def main_page(request):
tmpl = loader.get_template('auth/main_page.html')
all_users = list(User.all().order('last_name').order('first_name'))
msg = ''
"""Send password reset emails to selected users."""
if request.method == 'POST' :
if request.POST.get('SendPwdEmails') :
num_emails = 0;
for i, user in enumerate(all_users) :
if request.POST.get('checkbox_%d' % (i + 1)) :
num_emails += 1
# Assemble the URL that can be used to access the password
# reset form.
token = auth.get_password_reset_token(user)
url = 'http://%s/auth/reset_password?token=%s' % (
os.environ['HTTP_HOST'], token)
logging.warn('Sent password recovery URL: %s', url)
# Send the email message.
msg_tmpl = loader.get_template('auth/reset_password_email.txt')
msg_ctx = Context({'user': user, 'url': url})
msg_body = msg_tmpl.render(msg_ctx)
# print msg_body
email.send_to_user(
user,
subject='Please Set/Reset your CHIRP password',
body=msg_body)
if num_emails :
msg = 'Email(s) sent.'
"""Lists all users."""
num_active_users = sum(u.is_active for u in AutoRetry(all_users))
active = [u for u in AutoRetry(all_users) if u.is_active]
inactive = [u for u in AutoRetry(all_users) if not u.is_active]
ctx = RequestContext(request, {
'title': 'User Management',
'all_users': active + inactive,
'num_active_users': num_active_users,
'msg' : msg
})
return http.HttpResponse(tmpl.render(ctx))
def main_page(request):
tmpl = loader.get_template('auth/main_page.html')
all_users = list(User.all().order('last_name').order('first_name'))
msg = ''
"""Send password reset emails to selected users."""
if request.method == 'POST':
if request.POST.get('SendPwdEmails'):
num_emails = 0
for i, user in enumerate(all_users):
if request.POST.get('checkbox_%d' % (i + 1)):
num_emails += 1
# Assemble the URL that can be used to access the password
# reset form.
token = auth.get_password_reset_token(user)
url = 'http://%s/auth/reset_password?token=%s' % (
os.environ['HTTP_HOST'], token)
logging.warn('Sent password recovery URL: %s', url)
# Send the email message.
msg_tmpl = loader.get_template(
'auth/reset_password_email.txt')
msg_ctx = Context({'user': user, 'url': url})
msg_body = msg_tmpl.render(msg_ctx)
# print msg_body
email.send_to_user(
user,
subject='Please Set/Reset your CHIRP password',
body=msg_body)
if num_emails:
msg = 'Email(s) sent.'
"""Lists all users."""
num_active_users = sum(u.is_active for u in AutoRetry(all_users))
active = [u for u in AutoRetry(all_users) if u.is_active]
inactive = [u for u in AutoRetry(all_users) if not u.is_active]
ctx = RequestContext(
request, {
'title': 'User Management',
'all_users': active + inactive,
'num_active_users': num_active_users,
'msg': msg
})
return http.HttpResponse(tmpl.render(ctx))
def forgot_password(request):
"""Request a a password reset email.
A user can enter an email address into a form. Submitting causes
an email containing a URL that can be clicked to restore access.
"""
if request.user:
return http.HttpResponseForbidden('Logged-in users prohibited.')
# TODO(trow): Rate-limit password reset emails?
tmpl = loader.get_template('auth/forgot_password.html')
ctx_vars = {
'title': 'Recover Forgotten Password',
}
if request.method == 'GET':
ctx_vars['form'] = auth_forms.ForgotPasswordForm()
else:
form = auth_forms.ForgotPasswordForm(request.POST)
if not form.is_valid():
ctx_vars['form'] = form
else:
ctx_vars['email'] = form.user.email
# Assemble the URL that can be used to access the password
# reset form.
token = auth.get_password_reset_token(form.user)
url = 'http://%s/auth/reset_password?token=%s' % (
os.environ['HTTP_HOST'], token)
logging.warn('Sent password recovery URL: %s', url)
# Construct and send the email message
msg_tmpl = loader.get_template('auth/forgot_password_email.txt')
msg_ctx = Context({'user': form.user, 'url': url})
msg_body = msg_tmpl.render(msg_ctx)
# Actually send the email message.
email.send_to_user(
form.user,
subject='Recovering your forgotten CHIRP password',
body=msg_body)
ctx = RequestContext(request, ctx_vars)
return http.HttpResponse(tmpl.render(ctx))
def forgot_password(request):
"""Request a a password reset email.
A user can enter an email address into a form. Submitting causes
an email containing a URL that can be clicked to restore access.
"""
if request.user:
return http.HttpResponseForbidden('Logged-in users prohibited.')
# TODO(trow): Rate-limit password reset emails?
tmpl = loader.get_template('auth/forgot_password.html')
ctx_vars = {
'title': 'Recover Forgotten Password',
}
if request.method == 'GET':
ctx_vars['form'] = auth_forms.ForgotPasswordForm()
else:
form = auth_forms.ForgotPasswordForm(request.POST)
if not form.is_valid():
ctx_vars['form'] = form
else:
ctx_vars['email'] = form.user.email
# Assemble the URL that can be used to access the password
# reset form.
token = auth.get_password_reset_token(form.user)
url = 'http://%s/auth/reset_password?token=%s' % (
os.environ['HTTP_HOST'], token)
logging.warn('Sent password recovery URL: %s', url)
# Construct and send the email message
msg_tmpl = loader.get_template('auth/forgot_password_email.txt')
msg_ctx = Context({'user': form.user, 'url': url})
msg_body = msg_tmpl.render(msg_ctx)
# Actually send the email message.
email.send_to_user(
form.user,
subject='Recovering your forgotten CHIRP password',
body=msg_body)
ctx = RequestContext(request, ctx_vars)
return http.HttpResponse(tmpl.render(ctx))
def test_password_reset_token_create_and_parse(self):
email = '*****@*****.**'
user = User(email=email)
token = auth.get_password_reset_token(user)
observed_email = auth.parse_password_reset_token(token)
self.assertEqual(email, observed_email)
def test_password_reset_token_create_and_parse(self):
email = '*****@*****.**'
user = User(email=email)
token = auth.get_password_reset_token(user)
observed_email = auth.parse_password_reset_token(token)
self.assertEqual(email, observed_email)