to_response(
"register.html",
{"message": message, "form": form, "hide_signin": True},
context_instance=RequestContext(request),
)
def form(request):
if request.settings['account_activation'] == 'block':
return redirect_message(
request,
Message(
_("We are sorry but we don't allow new members registrations at this time."
)), 'info')
message = None
if request.method == 'POST':
form = UserRegisterForm(request.POST, request=request)
if form.is_valid():
need_activation = 0
if request.settings['account_activation'] == 'user':
need_activation = User.ACTIVATION_USER
if request.settings['account_activation'] == 'admin':
need_activation = User.ACTIVATION_ADMIN
new_user = User.objects.create_user(
form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
ip=request.session.get_ip(request),
agent=request.META.get('HTTP_USER_AGENT'),
activation=need_activation,
request=request)
if need_activation == User.ACTIVATION_NONE:
# Sign in user
sign_user_in(request, new_user)
request.messages.set_flash(
Message(
_("Welcome aboard, %(username)s! Your account has been registered successfully."
) % {'username': new_user.username}), 'success')
if need_activation == User.ACTIVATION_USER:
# Mail user activation e-mail
request.messages.set_flash(
Message(
_("%(username)s, your account has been registered, but you will have to activate it before you will be able to sign-in. We have sent you an e-mail with activation link."
) % {'username': new_user.username}), 'info')
new_user.email_user(
request,
'users/activation/user',
_("Welcome aboard, %(username)s!") %
{'username': new_user.username},
)
if need_activation == User.ACTIVATION_ADMIN:
# Require admin activation
request.messages.set_flash(
Message(
_("%(username)s, Your account has been registered, but you won't be able to sign in until board administrator accepts it. We'll notify when this happens. Thank you for your patience!"
) % {'username': new_user.username}), 'info')
new_user.email_user(
request, 'users/activation/admin',
_("Welcome aboard, %(username)s!") %
{'username': new_user.username},
{'password': form.cleaned_data['password']})
User.objects.resync_monitor(request.monitor)
return redirect(reverse('index'))
else:
message = Message(form.non_field_errors()[0], 'error')
if request.settings['registrations_jams']:
SignInAttempt.objects.register_attempt(
request.session.get_ip(request))
# Have we jammed our account?
if SignInAttempt.objects.is_jammed(
request.settings, request.session.get_ip(request)):
request.jam.expires = timezone.now()
return redirect(reverse('register'))
else:
form = UserRegisterForm(request=request)
return request.theme.render_to_response(
'register.html', {
'message': message,
'form': FormLayout(form),
'hide_signin': True,
},
context_instance=RequestContext(request))
def form(request):
if request.settings['account_activation'] == 'block':
return redirect_message(request, Message(_("We are sorry but we don't allow new members registrations at this time.")), 'info')
message = None
if request.method == 'POST':
form = UserRegisterForm(request.POST, request=request)
if form.is_valid():
need_activation = 0
if request.settings['account_activation'] == 'user':
need_activation = User.ACTIVATION_USER
if request.settings['account_activation'] == 'admin':
need_activation = User.ACTIVATION_ADMIN
new_user = User.objects.create_user(
form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
ip=request.session.get_ip(request),
agent=request.META.get('HTTP_USER_AGENT'),
activation=need_activation,
request=request
)
if need_activation == User.ACTIVATION_NONE:
# Sign in user
sign_user_in(request, new_user)
request.messages.set_flash(Message(_("Welcome aboard, %(username)s! Your account has been registered successfully.") % {'username': new_user.username}), 'success')
if need_activation == User.ACTIVATION_USER:
# Mail user activation e-mail
request.messages.set_flash(Message(_("%(username)s, your account has been registered, but you will have to activate it before you will be able to sign-in. We have sent you an e-mail with activation link.") % {'username': new_user.username}), 'info')
new_user.email_user(
request,
'users/activation/user',
_("Welcome aboard, %(username)s!") % {'username': new_user.username},
)
if need_activation == User.ACTIVATION_ADMIN:
# Require admin activation
request.messages.set_flash(Message(_("%(username)s, Your account has been registered, but you won't be able to sign in until board administrator accepts it. We'll notify when this happens. Thank you for your patience!") % {'username': new_user.username}), 'info')
new_user.email_user(
request,
'users/activation/admin',
_("Welcome aboard, %(username)s!") % {'username': new_user.username},
{'password': form.cleaned_data['password']}
)
User.objects.resync_monitor(request.monitor)
return redirect(reverse('index'))
else:
message = Message(form.non_field_errors()[0], 'error')
if request.settings['registrations_jams']:
SignInAttempt.objects.register_attempt(request.session.get_ip(request))
# Have we jammed our account?
if SignInAttempt.objects.is_jammed(request.settings, request.session.get_ip(request)):
request.jam.expires = timezone.now()
return redirect(reverse('register'))
else:
form = UserRegisterForm(request=request)
return request.theme.render_to_response('register.html',
{
'message': message,
'form': FormLayout(form),
'hide_signin': True,
},
context_instance=RequestContext(request));
def run(request, user): return sign_user_in(request, user)
def signin(request):
message = request.messages.get_message('security')
bad_password = False
not_active = False
banned_account = False
if request.method == 'POST':
form = SignInForm(
request.POST,
show_remember_me=not request.firewall.admin and settings.remember_me_allow,
request=request
)
if form.is_valid():
try:
# Configure correct auth and redirect links
if request.firewall.admin:
auth_method = auth_admin
success_redirect = reverse(site.get_admin_index())
else:
auth_method = auth_forum
success_redirect = reverse('index')
# Authenticate user
user = auth_method(
request,
form.cleaned_data['user_email'],
form.cleaned_data['user_password'],
)
sign_user_in(request, user)
remember_me_token = False
if not request.firewall.admin and settings.remember_me_allow and form.cleaned_data['user_remember_me']:
remember_me_token = random_string(42)
remember_me = Token(
id=remember_me_token,
user=user,
created=timezone.now(),
accessed=timezone.now(),
)
remember_me.save()
if remember_me_token:
request.cookiejar.set('TOKEN', remember_me_token, True)
messages.success(request, _("Welcome back, %(username)s!") % {'username': user.username}, 'security')
return redirect(success_redirect)
except AuthException as e:
message = Message(e.error, messages.ERROR)
bad_password = e.password
banned_account = e.ban
not_active = e.activation
# If not in Admin, register failed attempt
if not request.firewall.admin and e.type == auth.CREDENTIALS:
SignInAttempt.objects.register_attempt(request.session.get_ip(request))
# Have we jammed our account?
if SignInAttempt.objects.is_jammed(request.session.get_ip(request)):
request.jam.expires = timezone.now()
return redirect(reverse('sign_in'))
else:
message = Message(form.non_field_errors()[0], messages.ERROR)
else:
form = SignInForm(
show_remember_me=not request.firewall.admin and settings.remember_me_allow,
request=request
)
return render_to_response('signin.html',
{
'message': message,
'bad_password': bad_password,
'banned_account': banned_account,
'not_active': not_active,
'form': form,
'hide_signin': True,
},
context_instance=RequestContext(request));
