def test_view_activate_banned(self):
"""activate banned user shows error"""
test_user = UserModel.objects.create_user(
'Bob', '*****@*****.**', 'Pass.123', requires_activation=1
)
Ban.objects.create(
check_type=Ban.USERNAME,
banned_value='bob',
user_message='Nope!',
)
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse(
'misago:activate-by-token',
kwargs={
'pk': test_user.pk,
'token': activation_token,
}
)
)
self.assertContains(response, encode_json_html("<p>Nope!</p>"), status_code=403)
test_user = UserModel.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 1)
def send_link(request):
form = ResendActivationForm(request.DATA)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Change %(user)s password "
"on %(forum_title)s forums")
subject_formats = {
'user': requesting_user.username,
'forum_title': settings.forum_name
}
mail_subject = mail_subject % subject_formats
confirmation_token = make_activation_token(requesting_user)
mail_user(request, requesting_user, mail_subject,
'misago/emails/change_password_form_link',
{'confirmation_token': confirmation_token})
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email
})
else:
return Response(form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST)
def send_activation(request):
"""
POST /auth/send-activation/ with CSRF token and email
will mail account activation link to requester
"""
form = ResendActivationForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Activate %(user)s account on %(forum_name)s forums") % {
'user': requesting_user.username,
'forum_name': settings.forum_name,
}
mail_user(
request,
requesting_user,
mail_subject,
'misago/emails/activation/by_user',
{
'activation_token': make_activation_token(requesting_user),
},
)
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email,
})
else:
return Response(
form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST,
)
def test_activate_view_returns_200(self):
"""activate account view returns 200"""
User = get_user_model()
test_user = User.objects.create_user('Bob', '*****@*****.**', 'Pass.123')
response = self.client.get(
reverse('misago:activate_by_token',
kwargs={
'user_id': test_user.id,
'token': make_activation_token(test_user)
}))
self.assertEqual(response.status_code, 200)
# test invalid user
response = self.client.get(
reverse('misago:activate_by_token',
kwargs={
'user_id': 7681,
'token': 'a7d8sa97d98sa798dsa'
}))
self.assertEqual(response.status_code, 200)
# test invalid token
response = self.client.get(
reverse('misago:activate_by_token',
kwargs={
'user_id': test_user.id,
'token': 'asd79as87ds9a8d7sa'
}))
self.assertEqual(response.status_code, 200)
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
def test_view_activate_banned(self):
"""activate banned user shows error"""
test_user = UserModel.objects.create_user('Bob',
'*****@*****.**',
'Pass.123',
requires_activation=1)
Ban.objects.create(
check_type=Ban.USERNAME,
banned_value='bob',
user_message='Nope!',
)
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse('misago:activate-by-token',
kwargs={
'pk': test_user.pk,
'token': activation_token,
}))
self.assertContains(response,
encode_json_html("<p>Nope!</p>"),
status_code=403)
test_user = UserModel.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 1)
def send_activation(request):
"""
POST /auth/send-activation/ with CSRF token and email
will mail account activation link to requester
"""
serializer = ResendActivationSerializer(data=request.data)
serializer.is_valid(raise_exception=True)
serializer.raise_if_banned()
user = serializer.validated_data['user']
mail_subject = _("Activate %(user)s account on %(forum_name)s forums") % {
'user': user.username,
'forum_name': settings.forum_name,
}
mail_user(
request,
user,
mail_subject,
'misago/emails/activation/by_user',
{
'activation_token': make_activation_token(user),
},
)
return Response({
'username': user.username,
'email': user.email,
})
def test_activate_view_returns_200(self):
"""activate account view returns 200"""
User = get_user_model()
test_user = User.objects.create_user('Bob', '*****@*****.**', 'Pass.123')
response = self.client.get(
reverse('misago:activate_by_token', kwargs={
'user_id': test_user.id,
'token': make_activation_token(test_user)
}))
self.assertEqual(response.status_code, 200)
# test invalid user
response = self.client.get(
reverse('misago:activate_by_token', kwargs={
'user_id': 7681,
'token': 'a7d8sa97d98sa798dsa'
}))
self.assertEqual(response.status_code, 200)
# test invalid token
response = self.client.get(
reverse('misago:activate_by_token', kwargs={
'user_id': test_user.id,
'token': 'asd79as87ds9a8d7sa'
}))
self.assertEqual(response.status_code, 200)
def send_activation(request):
"""
