def _activate_user(self, activation_key): """ Given an an activation key, look up and activate the user account corresponding to that key. If the key is not in a valid format or does not have a corresponding RegistrationProfile, then the function returns false. Otherwise, the function returns the activated User """ # Make sure the key we're trying conforms to the pattern of a # SHA1 hash; if it doesn't, no point trying to look it up in # the database. if SHA1_RE.search(activation_key): try: profile = RegistrationProfile.objects.get(activation_key=activation_key) except RegistrationProfile.objects.model.DoesNotExist: return False if not profile.activation_key_expired(): user = profile.user user.is_active = True user.save_base() profile.activation_key = RegistrationProfile.objects.model.ACTIVATED profile.save() return user else: return False
def activate(self, request, **kwargs): try: self.validate_request(request.GET, ['token']) token = request.GET.get("token", None) # Make sure the key we're trying conforms to the pattern of a # SHA1 hash; if it doesn't, no point trying to look it up in # the database. if SHA1_RE.search(token): profile = RegistrationProfile.objects.get(activation_key=token) if not profile.activation_key_expired(): user = profile.user user.is_active = True user.save() profile.activation_key = RegistrationProfile.ACTIVATED profile.save() return self.create_response(request, { "success": True }) else: return http.HttpForbidden('Your activation token is no longer active or valid') else: return http.HttpForbidden('Your activation token is no longer active or valid') except RegistrationProfile.DoesNotExist: return http.HttpNotFound('Your activation token is no longer active or valid') except MalformedRequestError as e: return http.HttpBadRequest("%s as request GET parameters" % e)
def establish_user_profile(self, invitation_key, username, password): """ Validate an activation key and activate the corresponding ``User`` if valid. If the key is valid and has not expired, return the ``User`` after activating. If the key is not valid or has expired, return ``False``. If the key is valid but the ``User`` is already active, return ``False``. To prevent reactivation of an account which has been deactivated by site administrators, the activation key is reset to the string constant ``RegistrationProfile.ACTIVATED`` after successful activation. """ # Make sure the key we're trying conforms to the pattern of a # SHA1 hash; if it doesn't, no point trying to look it up in # the database. if SHA1_RE.search(invitation_key): try: profile = self.get(key=invitation_key) except self.model.DoesNotExist: return False new_user = User.objects.create_user(username=username, email=profile.to_email, password=password) new_group, user_created = GridGroup.objects.get_or_create(founder=new_user, name='My first grid') new_user_profile, profile_created = UserProfile.objects.get_or_create(user=new_user, default_grid=new_group) profile.gridgroup.members.add(new_user.pk) profile.key = self.model.ACTIVATED profile.save() return (new_user, profile.gridgroup) return False
def activate_user(self, activation_key): """ Validate an activation key and activate the corresponding ``User`` if valid. If the key is valid and has not expired, return the ``User`` after activating. If the key is not valid or has expired, return ``False``. If the key is valid but the ``User`` is already active, return ``False``. To prevent reactivation of an account which has been deactivated by site administrators, the activation key is reset to the string constant ``RegistrationProfile.ACTIVATED`` after successful activation. """ # Make sure the key we're trying conforms to the pattern of a # SHA1 hash; if it doesn't, no point trying to look it up in # the database. if SHA1_RE.search(activation_key): profile = self.objects.filter(activation_key=activation_key) if not profile: return False profile = profile[0] if not profile.activation_key_expired(): user = profile.user user.is_active = True user.save() profile.activation_key = self.ACTIVATED profile.save() return user return False
def _get_user(**kwargs): try: activation_key = kwargs.get('activation_key') if SHA1_RE.search(activation_key): return RegistrationProfile.objects.get( activation_key=activation_key).user except RegistrationProfile.DoesNotExist: pass
def can_activate(self, activation_key): if SHA1_RE.search(activation_key): try: profile = RegistrationProfile.objects.get(activation_key=activation_key) except RegistrationProfile.DoesNotExist: return False if not profile.activation_key_expired(): return True return False
