def testValidPassword(self):
""" Test valid_password(). """
# everything is okay
self.assert_(valid_password('@#$!@#$%^'))
self.assert_(valid_password('....'))
self.assert_(valid_password('a;3irjq;3 jra;ijaij a;a'))
self.assert_(valid_password('thisis a pass'))
self.assert_(valid_password('a' * NEWS_MAX_PASSWORD_LENGTH))
# unless it is too long or blank
self.assertFalse(valid_password('a' * (NEWS_MAX_PASSWORD_LENGTH + 1)))
self.assertFalse(valid_password(''))
def create_account(request):
"""
Respond to posts for creating an account.
Only takes POSTs.
"""
# if next is passed, get it
next = request.GET.get('next', reverse('news.views.news_items.index'))
next = request.POST.get('next', next)
assert_or_404(valid_next_redirect(next))
assert_or_404(request.method == 'POST')
username = get_from_POST_or_404(request, 'username')
password = get_from_POST_or_404(request, 'password')
# make sure it's a valid username
if not valid_username(username):
request.session['create_account_error'] = 'Username can only ' + \
'consist of letters, numbers, and underscores, and must be ' + \
'less than 30 characters'
request.session['create_account_username'] = username
return HttpResponseRedirect(reverse('news.views.login.login_view') +
"?next=" + next)
# make sure no other users have this username
if User.objects.filter(username=username):
request.session['create_account_error'] = \
'Username ' + username + ' taken'
request.session['create_account_username'] = username
return HttpResponseRedirect(reverse('news.views.login.login_view') +
"?next=" + next)
# make sure it's a valid password
if not valid_password(password):
request.session['create_account_error'] = \
'Password cannot be blank and must be less than 30 characters'
request.session['create_account_username'] = username
return HttpResponseRedirect(reverse('news.views.login.login_view') +
"?next=" + next)
# create the user and userprofile
user = User.objects.create_user(username, '', password)
UserProfile.objects.create(user=user)
return login_view(request)
def change_password(request):
"""
Change password.
On GETs it shows the change password page.
On POSTs it tries to change the user's password.
"""
next = reverse('news.views.login.change_password')
if not request.user.is_authenticated():
return HttpResponseRedirect(
reverse('news.views.login.login_view') +
'?next=' + next)
if request.method != 'POST':
change_password_error = get_from_session(request,
'change_password_error')
return render_to_response('news/change_password.html',
{'change_password_error': change_password_error,
'next': next},
context_instance=RequestContext(request))
password1 = get_from_POST_or_404(request, 'password1')
password2 = get_from_POST_or_404(request, 'password2')
if password1 != password2:
request.session['change_password_error'] = "Passwords do not match"
return HttpResponseRedirect(reverse('news.views.login.change_password'))
if not valid_password(password1):
request.session['change_password_error'] = "Password too long or blank"
return HttpResponseRedirect(reverse('news.views.login.change_password'))
request.user.set_password(password1)
request.user.save()
username = request.user.username
return HttpResponseRedirect(reverse('news.views.users.user', args=(username,)))