POST /auth/send-activation/ with CSRF token and email
will mail account activation link to requester
"""
form = ResendActivationForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Activate %(user)s account on %(forum_name)s forums") % {
'user': requesting_user.username,
'forum_name': settings.forum_name,
}
mail_user(
request,
requesting_user,
mail_subject,
'misago/emails/activation/by_user',
{
'activation_token': make_activation_token(requesting_user),
},
)
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email,
})
else:
return Response(
form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST,
)
def request_activation(request):
form = ResendActivationForm()
if request.method == "POST":
form = ResendActivationForm(request.POST)
if form.is_valid():
requesting_user = form.user_cache
request.session["activation_sent_to"] = requesting_user.pk
mail_subject = _("Account activation on %(forum_title)s forums")
mail_subject = mail_subject % {"forum_title": settings.forum_name}
activation_token = make_activation_token(requesting_user)
mail_user(
request,
requesting_user,
mail_subject,
"misago/emails/activation/by_user",
{"activation_token": activation_token},
)
return redirect("misago:activation_sent")
return render(request, "misago/activation/request.html", {"form": form})
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
def test_submit_inactive_user(self):
"""validate link api errors for inactive user"""
self.user.requires_activation = 1
self.user.save()
response = self.client.post(
self.link % (self.user.id, make_activation_token(self.user)))
self.assertEqual(response.status_code, 200)
self.user.requires_activation = 2
self.user.save()
response = self.client.post(
self.link % (self.user.id, make_activation_token(self.user)))
self.assertEqual(response.status_code, 400)
self.assertIn('Bob, only administrator may activate your account.',
response.content)
def test_submit_valid(self):
"""activate user api returns success and activates user"""
response = self.client.post(
self.link % (self.user.id, make_activation_token(self.user)))
self.assertEqual(response.status_code, 200)
self.assertIn(self.user.username, response.content)
user = get_user_model().objects.get(id=self.user.id)
self.assertFalse(user.requires_activation)
def test_submit_active_user(self):
"""validate link api errors for active user"""
self.user.requires_activation = 0
self.user.save()
response = self.client.post(
self.link % (self.user.id, make_activation_token(self.user)))
self.assertEqual(response.status_code, 400)
self.assertIn('Bob, your account is already active.', response.content)
def test_submit_banned(self):
"""activate user api errors for banned user"""
Ban.objects.create(check_type=BAN_USERNAME,
banned_value=self.user.username,
user_message='Nope!')
response = self.client.post(
self.link % (self.user.id, make_activation_token(self.user)))
self.assertEqual(response.status_code, 400)
self.assertIn('Activation link has expired.', response.content)
def test_submit_valid(self):
"""activate user api returns success and activates user"""
response = self.client.post(self.link % (
self.user.id,
make_activation_token(self.user)
))
self.assertEqual(response.status_code, 200)
self.assertIn(self.user.username, response.content)
user = get_user_model().objects.get(id=self.user.id)
self.assertFalse(user.requires_activation)
def setUp(self):
User = get_user_model()
self.user = User.objects.create_user('Bob', '*****@*****.**', 'Pass.123')
self.user.requires_activation = 1
self.user.save()
self.link = reverse('misago:api:activation_validate_token',
kwargs={
'user_id': self.user.id,
'token': make_activation_token(self.user)
})
def test_submit_active_user(self):
"""validate link api errors for active user"""
self.user.requires_activation = 0
self.user.save()
response = self.client.post(self.link % (
self.user.id,
make_activation_token(self.user)
))
self.assertEqual(response.status_code, 400)
self.assertIn('Bob, your account is already active.',
response.content)
def test_submit_inactive_user(self):
"""validate link api errors for inactive user"""
self.user.requires_activation = 1
self.user.save()
response = self.client.post(self.link % (
self.user.id,
make_activation_token(self.user)
))
self.assertEqual(response.status_code, 200)
self.user.requires_activation = 2
self.user.save()
response = self.client.post(self.link % (
self.user.id,
make_activation_token(self.user)
))
self.assertEqual(response.status_code, 400)
self.assertIn('Bob, only administrator may activate your account.',
response.content)
def test_submit_banned(self):
"""activate user api errors for banned user"""
Ban.objects.create(check_type=BAN_USERNAME,
banned_value=self.user.username,
user_message='Nope!')