def registration_password_confirm(request, activation_key, token=None, template_name='registration/password_reset_confirm.html', token_generator=default_token_generator, set_password_form=SetPasswordForm, post_reset_redirect=None, extra_context=None, redirect_field_name=REDIRECT_FIELD_NAME): """ View that checks the hash in a password activation link and presents a form for entering a new password. We can activate the account for real once we know the email is valid and a password has been set. """ user = None profile = None redirect_to = request.REQUEST.get(redirect_field_name, None) if SHA1_RE.search(activation_key): profile = RegistrationProfile.objects.get(activation_key=activation_key) if not profile.activation_key_expired(): user = profile.user if user is not None and token_generator.check_token(user, token): validlink = True if request.method == 'POST': form = set_password_form(user, request.POST) if form.is_valid(): form.save() activated = RegistrationProfile.objects.activate_user(activation_key) if activated: signals.user_activated.send( sender=profile, user=activated, request=request) # Okay, security check complete. Log the user in. user_with_backend = authenticate( username=user.username, password=form.cleaned_data.get('new_password1')) auth_login(request, user_with_backend) if request.session.test_cookie_worked(): request.session.delete_test_cookie() if redirect_to is None: redirect_to = reverse('accounts_profile') return redirect(redirect_to) else: form = set_password_form(None) else: validlink = False form = None context = { 'form': form, 'validlink': validlink, } if redirect_to: context.update({redirect_field_name: redirect_to}) if extra_context is not None: context.update(extra_context) return render(request, template_name, context)
def return_email(self, invitation_key): """ Get the grid from which the invitation was extended """ if SHA1_RE.search(invitation_key): try: invitation_key = self.get(key=invitation_key) except self.model.DoesNotExist: return None return invitation_key.to_email
def is_valid(self, user, invite_key): """ TODO: documentation """ if SHA1_RE.search(invite_key): try: invite = self.get(invite_key=invite_key) except self.model.DoesNotExist: return False return not invite.invite_key_expired() and user.email == invite.email return False
def is_valid(self, user, invite_key): """ TODO: documentation """ if SHA1_RE.search(invite_key): try: invite = self.get(invite_key=invite_key) except self.model.DoesNotExist: return False return not invite.invite_key_expired( ) and user.email == invite.email return False
def get_key(self, invitation_key): """ Return InvitationKey, or None if it doesn't (or shouldn't) exist. """ if not SHA1_RE.search(invitation_key): return None try: key = self.get(key=invitation_key) except self.model.DoesNotExist: return None return key
def verify(verification_key): if SHA1_RE.search(verification_key): try: profile = RegistrationProfile.objects.get(activation_key=verification_key) except RegistrationProfile.DoesNotExist: return False if not profile.activation_key_expired(): user = profile.user user.save() profile.activation_key = 'EMAIL_VERIFIED' profile.save() return user return False
def get_key(self, invitation_key): ## Return InvitationKey if not SHA1_RE.search(invitation_key): return None try: key = self.get(key=invitation_key) except self.model.DoesNotExist: return None return key
def get_key(self, invitation_key): """ Return InvitationKey, or None if it doesn't (or shouldn't) exist. """ # Don't bother hitting database if invitation_key doesn't match pattern. if not SHA1_RE.search(invitation_key): return None try: key = self.get(key=invitation_key) except self.model.DoesNotExist: return None return key
def activate_user(self, activation_key): """ Validate an activation key and activate the corresponding ``User`` if valid. This overrides the method in the base class. The user does NOT get activated when the profile is activated. If the key is valid and has not expired, return the ``User`` after activating. If the key is not valid or has expired, return ``False``. If the key is valid but the ``User`` is already active, return ``User``. If the key is valid but the ``User`` is inactive, return ``False``. To prevent reactivation of an account which has been deactivated by site administrators, ``RegistrationProfile.activated`` is set to ``True`` after successful activation. """ # Make sure the key we're trying conforms to the pattern of a # SHA1 hash; if it doesn't, no point trying to look it up in # the database. if SHA1_RE.search(activation_key): try: profile = self.get(activation_key=activation_key) except self.model.DoesNotExist: # This is an actual activation failure as the activation # key does not exist. It is *not* the scenario where an # already activated User reuses an activation key. return False if profile.activated: # The User has already activated and is trying to activate # again. If the User is active, return the User. Else, # return False as the User has been deactivated by a site # administrator. if profile.user.is_active: return profile.user else: return False if not profile.activation_key_expired(): profile.activated = True profile.save() return profile.user return False
def is_key_valid(self, invitation_key): """ Check if an ``InvitationKey`` is valid or not, returning a boolean, ``True`` if the key is valid. """ # Make sure the key we're trying conforms to the pattern of a # SHA1 hash; if it doesn't, no point trying to look it up in # the database. if SHA1_RE.search(invitation_key): try: invitation_key = self.get(key=invitation_key) except self.model.DoesNotExist: return False return not invitation_key.key_expired() return False
def activate_user(self, activation_key): """ Validate an activation key and activate the corresponding ``User`` if valid. If the key is valid and has not expired, return the ``User`` after activating. If the key is not valid or has expired, return ``False``. If the key is valid but the ``User`` is already active, return ``False``. To prevent reactivation of an account which has been deactivated by site administrators, the activation key is reset to the string constant ``RegistrationProfile.ACTIVATED`` after successful activation. """ # Make sure the key we're trying conforms to the pattern of a # SHA1 hash; if it doesn't, no point trying to look it up in # the database. if SHA1_RE.search(activation_key): try: profile = self.get(activation_key=activation_key) except self.model.DoesNotExist: return False if not profile.activation_key_expired(): #print "DEBUG: Envoit email a partir de AdminRegistrationManager" user = profile.user user.is_active = True user.save() profile.activation_key = self.model.ACTIVATED profile.save() # Send an email to the user #ctx_dict = {'activation_key': self.activation_key, # 'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS, # 'site': site} #subject = render_to_string('registration/activation_email_subject.txt', # ctx_dict) # Email subject *must not* contain newlines #subject = ''.join(subject.splitlines()) #message = render_to_string('registration/activation_email.txt', # ctx_dict) #user.email_user(subject, message, settings.DEFAULT_FROM_EMAIL) return user return False
def accept_invite(self, user, invite_key): """ TODO: documentation """ if SHA1_RE.search(invite_key): try: invite = self.get(invite_key=invite_key) except self.model.DoesNotExist: return False if not invite.invite_key_expired() and user.email == invite.email: profile = user.profile profile.house = invite.house profile.save() invite.invite_key = self.model.INVITE_ACCEPTED invite.save() return user return False
def activate(self, request, activation_key): """ Override default activation process. This will activate the user even if its passed its expiration date. """ if SHA1_RE.search(activation_key): try: profile = RegistrationProfile.objects.get(activation_key=activation_key) except RegistrationProfile.DoesNotExist: return False user = profile.user user.is_active = True user.save() profile.activation_key = RegistrationProfile.ACTIVATED profile.save() return user return False
def activate(self, request, activation_key): """ Override default activation process. This will activate the user even if its passed its expiration date. """ if SHA1_RE.search(activation_key): try: profile = RegistrationProfile.objects.get( activation_key=activation_key) except RegistrationProfile.DoesNotExist: return False user = profile.user user.is_active = True user.save() profile.activation_key = RegistrationProfile.ACTIVATED profile.save() return user return False
def activate_user(self, activation_key, enable=True): """ Override default manager to have extra parameter 'enable' that allows adding an extra step to have a user active (as happens on RESTRICTED mode) """ if SHA1_RE.search(activation_key): try: profile = self.get(activation_key=activation_key) except self.model.DoesNotExist: return False if not profile.activation_key_expired(): user = profile.user if enable: user.is_active = True user.save() profile.activation_key = self.model.ACTIVATED profile.save() return user return False
def activate(self, request, **kwargs): token = request.GET.get("token", None) success = False # Make sure the key we're trying conforms to the pattern of a # SHA1 hash; if it doesn't, no point trying to look it up in # the database. if SHA1_RE.search(token): try: profile = RegistrationProfile.objects.get(activation_key=token) if not profile.activation_key_expired(): user = profile.user user.is_active = True user.save() profile.activation_key = RegistrationProfile.ACTIVATED profile.save() success = True except RegistrationProfile.DoesNotExist: success = False return self.create_response(request, { "success": success })