response = self.client.post(self.link % (
self.user.id,
make_activation_token(self.user)
))
self.assertEqual(response.status_code, 400)
self.assertIn('Activation link has expired.', response.content)
def test_view_activate_active(self):
"""activate active user shows error"""
User = get_user_model()
test_user = User.objects.create_user('Bob', '*****@*****.**', 'Pass.123')
activation_token = make_activation_token(test_user)
response = self.client.get(reverse('misago:activate-by-token', kwargs={
'pk': test_user.pk,
'token': activation_token,
}))
self.assertEqual(response.status_code, 200)
test_user = User.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 0)
def test_view_activate_active(self):
"""activate active user shows error"""
User = get_user_model()
test_user = User.objects.create_user('Bob', '*****@*****.**', 'Pass.123')
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse('misago:activate_by_token',
kwargs={'user_id': test_user.pk,
'token': activation_token}))
self.assertEqual(response.status_code, 302)
test_user = User.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 0)
def test_view_activate_inactive(self):
"""activate inactive user passess"""
User = get_user_model()
test_user = User.objects.create_user('Bob', '*****@*****.**', 'Pass.123',
requires_activation=1)
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse('misago:activate_by_token',
kwargs={'user_id': test_user.pk,
'token': activation_token}))
self.assertEqual(response.status_code, 302)
test_user = User.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 0)
def test_view_activate_invalid_token(self):
"""activate with invalid token shows error"""
User = get_user_model()
test_user = User.objects.create_user('Bob', '*****@*****.**', 'Pass.123',
requires_activation=1)
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse('misago:activate_by_token',
kwargs={'user_id': test_user.pk,
'token': activation_token + 'acd'}))
self.assertEqual(response.status_code, 400)
test_user = User.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 1)
def test_view_activate_disabled(self):
"""activate disabled user shows error"""
test_user = UserModel.objects.create_user('Bob',
'*****@*****.**',
'Pass.123',
is_active=False)
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse('misago:activate-by-token',
kwargs={
'pk': test_user.pk,
'token': activation_token,
}))
self.assertEqual(response.status_code, 404)
def test_view_activate_inactive(self):
"""activate inactive user passess"""
User = get_user_model()
test_user = User.objects.create_user('Bob', '*****@*****.**', 'Pass.123',
requires_activation=1)
activation_token = make_activation_token(test_user)
response = self.client.get(reverse('misago:activate-by-token', kwargs={
'pk': test_user.pk,
'token': activation_token,
}))
self.assertEqual(response.status_code, 200)
self.assertIn("your account has been activated!", response.content)
test_user = User.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 0)
def test_view_activate_banned(self):
"""activate banned user shows error"""
User = get_user_model()
test_user = User.objects.create_user('Bob', '*****@*****.**', 'Pass.123',
requires_activation=1)
Ban.objects.create(test=BAN_USERNAME, banned_value='bob',
user_message='Nope!')
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse('misago:activate_by_token',
kwargs={'user_id': test_user.pk,
'token': activation_token}))
self.assertEqual(response.status_code, 302)
test_user = User.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 1)
def test_view_activate_disabled(self):
"""activate disabled user shows error"""
test_user = UserModel.objects.create_user(
'Bob', '*****@*****.**', 'Pass.123', is_active=False
)
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse(
'misago:activate-by-token',
kwargs={
'pk': test_user.pk,
'token': activation_token,
}
)
)
self.assertEqual(response.status_code, 404)
def test_view_activate_invalid_token(self):
"""activate with invalid token shows error"""
test_user = UserModel.objects.create_user('Bob',
'*****@*****.**',
'Pass.123',
requires_activation=1)
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse('misago:activate-by-token',
kwargs={
'pk': test_user.pk,
'token': activation_token + 'acd',
}))
self.assertEqual(response.status_code, 400)
test_user = UserModel.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 1)
def send_welcome_email(request, user):
mail_subject = _("Welcome on %(forum_name)s forums!")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
if user.requires_activation:
activation_token = make_activation_token(user)
activation_by_admin = user.requires_activation_by_admin
activation_by_user = user.requires_activation_by_user
mail_user(
request, user, mail_subject, 'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
else:
mail_user(request, user, mail_subject,
'misago/emails/register/complete')
def test_view_activate_inactive(self):
"""activate inactive user passess"""
test_user = UserModel.objects.create_user('Bob',
'*****@*****.**',
'Pass.123',
requires_activation=1)
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse('misago:activate-by-token',
kwargs={
'pk': test_user.pk,
'token': activation_token,
}))
self.assertEqual(response.status_code, 200)
self.assertContains(response, "your account has been activated!")