def get_key(self, invitation_key): """ Return InvitationKey, or None if it doesn't (or shouldn't) exist. """ try: code = InvitationCode.objects.get(code=invitation_key) if self.filter(key=invitation_key).count() < code.redeem_limit: key = self.model(key=invitation_key, from_user=code.from_user) return key except InvitationCode.DoesNotExist: pass # Don't bother hitting database if invitation_key doesn't match pattern. if not SHA1_RE.search(invitation_key): return None try: key = self.get(key=invitation_key) except self.model.DoesNotExist: return None return key
def activate(self, request, activation_key): self.activation_key = activation_key if SHA1_RE.search(activation_key): try: profile = RegistrationProfile.objects.get( activation_key=activation_key) if not profile.activation_key_expired(): user = profile.user if user.password.startswith('!'): messages.info(self.request, _("Please set a password to protect your account.")) else: activated = RegistrationProfile.objects.activate_user( activation_key) if activated: signals.user_activated.send( sender=profile, user=activated, request=request) messages.info(self.request, _("Thank you. Your account is now activate." \ " You can sign in at your convienience.")) return user except RegistrationProfile.DoesNotExist: return False return False
def activate(request, activation_key, template_name='registration/activate.html', extra_context=None): # Activate, then add this account to any Racks that were created # anonymously with this user's email address. I would prefer to # simply wrap the registration.views.activate function from # django-registration, but I can't really do that because I can't # get at the activated user - it just returns rendered HTML. So, # I'm copy-pasting its code. context_instance = RequestContext(request) from registration.models import RegistrationProfile # -- Begin copy-pasted code from django-registration. activation_key = activation_key.lower() # Normalize before trying anything with it. account = RegistrationProfile.objects.activate_user(activation_key) if extra_context is None: extra_context = {} for key, value in extra_context.items(): context_instance[key] = callable(value) and value() or value # -- End copy-pasted code from django-registration. # Let the user know if activation failed, and why. context_instance['key_status'] = 'Activation failed. Double-check your URL' if account: context_instance['key_status'] = 'Activated' else: from registration.models import SHA1_RE if not SHA1_RE.search(activation_key): context_instance['key_status'] = ('Malformed activation key. ' 'Make sure you got the URL right!') else: reg_profile = RegistrationProfile.objects.filter( activation_key=activation_key) if reg_profile: reg_profile = reg_profile[0] if reg_profile.activation_key_expired(): context_instance['key_status'] = 'Activation key expired' else: # Unfortunately it's impossible to be sure if the user already # activated, because activation causes the key to be reset. # We could do it if we knew who the user was at this point, # but we don't. context_instance['key_status'] = ('No such activation key.' ' Maybe you already activated?') # Now see if we need to reset the password. token = request.REQUEST.get('token') context_instance['valid_reset_token'] = False if token: uidb36 = request.REQUEST['uidb36'] # Copy-paste-and-hack code from django.contrib.auth.views, yay. try: uid_int = base36_to_int(uidb36) except ValueError: raise Http404 user = get_object_or_404(User, id=uid_int) context_instance['token'] = token context_instance['uidb36'] = uidb36 context_instance['username'] = user.username if token_generator.check_token(user, token): context_instance['valid_reset_token'] = True if request.method == 'POST': form = SetPasswordForm(user, request.POST) if form.is_valid(): form.save() flash('Password changed.', request) from django.contrib.auth import login, authenticate user = authenticate(username=user.username, password=request.POST['new_password1']) if user: login(request, user) return HttpResponseRedirect('/') # Post-activation: Modify anonymous racks. context_instance['activation_key'] = activation_key if account: for rack in Rack.objects.filter(email=account.email, user=u''): rack.user = account.username rack.save() return render_to_response(template_name, { 'account': account, 'expiration_days': settings.ACCOUNT_ACTIVATION_DAYS }, context_instance=context_instance)