test_user = UserModel.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 0)
def test_view_activate_inactive(self):
"""activate inactive user passess"""
User = get_user_model()
test_user = User.objects.create_user('Bob',
'*****@*****.**',
'Pass.123',
requires_activation=1)
activation_token = make_activation_token(test_user)
response = self.client.get(
reverse('misago:activate_by_token',
kwargs={
'user_id': test_user.pk,
'token': activation_token
}))
self.assertEqual(response.status_code, 200)
self.assertIn("your account has been activated!", response.content)
test_user = User.objects.get(pk=test_user.pk)
self.assertEqual(test_user.requires_activation, 0)
def send_activation(request):
form = ResendActivationForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Activate %(user)s account "
"on %(forum_title)s forums")
subject_formats = {'user': requesting_user.username,
'forum_title': settings.forum_name}
mail_subject = mail_subject % subject_formats
mail_user(request, requesting_user, mail_subject,
'misago/emails/activation/by_user',
{'activation_token': make_activation_token(requesting_user)})
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email
})
else:
return Response(form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST)
def send_activation(request):
form = ResendActivationForm(request.data)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Activate %(user)s account "
"on %(forum_title)s forums")
subject_formats = {'user': requesting_user.username,
'forum_title': settings.forum_name}
mail_subject = mail_subject % subject_formats
mail_user(request, requesting_user, mail_subject,
'misago/emails/activation/by_user',
{'activation_token': make_activation_token(requesting_user)})
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email
})
else:
return Response(form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST)
def request_activation(request):
form = ResendActivationForm()
if request.method == 'POST':
form = ResendActivationForm(request.POST)
if form.is_valid():
requesting_user = form.user_cache
request.session['activation_sent_to'] = requesting_user.pk
mail_subject = _("Account activation on %(forum_title)s forums")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
activation_token = make_activation_token(requesting_user)
mail_user(
request, requesting_user, mail_subject,
'misago/emails/activation/by_user',
{'activation_token': activation_token})
return redirect('misago:activation_sent')
return render(request, 'misago/activation/request.html',
{'form': form})
def send_link(request):
form = ResendActivationForm(request.DATA)
if form.is_valid():
requesting_user = form.user_cache
mail_subject = _("Change %(user)s password "
"on %(forum_title)s forums")
subject_formats = {'user': requesting_user.username,
'forum_title': settings.forum_name}
mail_subject = mail_subject % subject_formats
confirmation_token = make_activation_token(requesting_user)
mail_user(request, requesting_user, mail_subject,
'misago/emails/change_password_form_link',
{'confirmation_token': confirmation_token})
return Response({
'username': form.user_cache.username,
'email': form.user_cache.email
})
else:
return Response(form.get_errors_dict(),
status=status.HTTP_400_BAD_REQUEST)
def create_endpoint(request):
if settings.account_activation == 'closed':
raise PermissionDenied(_("New users registrations are currently closed."))
form = RegisterForm(request.data, request=request)
try:
if form.is_valid():
captcha.test_request(request)
except ValidationError as e:
form.add_error('captcha', e)
if not form.is_valid():
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {'requires_activation': UserModel.ACTIVATION_USER}
elif settings.account_activation == 'admin':
activation_kwargs = {'requires_activation': UserModel.ACTIVATION_ADMIN}
try:
new_user = UserModel.objects.create_user(
form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs
)
except IntegrityError:
return Response(
{
'__all__': _("Please try resubmitting the form.")
},
status=status.HTTP_400_BAD_REQUEST,
)
mail_subject = _("Welcome on %(forum_name)s forums!")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email, password=form.cleaned_data['password']
)
login(request, authenticated_user)
mail_user(request, new_user, mail_subject, 'misago/emails/register/complete')
return Response({
'activation': 'active',
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject, 'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
}
)
if activation_by_admin:
activation_method = 'admin'
else:
activation_method = 'user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
def create_endpoint(request):
if settings.account_activation == 'closed':
raise PermissionDenied(
_("New users registrations are currently closed."))
form = RegisterForm(request.data)
try:
captcha.test_request(request)
except forms.ValidationError as e:
form.add_error('captcha', e)
if not form.is_valid():
return Response(form.errors, status=status.HTTP_400_BAD_REQUEST)
try:
validate_new_registration(request.user_ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied registration attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(request.user_ip,
staff_message=staff_message,
length={'days': 14})
raise PermissionDenied(
_("Your IP address is banned from registering on this site."))
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {'requires_activation': ACTIVATION_REQUIRED_USER}
elif settings.account_activation == 'admin':
activation_kwargs = {'requires_activation': ACTIVATION_REQUIRED_ADMIN}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email, password=form.cleaned_data['password'])
login(request, authenticated_user)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return Response({
'activation': 'active',
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject, 'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
if activation_by_admin:
activation_method = 'admin'
else:
activation_method = 'user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
try:
validate_new_registration(request.user.ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied as e:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied register attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(request.user.ip,
staff_message=staff_message,
length={'days': 1})
raise e
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
def register(request):
SecuredForm = add_captcha_to_form(RegisterForm, request)
form = SecuredForm()
if request.method == 'POST':
form = SecuredForm(request.POST)
if form.is_valid():
try:
validate_new_registration(
request.user.ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied as e:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied register attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
ban_ip(request.user.ip, staff_message=staff_message, length=1)
raise e
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
welcome_message = _("Welcome aboard, %(user)s!")
welcome_message = welcome_message % {'user': new_user.username}
messages.success(request, welcome_message)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return redirect(settings.LOGIN_REDIRECT_URL)
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
request.session['registered_user'] = new_user.pk
return redirect('misago:register_completed')
return render(request, 'misago/register/form.html', {'form': form})
def create_endpoint(request):
if settings.account_activation == 'closed':
raise PermissionDenied(_("New users registrations are currently closed."))
ban = get_ip_ban(request.user_ip, registration_only=True)
if ban:
raise Banned(ban)
serializer = RegisterUserSerializer(
data=request.data,
context={'request': request},
)
serializer.is_valid(raise_exception=True)
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {'requires_activation': UserModel.ACTIVATION_USER}
elif settings.account_activation == 'admin':
activation_kwargs = {'requires_activation': UserModel.ACTIVATION_ADMIN}
try:
new_user = UserModel.objects.create_user(
serializer.validated_data['username'],
serializer.validated_data['email'],
serializer.validated_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs
)
except IntegrityError:
return Response(
{
'detail': _("Please try resubmitting the form."),
},
status=400,
)
mail_subject = _("Welcome on %(forum_name)s forums!")
mail_subject = mail_subject % {'forum_name': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=serializer.validated_data['password'],
)
login(request, authenticated_user)
mail_user(request, new_user, mail_subject, 'misago/emails/register/complete')
return Response({
'activation': None,
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject, 'misago/emails/register/inactive', {
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
}
)
if activation_by_admin:
activation_method = 'admin'
else:
activation_method = 'user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
def _create_user(request):
if settings.account_activation == 'closed':
raise PermissionDenied(
_("New users registrations are currently closed."))
form = RegisterForm(request.data)
try:
captcha.test_request(request)
except forms.ValidationError as e:
form.add_error('captcha', e)
if not form.is_valid():
return Response(form.errors,
status=status.HTTP_400_BAD_REQUEST)
captcha.reset_session(request.session)
try:
validate_new_registration(
request.user_ip,
form.cleaned_data['username'],
form.cleaned_data['email'])
except PermissionDenied:
staff_message = _("This ban was automatically imposed on "
"%(date)s due to denied register attempt.")
message_formats = {'date': date_format(timezone.now())}
staff_message = staff_message % message_formats
validation_ban = ban_ip(
request.user_ip,
staff_message=staff_message,
length={'days': 1}
)
raise PermissionDenied(
_("Your IP address is banned from performing this action."),
{'ban': validation_ban.get_serialized_message()})
activation_kwargs = {}
if settings.account_activation == 'user':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_USER
}
elif settings.account_activation == 'admin':
activation_kwargs = {
'requires_activation': ACTIVATION_REQUIRED_ADMIN
}
User = get_user_model()
new_user = User.objects.create_user(form.cleaned_data['username'],
form.cleaned_data['email'],
form.cleaned_data['password'],
joined_from_ip=request.user_ip,
set_default_avatar=True,
**activation_kwargs)
mail_subject = _("Welcome on %(forum_title)s forums!")
mail_subject = mail_subject % {'forum_title': settings.forum_name}
if settings.account_activation == 'none':
authenticated_user = authenticate(
username=new_user.email,
password=form.cleaned_data['password'])
login(request, authenticated_user)
mail_user(request, new_user, mail_subject,
'misago/emails/register/complete')
return Response({
'activation': 'active',
'username': new_user.username,
'email': new_user.email
})
else:
activation_token = make_activation_token(new_user)
activation_by_admin = new_user.requires_activation_by_admin
activation_by_user = new_user.requires_activation_by_user
mail_user(
request, new_user, mail_subject,
'misago/emails/register/inactive',
{
'activation_token': activation_token,
'activation_by_admin': activation_by_admin,
'activation_by_user': activation_by_user,
})
if activation_by_admin:
activation_method = 'activation_by_admin'
else:
activation_method = 'activation_by_user'
return Response({
'activation': activation_method,
'username': new_user.username,
'email': new_user.email
})
